Skip to content

Latest commit

 

History

History
36 lines (28 loc) · 854 Bytes

README.md

File metadata and controls

36 lines (28 loc) · 854 Bytes

mount-tmpfs

GitHub action to create and mount a temporary file system in memory.

It can be used as an attempt to keep secrets from being written to disk.

Usage

⚠️ Please consider the physical limitations of the GitHub runners before changing the values.

    - name: Get a tmpfs for our secret
      id: tmpfs
      uses: LeastAuthority/mount-tmpfs-action@v1
      with:
        size: 2
        root: '/mnt'

The action then returns the uuid and the mount point of the tmpfs as outputs.

    - name: Import secret in tmpfs
      run: |
        cat <<EOF > "${{ steps.tmpfs.outputs.mnt }}/secret_key"
        ${{ secrets.KEY }}
        EOF

Optionally, the tmpfs could be removed when no longer needed.

    - name: Cleanup
      run: |
        sudo umount "${{ steps.tmpfs.outputs.mnt }}"