diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e59a467..ce7a573 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -20,10 +20,7 @@ jobs: env: ACTION_SECRET_PASSWORD: dl://918E3113-CA48-4642-8FAF-CE832BDED6BE/password ACTION_SECRET_NOTE: dl://918E3113-CA48-4642-8FAF-CE832BDED6BE/note - DASHLANE_DEVICE_ACCESS_KEY: ${{ secrets.DASHLANE_DEVICE_ACCESS_KEY }} - DASHLANE_DEVICE_SECRET_KEY: ${{ secrets.DASHLANE_DEVICE_SECRET_KEY }} - DASHLANE_LOGIN: ${{ secrets.DASHLANE_LOGIN }} - DASHLANE_MASTER_PASSWORD: ${{ secrets.DASHLANE_MASTER_PASSWORD }} + DASHLANE_SERVICE_DEVICE_KEYS: ${{ secrets.DASHLANE_SERVICE_DEVICE_KEYS }} - name: test secret values env: ACTION_SECRET_PASSWORD: ${{ steps.load_secrets.outputs.ACTION_SECRET_PASSWORD }} @@ -39,10 +36,7 @@ jobs: id: load_secrets uses: ./ # Dashlane/load-secrets-action@ env: - DASHLANE_DEVICE_ACCESS_KEY: ${{ secrets.DASHLANE_DEVICE_ACCESS_KEY }} - DASHLANE_DEVICE_SECRET_KEY: ${{ secrets.DASHLANE_DEVICE_SECRET_KEY }} - DASHLANE_LOGIN: ${{ secrets.DASHLANE_LOGIN }} - DASHLANE_MASTER_PASSWORD: ${{ secrets.DASHLANE_MASTER_PASSWORD }} + DASHLANE_SERVICE_DEVICE_KEYS: ${{ secrets.DASHLANE_SERVICE_DEVICE_KEYS }} - name: Test with no entries env: ACTION_SECRET_PASSWORD: ${{ steps.load_secrets.outputs.ACTION_SECRET_PASSWORD }} diff --git a/README.md b/README.md index ca21e66..0b9aa20 100644 --- a/README.md +++ b/README.md @@ -1,43 +1,25 @@ # Dashlane Load Secrets Action -## About +`load-secrets-action` is built using `Dashlane CLI` and `Github Actions`. It allows developers to inject their secrets vault from Dashlane to their Github workflow. -`load-secrets-action` is built using `Dashlane CLI` and `Github Actions`. It allows developers to inject their secrets vault from Dashlane to their github workfow. +## Usage -## Requirements +> [!IMPORTANT] +> To setup this action you need a Dashlane account and the Dashlane CLI to be installed on your machine. You can download the Dashlane CLI [here](https://dashlane.github.io/dashlane-cli/install). -- `Dashlane CLI`for device registration -- `Node.js` and `npm`to run the project locally - -## How to run this project locally - -1- install dependencies: +**1- Register your device locally** ```sh -npm i -``` - -2- any change to the `index.js` requires a local build so that the the `dist` folder gets updated : - -```sh -ncc build src/index.js -``` - -## How to use - -1- Register your device locally - -```sh -dcli devices register "server-name" +dcli devices register "action-name" ``` For more details refer to Dashlane CLI documentation https://dashlane.github.io/dashlane-cli -2- Set the environment variables prompted by the previous step in your GitHub repository’s secrets and variables +**2- Set the environment variable prompted by the previous step in your GitHub repository’s secrets and variables** ![Github Secrets](./documentation/github_secrets.png) -3- Set the same env variables in your pipeline as well as the ids of the secrets you want to read from Dashlane starting with `dl://` +**3- Set the same env variables in your pipeline as well as the ids of the secrets you want to read from Dashlane starting with `dl://`** ```yml steps: @@ -48,13 +30,10 @@ steps: env: ACTION_SECRET_PASSWORD: dl://918E3113-CA48-4642-8FAF-CE832BDED6BE/password ACTION_SECRET_NOTE: dl://918E3113-CA48-4642-8FAF-CE832BDED6BE/note - DASHLANE_DEVICE_ACCESS_KEY: ${{ secrets.DASHLANE_DEVICE_ACCESS_KEY }} - DASHLANE_DEVICE_SECRET_KEY: ${{ secrets.DASHLANE_DEVICE_SECRET_KEY }} - DASHLANE_LOGIN: ${{ secrets.DASHLANE_LOGIN }} - DASHLANE_MASTER_PASSWORD: ${{ secrets.DASHLANE_MASTER_PASSWORD }} + DASHLANE_SERVICE_DEVICE_KEYS: ${{ secrets.DASHLANE_SERVICE_DEVICE_KEYS }} ``` -4- Retrieve your secrets in any next step of your pipeline using `GITHUB_OUTPUT` +**4- Retrieve your secrets in any next step of your pipeline using `GITHUB_OUTPUT`** ```yml - name: test secret values @@ -62,3 +41,28 @@ steps: ACTION_SECRET_PASSWORD: ${{ steps.load_secrets.outputs.ACTION_SECRET_PASSWORD }} ACTION_SECRET_NOTE: ${{ steps.load_secrets.outputs.ACTION_SECRET_NOTE }} ``` + +## Development + +### Requirements + +- `Dashlane CLI`for device registration +- `Node.js` and `npm`to run the project locally + +### How to run this project locally + +1- install dependencies: + +```sh +npm i +``` + +2- any change to the `index.js` requires a local build so that the the `dist` folder gets updated : + +```sh +ncc build src/index.js +``` + +## Contributing + +Feel free to contribute to this project, fork and pull request your ideas. Don't include work that is not open source or not from you. diff --git a/documentation/github_secrets.png b/documentation/github_secrets.png index cc19870..567ea69 100644 Binary files a/documentation/github_secrets.png and b/documentation/github_secrets.png differ diff --git a/src/utils.sh b/src/utils.sh index dded0cf..a084ded 100755 --- a/src/utils.sh +++ b/src/utils.sh @@ -15,23 +15,8 @@ check_credentials() { # Check all Dashlane and access keys are provided # Make them available to the current step through env vari - if [ -z "$DASHLANE_DEVICE_ACCESS_KEY" ]; then - echoError "DASHLANE_DEVICE_ACCESS_KEY is missing" - exit 1 - fi - - if [ -z "$DASHLANE_DEVICE_SECRET_KEY" ]; then - echoError "DASHLANE_DEVICE_SECRET_KEY is missing" - exit 1 - fi - - if [ -z "$DASHLANE_LOGIN" ]; then - echoError "DASHLANE_LOGIN is missing" - exit 1 - fi - - if [ -z "$DASHLANE_MASTER_PASSWORD" ]; then - echoError "DASHLANE_MASTER_PASSWORD is missing" + if [ -z "$DASHLANE_SERVICE_DEVICE_KEYS" ]; then + echoError "DASHLANE_SERVICE_DEVICE_KEYS is missing" exit 1 fi @@ -49,10 +34,10 @@ install_cli() { exit 1 fi - curl -sSfLo dcli https://github.com/Dashlane/dashlane-cli/releases/download/v6.2405.0/dcli-linux-x64 + curl -sSfLo dcli https://github.com/Dashlane/dashlane-cli/releases/download/v6.2421.0/dcli-linux-x64 elif [[ "$OSTYPE" == "darwin"* ]]; then - curl -sSfLo dcli https://github.com/Dashlane/dashlane-cli/releases/download/v6.2405.0/dcli-macos-arm64 + curl -sSfLo dcli https://github.com/Dashlane/dashlane-cli/releases/download/v6.2421.0/dcli-macos-arm64 else echoError "Operating system not supported yet for this GitHub Action: $OSTYPE." exit 1