secrets_updater package#

Subpackages#

Submodules#

secrets_updater.github module#

Methods/Classes to interact with GitHub API.

Supports fetching repo_secrets, repo_public_key and creation or update of `repo_secret`

class secrets_updater.github.GitHubActions(*args, **kwargs)#

Bases: object

Provides methods to interact with GitHub API.

async create_or_update_repo_secret(secret_name, secret_value)#

Create repository secret, update if already exists. Uses create-or-update-a-repository-secret endpoint.

Public key is required to encrypt secrets while creating or updating secrets for particular repo.

Parameters:

  • secret_name (str) – Name of secrete.

  • secret_value (utf-8) – Secrete value encrypted using public key.

Returns:

None

See also

  1. https://docs.github.com/en/rest/actions/secrets#create-or-update-a-repository-secret

  2. https://docs.aiohttp.org/en/stable/client_reference.html

get_repo_public_key(*args, **kwargs)#

Get repo public key. Uses get-a-repository-public-key endpoint.

Public key is required to encrypt secrets while creating or updating secrets for particular repo.

Parameters:

  • *args – Variable length argument list.

  • **kwargs – Arbitrary keyword arguments.

Returns:

Containing Public key details. key and key_id.

Return type:

dict

Raises:

Exception – if response status code is other than 200.

See also

  1. https://docs.github.com/en/rest/actions/secrets#get-a-repository-public-key

get_repo_secrets(*args, **kwargs)#

Get repo secrets. Uses list-repository-secrets endpoint.

Parameters:

  • *args – Variable length argument list.

  • **kwargs – Arbitrary keyword arguments.

Returns:

Json Response.

Return type:

dict

Raises:

Exception – if response status code is other than 200.

See also

  1. https://docs.github.com/en/rest/actions/secrets#list-repository-secrets

  2. https://docs.github.com/en/rest/actions/secrets#list-environment-secrets

secrets_updater.main module#

Wrapper Script to invoke GitHub api and related operations.

See also

  1. https://docs.python.org/3/library/asyncio-policy.html?highlight=set_event_loop_policy#asyncio.WindowsSelectorEventLoopPolicy # noqa: E501

async secrets_updater.main.add_local_env_to_secrets(env_file_path)#

Upload secrets defined in env_file_path to GitHub actions.

Every secret listed in env_file_path will be updated to repository secrets.Except Secrets starting with #

Parameters:

env_file_path (str) – Complete file path of local environment file.

See also

  1. https://docs.python.org/3/library/asyncio-task.html#asyncio.create_task

secrets_updater.main.add_secretes()#

Invokes async upload action for every env file defined in ENV_FILE_PATH.

All env files defined in EXCLUDE_ENV_FILES_FROM_UPLOAD will be excluded from upload.

secrets_updater.settings module#

Initialize environment variables.

secrets_updater.utility module#

Helper Functions.

secrets_updater.utility.encrypt(public_key: str, secret_value: str) str#

Encrypt a Unicode string using the public key.

See also

  1. https://docs.github.com/en/rest/actions/secrets#example-encrypting-a-secret-using-python