我有一个github管道,我将一个github sercret变量管道传输到文件中,但是出现以下错误。
/home/runner/work/_temp/c6144b9a-c8e3-489a-ae97-795f592c57f0.sh: line 6: /config: Permission denied
echo: write error: Broken pipe
name: pipeline
on: [ push ]
env:
KUBECONFIG_B64DATA: ${{ secrets.KUBECONFIG_B64DATA }}
deploy:
name: Deploy
# if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@master
- name: Setup Kubectl
run: |
sudo apt-get -y install curl
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
sudo echo $KUBECONFIG_B64DATA | base64 --decode > /config
sudo mkdir -p ~/.kube
sudo mv config /root/.kube/
编辑:
我使用其他文件夹来获取许可权isuse(/ tmp / config)
但是我仍然很难将github秘密变量传递到文件中,因为github掩盖了秘密并且我返回了错误。
base64: invalid input
我相信这是因为当您回显一个秘密时,您只会得到****而不是实际值
答案 0 :(得分:0)
更改此行:
sudo echo $KUBECONFIG_B64DATA | base64 --decode > /config
收件人
sudo bash -c 'base64 --decode <<< "$KUBECONFIG_B64DATA" > /config'
或
sudo tee /config > /dev/null < <(base64 --decode <<< "$KUBECONFIG_B64DATA")