A GitHub Action for installing and configuring the hcp CLI.
MPL-2.0 License
hcp
CLI for use in GitHub ActionsConfigures the hcp
CLI for use
in GitHub Actions. The Action installs the specified version of hcp
and
configures the hcp
CLI for use in GitHub Actions. The downloaded hcp
CLI is
cached in the GitHub Actions workspace for subsequent use. For a full list of
available hcp
CLI commands, see the
hcp
CLI documentation.
jobs:
job_id:
permissions:
contents: 'read'
id-token: 'write'
steps:
- id: 'Authenticate to HCP'
- uses: 'hashicorp/hcp-auth-action@v0'
with:
workload_identity_provider: 'iam/project/123456789/service-principal/my-sp/workload-identity-provider/github'
- name: 'Download hcp CLI'
uses: 'hashicorp/hcp-setup-action@v0'
with:
version: 'latest'
- name: 'Use hcp CLI to read a secret'
run: |
MY_SECRET=$(hcp vault-secrets secrets open \
--app=cli --format=json foo | jq -r '.static_version.value')
echo "::add-mask::$MY_SECRET"
echo "MY_SECRET=$MY_SECRET" >> $GITHUB_ENV
version
- (Optional) A string specifying which version of the hcp
CLI to
use. The following are valid version strings:
hcp
CLI. If the`hcp` CLI islatest
: Use the latest version of the hcp
CLI.0.4.0
): Specifies the exact version of the hcp
>= 0.3.0
): Specifies a version constraint for thehcp
CLI. The latest version that satisfies the constraint will be used.project_id
- (Optional) Configure the default HCP Project ID for the hcp
CLI. This is equivalent to running hcp profile set project_id <project_id>
.
Individual commands can override this value by setting the --project
flag.
To use the hcp
CLI, it must first be authenticated using
the hcp-auth-action
Action The
hcp-auth-action
Action supports authenticating the hcp
CLI using Service
Principal credentials or using Workload Identity Federation.
See the
hcp-auth-action
Action documentation
for more information on authenticating the hcp
CLI.