explain how to run act with secrets

again, thought this might be helpful for other users.
**Caveat**: I'm not an InfoSec expert, so someone should look this over.
Don't want to encourage people to do stupid things.
This commit is contained in:
Max Held 2019-05-20 20:04:47 +02:00 committed by GitHub
parent f2cb9e391e
commit 6fd3811ec6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -49,6 +49,17 @@ act -r
act -v
```
# Secrets
To run `act` with secrets, you can enter them interactively or supply them as environment variables.
If you have a secret called `FOO` in your `main.workflow`, `act` will take whatever you have set as `FOO` in the session from which you are running `act`.
If `FOO` is unset, it will ask you interactively.
You can set environment variables for the current session by running `export FOO="zap"`, or globally in your `.profile`.
You can also set environment variables *per directory* using a tool such as [direnv](https://direnv.net/).
**Be careful not to expose secrets**:
You may want to `.gitignore` any files or folders containing secrets, and/or encrypt secrets.
# Support
Need help? Ask on [Gitter](https://gitter.im/nektos/act)!