Skip to content
shield

GitHub Action

Export all variables from secrets and vars contexts to env variables

v1 Latest version

Export all variables from secrets and vars contexts to env variables

shield

Export all variables from secrets and vars contexts to env variables

Utility action that exports all github secrets and vars to environment variables

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: Export all variables from secrets and vars contexts to env variables

              
  uses: easyware-io/export-to-env@v1
Learn more about this action in easyware-io/export-to-env

Choose a version

easyware-io/export-to-env@v1

CI

Using GitHub variables and secrets can be confusing, when you don't know in which context a given variable is. Also importing one by one can be a big effort, depending on the amount of variables you have. To make life easier, with this you can export all (or just some) of the variables into the workflow env context, making it easily accessible with ${{ env.VARIABLE }}.

Let's move from this ...

- run: echo "Value of MY_SECRET1: $MY_SECRET1"
  env:
    MY_SECRET1: ${{ secrets.MY_SECRET1 }}
    MY_SECRET2: ${{ secrets.MY_SECRET2 }}
    MY_SECRET3: ${{ secrets.MY_SECRET3 }}
    MY_SECRET4: ${{ secrets.MY_SECRET4 }}
    MY_SECRET5: ${{ secrets.MY_SECRET5 }}
    MY_SECRET6: ${{ secrets.MY_SECRET6 }}
    ...

... to this

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}

Usage

Basic usage

- name: Export secrets and vars to local env
  uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    vars: ${{ toJSON(vars) }}

⚠️ Unfortunately the action script itself does not have access to the variables in your repo. That's why you need to pass them as a JSON. You can inform both vars and secrets or just one of them. Informing none will not do anything.

Optional params

except

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    except: MY_SECRET, DB_* # (comma separated, supports regex)
    # MY_SECRET any anything starting with DB_ will not be exported

only

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    only: MY_SECRET, DB* # (comma separated, supports regex)
    # only MY_SECRET any anything starting with DB_ will be exported. The rest is ignored

prefix

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    prefix: PREFIXED_ # (string)
    # MY_SECRET will be exported as PREFIXED_MY_SECRET

suffix

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    suffix: _SUFFIXED # (string)
    # MY_SECRET will be exported as MY_SECRET_SUFFIXED

override

env:
  MY_SECRET: DONT_OVERRIDE
steps:
- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    override: false # (boolean) default: false
- run: echo "Value of MY_SECRET: $MY_SECRET"
  # Value of MY_SECRET: DONT_OVERRIDE

transform

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    transform: lowercase # (lowercase | uppercase | camelcase | constant | pascalcase | pascalSnakeCase | snakecase)
    # Will be accessible with $my_secret

transformPrefix, transformSuffix

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    prefix: PREFIXED_
    transform: lower
    transformPrefix: false # (boolean) default: true
    # MY_SECRET would become PREFIXED_my_secret

convert

- uses: easyware-io/export-to-env@v1
  with:
    secrets: ${{ toJSON(secrets) }}
    convert: 'base64' # (base64 | utf8)
    # MY_SECRET will be exported converted to a base64 string.
    # AFFECTS ONLY SECRETS. vars are always exported as plain text.

License

The scripts and documentation in this project are released under the MIT License

Contributions

Contributions are welcome!

Inspiration

Inspired by oNaiPs/secrets-to-env-action