actions/vault-action
12
0
Fork 0
mirror of https://github.com/hashicorp/vault-action.git synced 2026-05-16 13:00:31 +00:00
Code Activity Actions

Merge d88110db84 into 892a26828f

Browse source
This commit is contained in:
sius 2026-05-13 15:34:36 +02:00 committed by GitHub
commit 8c53fcddcd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 5791 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

31
README.md
View file

@ -33,6 +33,7 @@ is not meant to modify Vaults state.
- [KV secrets engine version 2](#kv-secrets-engine-version-2)
- [Other Secret Engines](#other-secret-engines)
- [Adding Extra Headers](#adding-extra-headers)
- [Proxy Support](#proxy-support)
- [HashiCorp Cloud Platform or Vault Enterprise](#hashicorp-cloud-platform-or-vault-enterprise)
- [Namespace](#namespace)
- [Reference](#reference)
@ -502,6 +503,36 @@ with:
This will automatically add the `x-secure-id` and `x-secure-secret` headers to every request to Vault.
## Proxy Support
If your action runs on a self-hosted GitHub Runner behind a proxy, you can enable proxy support through [global-agent environment variables](https://github.com/gajus/global-agent?tab=readme-ov-file#environment-variables),
which supports the `got` request library (https://github.com/gajus/global-agent?tab=readme-ov-file#supported-libraries)
```yaml
steps:
# ...
- name: Import Secrets
uses: hashicorp/vault-action
with:
url: https://vault-enterprise.mycompany.com:8200
method: token
token: ${{ secrets.VAULT_TOKEN }}
namespace: admin
secrets: |
secret/data/ci/aws accessKey | AWS_ACCESS_KEY_ID ;
secret/data/ci/aws secretKey | AWS_SECRET_ACCESS_KEY ;
secret/data/ci npm_token
env:
GLOBAL_AGENT_HTTP_PROXY: "http://replace-with-your-proxy-host-and-port"
```
- The `GLOBAL_AGENT_HTTP_PROXY` environment variable will manage HTTP and HTTPS requests.
- The URL protocol must be "http:", otherwise an `UNEXPECTED_STATE_ERROR` will be thrown; empty/undefined values will be gracefully ignored.
- With the `GLOBAL_AGENT_HTTPS_PROXY` environment variable it is possible to set a distinct proxy for HTTPS requests.
- Proxy support will be only available for Node.js v10 and above.
For further information, see [global-agent library](https://github.com/gajus/global-agent?tab=readme-ov-file#global-agent)
## HashiCorp Cloud Platform or Vault Enterprise
If you are using [HCP Vault](https://cloud.hashicorp.com/products/vault)