This is definitely a feature request, but I think it would be a great one. Some environment variables are needed for the app to run, some are just needed to log into the instance and create the docker container, for example.

Therefore, it would be wonderful to have an omit property, which is simply a comma-separated list of keys to omit from the environment output.

So if the collection of environment variables is:

[
    { key: 'ENV1', value: 'value 1' },
    { key: 'ENV2', value: 'value 2' },
    { key: 'ENV3', value: 'value 3' },
    { key: 'ENV4', value: 'value 4' },
]

Then you could supply an omit property of something like:

omit: ENV1,ENV3

Then the resulting environment variables would only be:

ENV2=value 2
ENV4=value 4

https://github.com/marketplace/new

Have been getting this warning for some time now on this action:

Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: say8425/aws-secrets-manager-actions@v2. 

For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/

I am getting this warning:

Node.js 12 actions are deprecated. For more information see: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/. Please update the following actions to use Node.js 16: say8425/aws-secrets-manager-actions.

Thank you for the GH action! We have recently hit the set-env issue.
https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/

I see that the most release v1.3.0 is not out yet:
https://github.com/say8425/aws-secrets-manager-actions/runs/1338353950?check_suite_focus=true

Would you please let us know if there is a way to access a working version?

Very nice work! One issue I ran into when testing this myself is that AWS SM supports raw text values, in addition to key-value pairs. It would be good to have a flag to set whether to try to parse key value pairs, or just read the raw secretstring and assign it to a supplied environment variable name.

I don't know how often plaintext gets used in SM overall, but some other tools expect plaintext values such as https://github.com/Accenture/hiera-aws-sm, so it would be great to support that as an option.

• github badge
• https://github.com/kefranabg/readme-md-generator

• https://github.com/marketplace/actions/github-action-test-automation
• I'm not sure but it will be worked??

jobs:  
  test:  
    runs-on: ubuntu-latest  
    name: test-action  
    steps:  
     - name: Store ENV from AWS SecretManager
       uses: say8425/aws-secrets-manager-actions@v1
       with:
         AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
         AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
         AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
         SECRET_NAME: ${{ secrets.SECRET_NAME }}
     - name: Should have SCIENTIFIC_NAME
       uses: therussiankid92/gat
       with:  
         assertion: should.equal  
         expected: Pygoscelis adeliae
         actual: ${{ env.SCIENTIFIC_NAME }}  

• add test tag

https://feathericons.com

Hey @say8425,

Thanks a lot for your open source contribution!

I'm wondering if is there a way to mask the environment variables because they're shown in plain text. I found this https://github.community/t5/GitHub-Actions/GitHub-Actions-Mask-non-GitHub-Env-Secrets/td-p/29714

Thanks in advance!

Current eslint config look so stupid.
For example why we need jsx option?

https://github.com/marketplace/actions/release-github-actions
https://github.com/release-drafter/release-drafter
https://help.github.com/en/actions/automating-your-workflow-with-github-actions/about-actions#versioning-your-action

Hi, when I try to use your action, I get errors with messages like "The set-env command is disabled. "

I believe this is because your most recent release is v1.2.1, which was released before you upgraded to @actions/core version 1.2.6.

Would you mind publishing a new release to the actions marketplace?

It would be great if you can make secrets pushing to Secret Manager from json file

I am using this great package for some GitHub Actions which export some environment variables to a file. One issue I am running into is that I am using DamianReeves/write-file-action to append additional environment variables to the outputted file. However, because of the limitations of .yml files, I am unable to insert a preceeding line break in the DamianReeves/write-file-action content property, so the appended items corrupt the last line of the output file from your action. I think this would be easily solved if the output file content has all items output with a newline at the end.

In order to make all lines end with a newline (including the last line), would it be acceptable to change this line:

      const secretsAsEnv = Object.entries(parsedSecret).map(([key, value]) => `${key}=${value}`).join('\n')

to this:

      const secretsAsEnv = Object.entries(parsedSecret).map(([key, value]) => `${key}=${value}\n`)

Action just crashes with this error:
File not found: '/home/runner/work/_actions/say8425/aws-secrets-manager-actions/v1.3.2/dist/index.js'

Run say8425/[email protected]
 with:
   AWS_ACCESS_KEY_ID: ***
   AWS_SECRET_ACCESS_KEY: ***
   AWS_DEFAULT_REGION: ap-northeast-2
   SECRET_NAME: pongdang-env-test
/home/runner/work/_actions/say8425/aws-secrets-manager-actions/v0.9.1/dist/index.js:208
const secretName = _actions_core__WEBPACK_IMPORTED_MODULE_0___default().getInput('SECRET_NAME')

TypeError: Cannot read property 'getInput' of undefined
  at Module.104 (/home/runner/work/_actions/say8425/aws-secrets-manager-actions/v0.9.1/dist/index.js:208:72)
  at __webpack_require__ (/home/runner/work/_actions/say8425/aws-secrets-manager-actions/v0.9.1/dist/index.js:22:30)
  at startup (/home/runner/work/_actions/say8425/aws-secrets-manager-actions/v0.9.1/dist/index.js:37:19)
  at /home/runner/work/_actions/say8425/aws-secrets-manager-actions/v0.9.1/dist/index.js:43:18
  at Object.<anonymous> (/home/runner/work/_actions/say8425/aws-secrets-manager-actions/v0.9.1/dist/index.js:46:10)
  at Module._compile (internal/modules/cjs/loader.js:774:30)
  at Object.Module._extensions..js (internal/modules/cjs/loader.js:785:10)
  at Module.load (internal/modules/cjs/loader.js:641:32)
  at Function.Module._load (internal/modules/cjs/loader.js:556:12)
  at Function.Module.runMain (internal/modules/cjs/loader.js:837:10)
##[error]Node run failed with exit code 1

looks github core module not imported well.
https://github.com/say8425/PongDang-API/runs/299328097

The latest release (v2.2.0) claims a move to node16, however I'm see seeing references to node 12:
https://github.com/say8425/aws-secrets-manager-actions/blob/v2.2.0/action.yml#L23

Also receiving warnings from pipeline runs:
Node.js 12 actions are deprecated. Please update the following actions to use Node.js 16: say8425/[email protected].

Maybe forked branch dose not trigger

Hi @say8425 ,

I'm using SSM to save a lot of env variables so I'm looking for a way to pass them at once.

Example:

- name: Make environment variables from AWS SecretManager global available
  uses: say8425/[email protected]
  with:
     AWS_ACCESS_KEY_ID: ${{ secrets.staging_AWS_ACCESS_KEY_ID }}
     AWS_SECRET_ACCESS_KEY: ${{ secrets.staging_AWS_SECRET_ACCESS_KEY }}
     AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
     SECRET_NAME: ${{ secrets.staging_SECRET_NAME }}

- name: Build package
  run: |
      env > .env
      docker-compose -f docker-compose.deploy.yml run \
        --rm --no-deps -u root \
        -v ${GITHUB_WORKSPACE}/build:/home/node/app/build \
        frontend \
        npm run build

As you see, I pass them via env > .env but it contains a lot of system envs like PATH, HOME, etc

A possible solution might be export SSM env variables to $GITHUB_WORKSPACE/<ssm-var-name> file.

With that implemented I would do this:

- name: Make environment variables from AWS SecretManager global available
  uses: say8425/[email protected]
  with:
     AWS_ACCESS_KEY_ID: ${{ secrets.staging_AWS_ACCESS_KEY_ID }}
     AWS_SECRET_ACCESS_KEY: ${{ secrets.staging_AWS_SECRET_ACCESS_KEY }}
     AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
     SECRET_NAME: ${{ secrets.staging_SECRET_NAME }}
     OUTPUT_PATH: ${{ github.workspace }}/.env

- name: Build package
  run: |
      # .env is present here
      docker-compose -f docker-compose.deploy.yml run \
        --rm --no-deps -u root \
        -v ${GITHUB_WORKSPACE}/build:/home/node/app/build \
        frontend \
        npm run build

With the above configuration, I only pass SSM values instead of the whole system vars

Todo

• Cache
• Package Version Check Action
• Release Package
• Publish Release

References

• https://github.com/technote-space/package-version-check-action/blob/master/.github/workflows/ci.ym

References

• https://github.com/actions/typescript-action
• https://github.com/jsynowiec/node-typescript-boilerplate
• https://github.com/JS-DevTools/template-node-typescript