akv-cli 0.5.1

The Azure Key Vault CLI can be used to read secrets, pass them securely to other commands, or inject them into configuration files.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

name: release

on:
  push:
    tags:
    - "v*"

permissions:
  attestations: write
  contents: write
  id-token: write

defaults:
  run:
    shell: bash

env:
  CARGO_INCREMENTAL: 0
  RUSTFLAGS: -Dwarnings

jobs:
  test:
    uses: ./.github/workflows/ci.yml
    with:
      release: true

  release:
    runs-on: ubuntu-latest
    needs: test
    steps:
    # Check out with full history to generate release notes.
    - name: Checkout
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
    - name: Set up toolchain
      run: rustup install
    - name: Release
      run: gh release create '${{ github.ref_name }}' --generate-notes
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  package:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os:
        - macos-13 # amd64
        - macos-14 # arm64
        - ubuntu-22.04
        - ubuntu-22.04-arm
        - windows-2022
        # https://github.com/actions/partner-runner-images/issues/77
        # - windows-11-arm
        include:
        - os: windows-2022
          extension: '.exe'
        # - os: windows-11-arm
        #   extension: '.exe'
    needs: release
    steps:
    - name: Checkout
      uses: actions/checkout@v4
    - name: Cache
      uses: actions/cache@v4
      with:
        path: |
          ~/.cargo/bin/
          ~/.cargo/registry/index/
          ~/.cargo/registry/cache/
          ~/.cargo/git/db/
          target/
        key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ hashFiles('**/Cargo.lock') }}
    - name: Set up toolchain
      run: rustup install
    - name: Install openssl (Windows)
      if: runner.os == 'Windows'
      run: |
        echo "OPENSSL_DIR=C:\Program Files\OpenSSL" >> $GITHUB_ENV
    - name: Build
      run: cargo build --release --all-features --workspace
    - name: Package
      id: package
      shell: pwsh
      run: |
        $name = 'akv-${{ runner.os }}-${{ runner.arch }}'.ToLowerInvariant() -replace 'x64', 'amd64'
        if ('${{ runner.os }}' -eq 'Windows') {
          $name = "$name.zip"
          $target = "target/release/$name"
          Compress-Archive -Path target/release/akv${{ matrix.extension }} -DestinationPath $target
        } else {
          $name = "$name.tar.gz"
          $target = "target/release/$name"
          tar czf "$target" -C target/release/ akv${{ matrix.extension }}
        }
        "name=$name" >> $env:GITHUB_OUTPUT
        "target=$target" >> $env:GITHUB_OUTPUT
    - name: Upload
      uses: actions/upload-artifact@v4
      with:
        name: ${{ steps.package.outputs.name }}
        path: ${{ steps.package.outputs.target }}
    - name: Publish
      run: gh release upload '${{ github.ref_name }}' '${{ steps.package.outputs.target }}'
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  attest:
    runs-on: ubuntu-latest
    needs: package
    steps:
    - name: Download
      uses: actions/download-artifact@v4
    - name: Attest
      uses: actions/attest-build-provenance@v2
      with:
        subject-path: ${{ github.workspace }}/*

  # Publish separately to crates.io to allow retries e.g., expired token.
  publish:
    runs-on: ubuntu-latest
    needs: release
    steps:
    - name: Checkout
      uses: actions/checkout@v4
    - name: Set up toolchain
      run: rustup install
    - name: Publish
      run: cargo publish
      env:
        CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}