Skip to main content
Version: 3.25

GitHub Actions Integration

GitHub is a platform for hosting source code and versioned files using Git. It allows programmers, utilities or any registered user on the platform to contribute on private or Open Source projects from anywhere in the world.

Through GitHub Actions it is possible to automate, customize and execute software development workflows directly in the repository.

senhasegura DSM uses the CLI to integrate with CI/CD pipelines, where it captures all running environment variables at that specific build or deployment, providing a sensible variables discovery, as well as injecting secrets from a secure vault directly into environment variables in a dynamic way.

GitHub Integration Workflow

Deploy DSM CLI on GitHub

To integrate DSM CLI with GitHub, follow these steps:

  1. Access a project in your GitHub account;
  2. Add the executable, the config file and optionally the senhasegura-mapping.json file into the project repository;
  3. Access your project CI/CD Variables through Settings ➔ Secrets ➔ Actions;
  4. Register the variables necessary for DSM CLI execution as described in the usage guide;
  5. Edit your .github/workflows/pipeline.yml file in your project folder;
  6. During the desired job of your pipeline, add the code to execute the DSM CLI and commit the file change;
  7. Execute the GitHub pipeline to finish;
GitHub Variables

Example of an .github/workflows/pipeline.yaml file using DSM CLI:

.github/workflows/pipeline.yaml
# This file is an example to demonstrate the usage of DSM CLI inside a GitHub pipeline
# Make sure to upload the executable and the configuration files to your project
# For more information on its usage, please visit https://docs.senhasegura.io/

name: senhasegura CLI CI/CD

on:
  push:
    branches: [ main ]

  workflow_dispatch:

jobs:
  build:
    runs-on: self-hosted

    steps:
      - uses: actions/checkout@v2

      - name: Run DSM CLI as Running Belt
        env:
          APPLICATION: ${{ secrets.APPLICATION }}
          SYSTEM: ${{ secrets.SYSTEM }}
          ENVIRONMENT: ${{ secrets.ENVIRONMENT }}
        run: |
          dsm runb \
            --app-name $APPLICATION \
            --system $SYSTEM \
            --environment $ENVIRONMENT \
            --config .config.yml \
            --tool-name github \
          source .runb.vars && rm .runb.vars
Authentication

Make sure you select OAuth 2.0 as Authentication Method on senhasegura DSM since the CLI uses it to fetch secret information.

DSM CLI Usage

For more information on how to use DSM CLI, please check the DSM CLI usage guide.

Use DSM CLI to Inject Secrets in Pipelines

After configuring the CLI in the project, follow menu Actions to run the pipeline and use the secret data:

  1. Select the desired workflow and click on Run workflow;
  2. Select the branch to run and click on the Run workflow button;
  3. Then click on the Workflow name ➔ Job name to display the execution result;
GitHub DSM CLI Integration Output