darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-27 10:51:40 -05:00
Code Issues Packages Projects Releases Wiki Activity

update baseline

Browse Source
This commit is contained in:
Kenneth Kehl
2024-08-22 07:22:30 -07:00
parent 6383feea3e
commit 6401378715
2 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
.github/workflows/checks.yml vendored
View File

@@ -16,6 +16,29 @@ env:
AWS_US_TOLL_FREE_NUMBER: "+18556438890"
jobs:
rotate-secret:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Generate new secret value
id: generate-secret
run: |
# Generate a new random secret value
NEW_SECRET=$(openssl rand -base64 32)
echo "new-secret=$NEW_SECRET" >> $GITHUB_ENV
- name: Update GitHub secret
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NEW_SECRET: ${{ env.new-secret }}
run: |
# Update the secret in the repository
curl -X PUT \
-H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/${{ github.repository }}/actions/secrets/DANGEROUS_SALT \
-d "{\"encrypted_value\":\"$(echo -n $NEW_SECRET | base64)\",\"key_id\":\"$(curl -H 'Authorization: token $GITHUB_TOKEN' https://api.github.com/repos/${{ github.repository }}/actions/secrets/public-key | jq -r '.key_id')\"}"
build:
runs-on: ubuntu-latest