Skip to content

Commit c2d0f69

Browse files
gbm25gbm25
committed
chore: Encryption and decryption in token
1 parent 699845f commit c2d0f69

File tree

3 files changed

+10
-7
lines changed

3 files changed

+10
-7
lines changed

.github/workflows/deploy-chatbot.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,8 +52,9 @@ jobs:
5252
with:
5353
project: ${{ needs.parse-command.outputs.project }}
5454
environment: ${{ needs.parse-command.outputs.environment }}
55-
zdctoken: ${{ needs.generate-token.outputs.zdctoken }}
56-
secrets: inherit
55+
secrets:
56+
ZDC_TOKEN: ${{ needs.generate-token.outputs.zdctoken }}
57+
PASSPHRASE_ACTION_TOKEN: ${{ secrets.PASSPHRASE_ACTION_TOKEN }}
5758

5859
deploy-infra:
5960
needs: [parse-command, notify-user]

.github/workflows/deploy-project.yml

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,11 @@ on:
99
environment:
1010
required: true
1111
type: string
12-
zdctoken:
12+
secrets:
13+
ZDC_TOKEN:
14+
required: true
15+
PASSPHRASE_ACTION_TOKEN:
1316
required: true
14-
type: string
1517

1618
jobs:
1719
deploy_project_artifact:
@@ -20,7 +22,7 @@ jobs:
2022
- name: Decrypt ZDC Token
2123
id: decrypt-token
2224
run: |
23-
ENCRYPTED_TOKEN="${{ secrets.zdctoken }}"
25+
ENCRYPTED_TOKEN="${{ secrets.ZDC_TOKEN }}"
2426
DECRYPTED_TOKEN=$(echo "$ENCRYPTED_TOKEN" | base64 -d | gpg --decrypt --quiet --batch --passphrase "${{ secrets.PASSPHRASE_ACTION_TOKEN }}")
2527
echo "ZDCTOKEN=$DECRYPTED_TOKEN" >> $GITHUB_ENV
2628
echo "::add-mask::$DECRYPTED_TOKEN"

.github/workflows/generate-token.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ jobs:
77
generate-token:
88
runs-on: ubuntu-latest
99
outputs:
10-
zdctoken: ${{ steps.generate-zdc-token.outputs.encrypt-token }}
10+
ZDC_TOKEN: ${{ steps.encrypt-token.outputs.encrypt-token }}
1111
steps:
1212
- name: Generate GitHub App Token
1313
uses: actions/create-github-app-token@v1
@@ -22,4 +22,4 @@ jobs:
2222
run: |
2323
TOKEN="${{ steps.generate-zdc-token.outputs.token }}"
2424
ENCRYPTED_TOKEN=$(echo -n "$TOKEN" | gpg --symmetric --quiet --batch --passphrase "${{ secrets.PASSPHRASE_ACTION_TOKEN }}" | base64 -w0)
25-
echo "zdctoken=$ENCRYPTED_TOKEN" >> $GITHUB_OUTPUT
25+
echo "ZDC_TOKEN=$ENCRYPTED_TOKEN" >> $GITHUB_OUTPUT

0 commit comments

Comments
 (0)