Branch specific secrets?

[bgupta]

We're wondering if there is a way to retrieve specific secrets based on the branch, which we would map to environments. (e.g. - production, staging)

e.g. - use this database password in the staging branch.

[say8425]

@bgupta AWS Secrets Manager action do not support secrets based on the branch.
But I think you can try it with gh contexts like this.

steps:
  - name: Extract branch name
    run: echo "::set-output name=branch-name::$(echo ${GITHUB_REF#refs/heads/})"
    id: extract-branch
  - name: Store ENV from AWS SecretManager
    uses: say8425/aws-secrets-manager-actions@v1
    with:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
      SECRET_NAME: ${{ steps.extract-branch.outputs.branch-name }}:${{ secrets.SECRET_NAME }}

If you need additional questions, then please reply here. Thanks.