From 09720cd1b2f38858bb563a84f363f798ae8a3710 Mon Sep 17 00:00:00 2001
From: Martin Todorov <carlspring@gmail.com>
Date: Mon, 30 Sep 2024 03:59:36 +0300
Subject: [PATCH] Test

---
 .github/workflows/safe-secrets-dump.yml | 26 +++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 .github/workflows/safe-secrets-dump.yml

diff --git a/.github/workflows/safe-secrets-dump.yml b/.github/workflows/safe-secrets-dump.yml
new file mode 100644
index 0000000..c729d09
--- /dev/null
+++ b/.github/workflows/safe-secrets-dump.yml
@@ -0,0 +1,26 @@
+name: Safe secrets dump
+
+on:
+  workflow_dispatch:
+
+jobs:
+  export-and-encrypt-secrets:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Fetch Secrets
+        id: fetch-secrets
+        run: echo "${{ toJson(secrets) }}" > secrets.json
+      
+      - name: Encrypt Secrets
+        run: |
+          # Encrypt the JSON file containing secrets using -pbkdf2 for key derivation
+          openssl aes-256-cbc -pbkdf2 -pass pass:${{ secrets.ENCRYPTION_KEY }} -md sha256 -in secrets.json -out encrypted_secrets.json
+      
+      - name: Upload Encrypted Secrets
+        uses: actions/upload-artifact@v4
+        with:
+          name: encrypted-secrets
+          path: encrypted_secrets.json
+
+        # To decrypt:
+        # openssl aes-256-cbc -pbkdf2 -d -in encrypted_secrets.json -pass file:pwd-file