GitHub Actions

How to use the CloudTruth configure-action

This walkthrough shows you how to use CloudTruth parameters safely and securely with GitHub Actions using our configure-action.

Prerequisites

Update GitHub Repository Secrets

Adding your CloudTruth API access token as a GitHub secret allows GitHub Actions to reference the API token when running a workflow. This allows you to bring configuration and secrets from your CloudTruth projects into GitHub workflows.

In your GitHub repository settings, add a new repository secret with the name CLOUDTRUTH_TOKEN that contains your API access token as the value:

Adding a Repository Secret

The action can be used to inject the configuration and secrets from a project's environment into your GitHub workflow. Within the same job, steps following the action will have environment variables set to those in your project, based on the environment you choose:

---
name: 'demo'
on:
pull_request: {}
​
jobs:
demo:
runs-on: ubuntu-latest
steps:
- uses: cloudtruth/configure-[email protected]
with:
token: "${{ secrets.CLOUDTRUTH_TOKEN }}"
project: default
environment: default
​
- name: dump the environment
run: |
printenv | sort

GitHub Action results will show the environment variables that were added to the job, and which parameters were redacted.

The output below comes from the configure-action repository and shows a run from parameters that were pre-configured for the configure-action demo script - your output will match the parameters you created.

Example workflow result

A complete example is found in the demo workflow of the configure-action repository.