如何将 Github 机密作为 json 文件中的值传递?
How to pass Github secrets as value in json file?
我正在使用 Cypress.io for my automated tests & triggering it in CI/D with Github Actions。配置 cypress.json 文件嵌套了 env 值,如下所示:
{
"baseUrl": "<url-to-login>",
"env": {
"roles": {
"admin": {
"PASSWORD": "<password>",
"USERNAME": "<username>"
},
"employee": {
"PASSWORD": "<password>",
"USERNAME": "<username>"
},
"client": {
"PASSWORD": "<password>",
"USERNAME": "<username>"
}
}
}
}
不幸的是,Cypress can't access deeply env variables 所以我正在创建配置 cypress.json,如下所示:
name: Cypress Tests
on: [push]
jobs:
cypress-run:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
# creates cypress.json file to run Cypress
- name: Create Cypress config files
run: |
echo '{ "baseUrl": "${{ secrets.BASE_URL }}", "env": { "roles": { "admin": { "PASSWORD": "${{ secrets.PASSWORD }}", "USERNAME": "${{ secrets.USERNAME }}" } } } }' > cypress.json
- name: Cypress run
uses: cypress-io/github-action@v2
with:
build: yarn run
start: yarn cypress:run
wait-on-timeout: 120
browser: chrome
它不起作用,但我硬编码了它确实起作用的值:
run: |
echo '{ "baseUrl": "<hardcoded-redacted-value>", "env": { "roles": { "admin": { "PASSWORD": "<hardcoded-redacted-value>", "USERNAME": "<hardcoded-redacted-value>" } } } }' > cypress.json
所以我的问题是,如何在 json 文件中传递秘密?
我想你会发现它已修复check for undefined values on setPluginResolvedOn function #7960
const roles = Cypress.env('roles')
expect(roles.client.PASSWORD).to.eq('<password>') // ✅ passes
我通过将整个 cypress.json 配置文件的内容存储为 GitHub's repository encrypted secret. Then, I used the create-json GitHub Action to generate the cypress.json needed to run Cypress 在 CI/CD 上解决了这个问题。这是最终的 .github/workflows/main.yml 文件:
name: Cypress Tests
on: [push]
jobs:
cypress-run:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: create-json
id: create-json
uses: jsdaniell/create-json@1.1.2
with:
name: "cypress.json"
json: ${{ secrets.CYPRESS_CONFIG_JSON }}
- name: Cypress run
uses: cypress-io/github-action@v2
with:
build: yarn run
start: yarn cypress:run
wait-on-timeout: 120
browser: chrome
我正在使用 Cypress.io for my automated tests & triggering it in CI/D with Github Actions。配置 cypress.json 文件嵌套了 env 值,如下所示:
{
"baseUrl": "<url-to-login>",
"env": {
"roles": {
"admin": {
"PASSWORD": "<password>",
"USERNAME": "<username>"
},
"employee": {
"PASSWORD": "<password>",
"USERNAME": "<username>"
},
"client": {
"PASSWORD": "<password>",
"USERNAME": "<username>"
}
}
}
}
不幸的是,Cypress can't access deeply env variables 所以我正在创建配置 cypress.json,如下所示:
name: Cypress Tests
on: [push]
jobs:
cypress-run:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
# creates cypress.json file to run Cypress
- name: Create Cypress config files
run: |
echo '{ "baseUrl": "${{ secrets.BASE_URL }}", "env": { "roles": { "admin": { "PASSWORD": "${{ secrets.PASSWORD }}", "USERNAME": "${{ secrets.USERNAME }}" } } } }' > cypress.json
- name: Cypress run
uses: cypress-io/github-action@v2
with:
build: yarn run
start: yarn cypress:run
wait-on-timeout: 120
browser: chrome
它不起作用,但我硬编码了它确实起作用的值:
run: |
echo '{ "baseUrl": "<hardcoded-redacted-value>", "env": { "roles": { "admin": { "PASSWORD": "<hardcoded-redacted-value>", "USERNAME": "<hardcoded-redacted-value>" } } } }' > cypress.json
所以我的问题是,如何在 json 文件中传递秘密?
我想你会发现它已修复check for undefined values on setPluginResolvedOn function #7960
const roles = Cypress.env('roles')
expect(roles.client.PASSWORD).to.eq('<password>') // ✅ passes
我通过将整个 cypress.json 配置文件的内容存储为 GitHub's repository encrypted secret. Then, I used the create-json GitHub Action to generate the cypress.json needed to run Cypress 在 CI/CD 上解决了这个问题。这是最终的 .github/workflows/main.yml 文件:
name: Cypress Tests
on: [push]
jobs:
cypress-run:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: create-json
id: create-json
uses: jsdaniell/create-json@1.1.2
with:
name: "cypress.json"
json: ${{ secrets.CYPRESS_CONFIG_JSON }}
- name: Cypress run
uses: cypress-io/github-action@v2
with:
build: yarn run
start: yarn cypress:run
wait-on-timeout: 120
browser: chrome