Github 操作和 google 云存储凭据 python

Github actions and google cloud storage credentials python

我想在 github 操作中使用 python 脚本处理 csv。

此 csv 存储在 GCP 中。

所以我想使用以下代码从 google 存储上传和下载文件:

from google.cloud import storage
class gcpConection(object,st):

    def __init__(self):

        self.credentials_path = 'credentials.json'
        self.bucket_name = 'name'

    def download_and_read_files(filename):
        st = storage.Client.from_service_account_json(self.credentials_path)
        bucket = st.get_bucket(self.bucket_name)
        blob_csv = bucket.get_blob(filename)
        blob_csv.download_to_filename(filename)
        df = pd.read_csv(filename)
        return df
    def upload_files(folder,filename):
        st = storage.Client.from_service_account_json(self.credentials_path)
        bucket = st.get_bucket(self.bucket_name)
        blob = bucket.blob('{}/{}'.format(folder,filename))
        blob.upload_from_filename(filename)

此代码在我的电脑中 运行 完美运行,credentials.json 与脚本存储在同一文件夹中。

到运行它在Github操作我不能上传这个json文件,所以我想把这个json作为秘密存储在github秘密。

我知道这个秘密存储在这里 secrents.gcp_credential 但我不知道如何更改脚本中的代码以告诉 google 云存储在那里查看凭据,一些东西像这样:

self.credentials_path = path/secrents.gcp_credential

我不知道这样做是否正确。我也有一个访问密钥和一个秘密,但我完全不知道它是如何工作的。

根据:"Creating and storing encrypted secrets"

Secrets are encrypted environment variables that you create in a repository for use with GitHub Actions... To make a secret available to an action, you must set the secret as an input or environment variable in the workflow file.

你可以找到 how to create the encrypted secrets:

To provide an action with a secret as an input or environment variable, you can use the secrets context to access secrets you've created in your repository. For more information, see "Context and expression syntax for GitHub Actions" and "Workflow syntax for GitHub Actions."

steps:
  - name: Hello world action
    with: # Set the secret as an input
      super_secret: ${{ secrets.SuperSecret }}
    env: # Or as an environment variable
      super_secret: ${{ secrets.SuperSecret }}

请记住 secrets 有一些限制,例如您最多可以有 100 个密码,名称在存储库中必须是唯一的,它们的大小限制为 64 KB .