Created
February 28, 2024 05:45
-
-
Save dorelljames/3ee01432fd04bdf965a7db2970e63aa7 to your computer and use it in GitHub Desktop.
Encrypt values for storing on GitHub Secrets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sodium from "libsodium-wrappers"; | |
// publicKey is from GET /repos/{owner}/{repo}/actions/secrets/public-key | |
// secretValue is the value you want to get encrypted | |
export async function encryptForGitHub(secretValue: string, publicKey: string) { | |
await sodium.ready; | |
// Convert the secret and key to a Uint8Array. | |
const binkey = sodium.from_base64(publicKey, sodium.base64_variants.ORIGINAL); | |
const binsec = sodium.from_string(secretValue); | |
// Encrypt the secret using libsodium. | |
const encBytes = sodium.crypto_box_seal(binsec, binkey); | |
// Convert the encrypted Uint8Array to Base64. | |
return sodium.to_base64(encBytes, sodium.base64_variants.ORIGINAL); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment