NOTE: Forked from kota65535/github-openvpn-connect-action to have more control over OVPN params.

GitHub Action for connecting to OpenVPN server.

Supported authentication methods:

• Username & password auth
• Client certificate auth
• Both of them

Note: It is strongly recommended that you provide all credentials via encrypted secrets.

When providing TLS keys, you should provide only one of either tls_auth_key, tls_crypt_key or tls_crypt_v2_key. You can determine which by checking the value of your key and looking in the header line. See the docs for more info about TLS in OpenVPN

• Create client configuration file based on the official sample and place at .github/workflows/client.ovpn. You may use inline certificates to include them directly in configuration file, and omit them from the action inputs, but one is warned not to hardcode sensitive data in this file. Remove all parts that have a corresponding key in the action inputs (see below).
• Usage in your workflow is like following:

- name: Checkout
  uses: actions/checkout@v3
- name: Install OpenVPN
  run: |
    sudo apt update
    sudo apt install -y openvpn openvpn-systemd-resolved
- name: Connect to VPN
  uses: "Morriz/github-openvpn-connect-action@v3"
  with:
    config_file: .github/workflows/client.ovpn
    host: ${{ secrets.OVPN_HOST }}
    username: ${{ secrets.OVPN_USERNAME }}
    password: ${{ secrets.OVPN_PASSWORD }}
    port: ${{ secrets.OVPN_PORT }} # default: 1194
    protocol: ${{ secrets.OVPN_PROTOCOL }} # default: udp4
    ca: ${{ secrets.OVPN_CA }}
    cert: ${{ secrets.OVPN_CERT }}
    client_key: ${{ secrets.OVPN_CLIENT_KEY }}
    client_pass: ${{ secrets.OVPN_CLIENT_PASS }}
    tls_auth_key: ${{ secrets.OVPN_TLS_AUTH_KEY }}
- name: Build something
  run: ./gradlew clean build
# The openvpn process is automatically terminated in post-action phase

MIT