This GitHub Action replaces tokens in text files with variables and/or secrets.
Please refer to the release page for the latest release notes.
- uses: qetza/replacetokens-action@v1
with:
# A multiline list of files to replace tokens in.
# Each line supports:
# - multiple glob patterns separated by a semi-colon ';' using fast-glob syntax
# (you must always use forward slash '/' as a directory separator, on win32 will
# automatically replace backslash with forward slash)
# - outputing the result in another file adding the output path after an arrow '=>'
# (if the output path is a relative path, it will be relative to the input file)
# - wildcard replacement in the output file name using an asterix '*' in the input
# and output file names
#
# Example: '**/*.json; !local/ => out/*.json' will match all files ending with '.json'
# in all directories and sub directories except in `local` directory and the output
# will be in a sub directory `out` relative to the input file keeping the file name.
#
# Required.
sources: ''
# A JSON serialized object containing the variables values.
# The object can be:
# - an object: properties will be parsed as key/value pairs
# - a string starting with '@': value is parsed as multiple glob patterns separated
# by a semi-colon ';' using fast-glob syntax to JSON or YAML files
# - a string starting with '$': value is parsed as an environment variable name
# containing JSON encoded key/value pairs
# - an array: each item must be an object or a string and will be parsed as
# specified previously
#
# Multiple entries are merge into a single list of key/value pairs and all JSON
# supports comments.
#
# Example: '[${{ toJSON(vars) }}, ${{ toJSON(secrets) }}]' will pass all defined
# variables and secrets.
#
# Required.
variables: ''
# Add BOM when writing files.
#
# Optional. Default: false
add-bom: ''
# Enable case-insensitive file path matching in glob patterns (sources and variables).
#
# Optional. Default: false
case-insensitive-paths: ''
# The characters to escape when using 'custom' escape.
#
# Optional.
chars-to-escape: ''
# Encoding to read and write all files.
#
# Accepted values:
# - auto: detect encoding using js-chardet
# - any value supported by iconv-lite
#
# Optional. Default: auto
encoding: ''
# Character escape type to apply on each value.
#
# Accepted values:
# - auto: automatically apply JSON or XML escape based on file extension
# - off: don't escape values
# - json: JSON escape
# - xml: XML escape
# - custom: apply custom escape using escape-char and chars-to-escape
#
# Optional. Default: auto
escape: ''
# The escape character to use when using custom escape.
#
# Optional.
escape-char: ''
# The behavior if no files are found.
#
# Accepted values:
# - ignore: do not output any message, the action do not fail
# - warn: output a warning but do not fail the action
# - error: fail the action with an error message
#
# Optional. Default: ignore
if-no-files-found: ''
# Include directories and files starting with a dot '.' in glob matching results for sources
# and additionalVariables.
#
# Optional. Default: false
include-dot-paths: ''
# The log level.
#
# Accepted values:
# - debug
# - info
# - warn
# - error
#
# Debug messages will always be sent to the internal debug system.
# Error messages will always fail the action.
#
# Optional. Default: info
log-level: ''
# The behavior if variable is not found.
#
# Accepted values:
# - none: replace the token with an empty string and log a message
# - keep: leave the token and log a message
# - replace: replace with the value from missing-var-default and do not
# log a message
#
# Optional. Default: none
missing-var-action: ''
# The default value to use when a key is not found.
#
# Optional. Default: empty string
missing-var-default: ''
# The level to log key not found messages.
#
# Accepted values:
# - off
# - warn
# - error
#
# Optional. Default: warn
missing-var-log: ''
# Opt out of the anonymous telemetry feature.
# You can also set the 'REPLACETOKENS_TELEMETRY_OPTOUT' environment variable to '1'
# or 'true'.
#
# Optional. Default: false
no-telemetry: ''
# Enable token replacements in values recusively.
#
# Example: '#{message}#' with variables '{"message":"hello #{name}#!","name":"world"}'
# will result in 'hello world!'
#
# Optional. Default: false
recursive: ''
# The root path to use when reading files with a relative path.
#
# Optional. Default: ${{ github.workspace }}
root: ''
# The separtor to use when flattening keys in variables.
#
# Example: '{ "key": { "array": ["a1", "a2"], "sub": "s1" } }' will be flatten as
# '{ "key.array.0": "a1", "key.array.1": "a2", "key.sub": "s1" }'
#
# Optional. Default: .
separator: ''
# The token pattern to use.
#
# Accepted values:
# - default: #{ ... }#
# - azurepipelines: $( ... )
# - custom: token-prefix ... token-suffix
# - doublebraces: {{ ... }}
# - doubleunderscores: __ ... __
# - githubactions: #{{ ... }}
# - octopus: #{ ... }
#
# Optional. Default: default
token-pattern: ''
# The token prefix when using 'custom' token pattern.
#
# Optional.
token-prefix: ''
# The token suffix when using 'custom' token pattern.
#
# Optional.
token-suffix: ''
# Enable transforms on values.
# The syntax to apply transform on a value is '#{<transform>(<name>[,<parameters>])}#'.
#
# Supported transforms:
# - base64(name): base64 encode the value
# - indent(name[, size, firstline]): indent lines in the value where size is the
# indent size (default is '2') and firstline specifies if the first line must be
# indented also (default is 'false')
# - lower(name): lowercase the value
# - raw(name): raw value (disable escaping)
# - upper(name): uppercase the value
#
# Example: 'key=#{upper(KEY1)}#' with '{ "KEY1": "value1" }' will result in
# 'key=VALUE1'
#
# Optional. Default: false
transforms: ''
# The tranforms prefix when using transforms.
#
# Optional. Default: (
transforms-prefix: ''
# The tranforms prefix when using transforms.
#
# Optional. Default: )
transforms-suffix: ''| Name | Description | Example |
|---|---|---|
| defaults | The number of tokens replaced with the default value if one was specified. | 1 |
| files | The number of source files parsed. | 2 |
| replaced | The number of values replaced by a value different than the default value. | 7 |
| tokens | The number of tokens found in all files. | 8 |
| transforms | The number of transforms applied. | 2 |
- uses: qetza/replacetokens-action@v1
with:
sources: |
**/*.json;!**/*.dev.json;!**/vars.json => _tmp/*.json
**/*.yml
variables: '[${{ toJSON(vars) }},${{ toJSON(secrets) }}]' # use variables & secrets- uses: qetza/replacetokens-action@v1
with:
sources: '**/*.yml'
variables: >
[
${{ toJSON(vars) }}, # variables
${{ toJSON(secrets) }}, # secrets
${{ toJSON(format('@{0}/settings.json', github.workspace)) }}, # read from file
"@**/vars.(json|jsonc);!**/local/*" # read from JSON files
"@**/settings.(yml|yaml);!**/local/*" # read from YAML files
"$ENV_VARS", # read from env
{ "VAR2": "${{ github.event.inputs.var2 }}" } # inline values
]
env:
ENV_VARS: '{ "VAR4": "env_value4" }'steps:
- uses: qetza/replacetokens-action@v1
id: replace-tokens
with:
sources: '**/*.yml'
variables: '[${{ toJSON(vars) }},${{ toJSON(secrets) }}]'
- run: |
echo "defaults : ${{ steps.replace-tokens.outputs.defaults }}"
echo "files : ${{ steps.replace-tokens.outputs.files }}"
echo "replaced : ${{ steps.replace-tokens.outputs.replaced }}"
echo "tokens : ${{ steps.replace-tokens.outputs.tokens }}"
echo "transforms: ${{ steps.replace-tokens.outputs.transforms }}"The ReplaceTokens GitHub Action collects anonymous usage data and sends them by default to its author to help improve the product. If you don't wish to send usage data, you can change your telemetry settings through the no-telemetry input or by setting the REPLACETOKENS_TELEMETRY_OPTOUT environment variable to 1 or true.
The following anonymous data is send:
- the hash of the owner and repository name (GITHUB_REPOSITORY)
- the hash of the workflow name (GITHUB_WORKFLOW)
- the hosting (
serverorcloud) - the runner operating system (RUNNER_OS)
- the inputs values for
- add-bom
- chars-to-escape
- encoding
- escape
- escape-char
- if-no-files-found
- log-level
- missing-varvaction
- missing-var-default
- missing-varvlog
- recursive
- separator
- token-pattern
- token-prefix
- token-suffix
- transforms
- transforms-prefix
- transforms-suffix
- the number of sources entries
- the number of variables entries referencing file
- the number of variables entries referencing environment variables
- the number of variables inline entries
- the task result (
successorfailed) - the task execution duration
- the outputs (defaults, files, replaced, tokens and transforms)
You can see the JSON serialized telemetry data sent in debug logs.