A GitHub Action that sets up Fireblocks and Solana configuration files for testing purposes with automatic cleanup when the workflow completes.
- 🔧 Automatic Setup: Creates Fireblocks and Solana configuration files
- 🧹 Automatic Cleanup: Removes all configuration files when the workflow ends (even if it fails)
- 🔒 Secure: Handles sensitive credentials properly with appropriate file permissions
- 📁 Organized: Places all config files in standard locations (
~/.config/)
steps:
- uses: actions/checkout@v4
- name: Setup Fireblocks and Solana configs
uses: CarteraMesh/fireblocks-config-action@v1
with:
fireblocks-secret: |
${{ secrets.FIREBLOCKS_SECRET }}
fireblocks-api-key: ${{ secrets.FIREBLOCKS_API_KEY }}
- name: Run your tests
run: |
# Your test commands here
# Config files are automatically availablesteps:
- name: Setup configs for mainnet testing
uses: CarteraMesh/fireblocks-config-action@v1
with:
fireblocks-secret: ${{ secrets.FIREBLOCKS_SECRET }}
fireblocks-api-key: ${{ secrets.FIREBLOCKS_API_KEY }}
fireblocks-vault: '0'
solana-rpc-url: 'https://api.mainnet-beta.solana.com'name: Test with Fireblocks
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Fireblocks and Solana configs
uses: CarteraMesh/fireblocks-config-action@v1
with:
fireblocks-secret: |
${{ secrets.FIREBLOCKS_SECRET }}
fireblocks-api-key: ${{ secrets.FIREBLOCKS_API_KEY }}
fireblocks-vault: ${{ vars.FIREBLOCKS_VAULT }}
solana-rpc-url: ${{ vars.SOLANA_RPC_URL }}
- name: Install dependencies
run: npm install
- name: Run tests
run: npm test
# No cleanup step needed - automatic cleanup happens via post action!| Input | Description | Required | Default |
|---|---|---|---|
fireblocks-secret |
Fireblocks secret key content (PEM format) | ✅ | - |
fireblocks-api-key |
Fireblocks API key | ✅ | - |
fireblocks-vault |
Fireblocks vault ID | ❌ | "0" |
fireblocks-endpoint |
Fireblocks API endpoint URL | ❌ | "https://sandbox-api.fireblocks.io" |
solana-rpc-url |
Solana RPC URL | ❌ | "https://api.devnet.solana.com" |
| Output | Description |
|---|---|
config-path |
Path to the created configuration directory (~/.config) |
The action creates the following files and directories:
~/.config/
├── fireblocks/
│ ├── default.toml
│ ├── sandbox.toml
│ └── sandbox.pem
└── solana/
├── cli/
│ └── config.yml
└── id.json
Fireblocks Config (~/.config/fireblocks/default.toml & sandbox.toml):
api_key = "your-api-key"
secret_path = "~/.config/fireblocks/sandbox.pem"
url = "https://sandbox-api.fireblocks.io"
[display]
output = "Table"
[signer]
poll_timeout = 120
poll_interval = 5
vault = "your-vault-id"Solana Config (~/.config/solana/cli/config.yml):
---
keypair_path: 'fireblocks://default'
websocket_url: 'wss://api.devnet.solana.com'
commitment: finalized
json_rpc_url: your-rpc-urlThe action automatically cleans up all created files when the workflow step completes, regardless of success or failure. This includes:
~/.config/fireblocks/(entire directory)~/.config/solana/(entire directory)
No manual cleanup step is required!
- The Fireblocks secret key file (
sandbox.pem) is created with600permissions (owner read/write only) - All sensitive files are automatically removed after the workflow completes
- Secrets should be stored in GitHub repository secrets, not hardcoded in workflows
- Runs on:
ubuntu-latest,macos-latest,windows-latest - Node.js 20+ (automatically provided by GitHub Actions)
- Fork the repository
- Create a feature branch
- Make your changes
- Run tests:
npm test - Build:
npm run build - Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.