Merge pull request #5 from stackql/feature/file-auth

Feature/file auth

Author: yunchengyang515

.github/workflows/example-workflows.yml

@@ -0,0 +1,43 @@
+name: 'Setup StackQL'
+
+on:
+  push:
+    branches:
+    - main
+    - 'develop-**'
+  pull_request:
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  stackql-versions:
+    name: 'Stackql Versions'
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Setup stackql
+      uses: ./
+
+
+    - name: Validate Stackql Version
+      run: |
+        stackql --version
+
+    - name: Use GitHub Provider
+      run: |
+        stackql exec -i ./examples/github-example.iql --auth="${AUTH}"
+      env: 
+        AUTH: ${{ vars.AUTH }}  ##'{ "github": { "type": "basic", "credentialsenvvar": "STACKQL_GITHUB_CREDS" } }'
+        STACKQL_GITHUB_CREDS: ${{  secrets.STACKQL_GITHUB_CREDS }}
+
+    - name: use Google Provider
+      run: | ## use the secret to create json file
+        sudo echo ${{ secrets.GOOGLE_CREDS }} | base64 -d > sa-key.json
+        stackql exec -i ./examples/google-example.iql --auth="${AUTH}"
+      env:
+        AUTH: ${{ vars.AUTH }}  ## '{ "google": { "type": "service_account",  "credentialsfilepath": "sa-key.json" }}'

.github/workflows/set-up-stackql.yml

@@ -5,12 +5,26 @@ The `stackql/setup-stackql` action is a JavaScript action that sets up Terraform
 - Downloading a latest Stackql CLI and adding it to the `PATH`.
 - Setup AUTH env var in the Github Action
 
-## Auth object string
-Example
+# Auth
+[Learn more](https://stackql.io/docs/getting-started/authenticating) about authentication setup when running stackql
+
+### Basic Example
+1. Set Auth variable, for example:
+```
+{ "github": { "type": "basic", "credentialsenvvar": "STACKQL_GITHUB_CREDS" } }
+```
+2. create the github token as a secret
+3. In the execution step, pass the secret as environment variable with name "STACKQL_GITHUB_CREDS"
+
+Check the "Use GitHub Provider" step in `.github/workflows/example-workflows.yml` for the working example
+
+### json File Auth example
+
+1. Set Auth variable, for example:
 ```
-{   
-    "google": { "credentialsfilepath": "creds/stackql-demo.json",  "type": "service_account" }, 
-    "okta": { "credentialsenvvar": "OKTA_SECRET_KEY", "type": "api_key", credentials: '<your credentials>' }
-}
+{ "google": { "type": "service_account",  "credentialsfilepath": "sa-key.json" }}
 ```
+2. encode the key json file into base64 string
+3. in execution step, run `sudo echo ${{ secrets.<name of the secret> }} | base64 -d > sa-key.json`
 
+Check the "Use Google Provider" step in `.github/workflows/example-workflows.yml` for the working example

README.md

@@ -0,0 +1,4 @@
+REGISTRY PULL google v23.01.00116;
+SELECT name, status
+FROM google.compute.instances 
+WHERE project = 'stackql-demo' AND zone = 'australia-southeast1-a';