Pular para o conteúdo principal
Version: 3.21

GitHub

GitHub is a platform for hosting source code and versioned files using Git.It allows programmers, utilities or any registered user on the platform to contribute on private or Open Source projects from anywhere in the world.

Through GitHub Actions it is possible to automate, customize and execute software development workflows directly in the repository.

With the senhasegura GitHub, it is possible to intercept all the environment variables and inject the secrets directly into the pipelines during the automation execution step without the need to expose the secrets.

How GitHub integration works

Installing GitHub plugin

To install the senhasegura GitHub plugin you need a Client ID and a Client Secret for API authentication. To create an access key, follow the steps described dsm-register-auth and dsm-view-auth sections of this manual.

  1. Access a project in your GitHub account;

  2. Add the binary and the senhasegura-mapping.json file into the project repository;

    info

    The senhasegura-mapping.json can be used to report the senhasegura DSM which variable should be registered as secrets.

  3. Edit the cicd.yml config file, located at <project_name>/.github/workflows/ into your project directory;

  4. At section jobs ➔build ➔steps, add the following source code:

    - name: senhasegura
    env:
    APP: ${{ secrets.APP }}
    SYSTEM: ${{ secrets.SYSTEM }}
    ENVIRONMENT: ${{ secrets.ENVIRONMENT }}
    SENHASEGURA_URL: ${{ secrets.SENHASEGURA_URL }}
    SENHASEGURA_CLIENT_ID: ${{ secrets.SENHASEGURA_CLIENT_ID }}
    SENHASEGURA_CLIENT_SECRET: ${{ secrets.SENHASEGURA_CLIENT_SECRET }}
    run: |
    chmod +x senhasegura
    ./senhasegura $APP $SYSTEM $ENVIRONMENT
    source .runb.vars
    rm .runb.vars
  5. Save the file;

  6. Access the senhasegura Settings ➔ Secrets menu;

  7. Register the following variables: APP, ENVIRONMENT, SYSTEM, SENHASEGURA_URL, SENHASEGURA_CLIENT_ID and SENHASEGURA_CLIENT_SECRET;

  8. At the end, execute the GitHub workflow;

GitHub secrets
info

The variables APP, ENVIRONMENT and SYSTEM are used into senhasegura DSM to identify which application is running and which is its environment and system.

GitHub pipeline' secrets injection

After installing the plugin into a project, follow the steps bellow to inject secrets into pipeline:

  1. Click the Actions menu;

  2. Select the desired workflow;

  3. Click at Run workflow section and into Run workflow button;

  4. When the workflow finish its running, click at Build button to display the result;

senhasegura GitHub plugin output