GitHub Action - wrapper using the module to retrieve secrets for Actions

[wsmelton]

This is just a write-up of thoughts and considerations, anyone interested in this can add additional ideas of how they would utilize or need this type of feature.

GitHub Action - Thycotic.SecretServer Action

• Has to be a separate repo in order for GitHub Action marketplace to pick it up
• Release of Thycotic.SecretServer module would push an updated image with the module cached
• Action arguments would need to pass secret tokens:
  • { secrets.SECRET_SERVER }
  • { secrets.CLIENTSDK_RULE }
  • { secrets.CLIENTSDK_KEY } (onboarding key)
  • Array list of search filters to find the Secret desired
  • Array list of explicit Secret IDs desired (this more desirable than the latter to ensure finding the right secrets)
• Limitation would be if this only worked against Secret Server Cloud subscribers; not sure how the hosted agent works with GA, that might allow secure access to an on-premises Secret Server?
• Work out how this would work in a workflow directly. The main focus would be ensuring secret details (username/password) are not written to the log or console for GitHub Actions.
  Dependent upon Add native support for Client SDK Authentication (NuGet package) #58 but could have the option to use OAuth2 token as well for those that wanted to allow it.