So I have a deployment pipeline setup in GitHub actions which really just sets some environment variables and then runs the aws cdk deploy command.
- name: deploy backend
run: |
cd aws
npm install
export STAGE=${GITHUB_REF##*/}
export MAILCHIMP_API_KEY=${{ secrets.MAILCHIMP_API_KEY }}
export MAILCHIMP_LIST_ID=${{ secrets.MAILCHIMP_LIST_ID }}
cdk deploy --all --outputs-file output.json --require-approval never
I was trying to figure out a way whereby all environment variables with corresponding names in GitHub Secrets shall be created automatically (meaning, if I need a new secret, I don't have to modify my workflow file).
With the end goal of getting something like this:
- name: deploy backend
run: |
cd aws
npm install
# export all secrets
cdk deploy --all --outputs-file output.json --require-approval never
For some additional context, as this project grows, I don't want to worry about needing to add an export line for each additional environment variable that I add here. Not sure if there is an entirely better approach, native gh features, etc. to use here but curious if anyone else has come across something similar.
This is not supported natively as of today, but there's a community action on the Marketplace that does this: https://github.com/marketplace/actions/export-all-secrets-to-env-variables
- uses: oNaiPs/secrets-to-env-action@v1
with:
secrets: ${{ toJSON(secrets) }}