wait-for-secrets
terraform-aws-oidc-github
wait-for-secrets | terraform-aws-oidc-github | |
---|---|---|
4 | 2 | |
273 | 90 | |
2.2% | - | |
0.0 | 7.1 | |
10 months ago | 19 days ago | |
TypeScript | HCL | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wait-for-secrets
-
How to publish on npm with `--provenance` using Lerna-Lite
To deal with the OTP (or any other 2FA), we can use wait-for-secrets. Compared to the previous basic usage, we are splitting the Lerna-Lite Version & Publish into 2 separate tasks. The reason is simple, calling the OTP too early would timeout even before reaching the publish phase, so calling the OTP just before the publish is the best way to avoid invalid pin.
-
Rotate any secrets stored in CircleCI
While OIDC is a good option, at StepSecurity, we are building an open-source project that allows using your MFA tokens for deployments in CI/ CD. So far, it is implemented for GitHub Actions - https://github.com/step-security/wait-for-secrets. In this method, you get a link in the build log, click the link, and can enter credentials at run time, which then gets used in the next step in the pipeline for deployment. So there are no persistent secrets stored in the CI/ CD pipeline and no need for managing/ rotating separate deployment credentials.
- A way to publish from GitHub Actions using multi-factor authentication
- Show HN: Publish from GitHub Actions using multi-factor authentication
terraform-aws-oidc-github
-
Rotate any secrets stored in CircleCI
A bit of a shameless plug for a relevant Terraform module I made (specific to GitHub in this case): https://github.com/unfunco/terraform-aws-oidc-github
-
GitHub workflow terraform init gives:Error: error configuring S3 Backend: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid
I just got the OIDC bridge working and it is magic. I used the module at https://github.com/unfunco/terraform-aws-oidc-github and was delighted it worked on the first try.
What are some alternatives?
FTP-Deploy-Action - Deploys a GitHub project to a FTP server using GitHub actions
terraform-aws-github-runner - Terraform module for scalable GitHub action runners on AWS
pr-compliance-action - Check PR for compliance on title, linked issues, and files changed
terraform-aws-eks - Terraform module to create AWS Elastic Kubernetes (EKS) resources 🇺🇦
circleci-audit
Ory Hydra - OpenID Certifiedâ„¢ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
github-pages-deploy-action - 🚀 Automatically deploy your project to GitHub Pages using GitHub Actions. This action can be configured to push your production-ready code into any branch you'd like.
github-actions-demo - github actions demo
typhoon - Minimal and free Kubernetes distribution with Terraform
CircleCI-Env-Inspector - A NodeJS tool for discovering all your secrets on CircleCI