This repository implements a simple GitHub composite action that allows logging into any Salesforce org from CI/CD automations based on a Salesforce DX (SFDX) authorization URL.

To be able to log in with an SFDX Auth URL, you must first generate it. The easiest option to achieve this is to redirect the output of the following command for an already authorized org to a JSON file like:

sf org display --target-org my-org --verbose --json > authFile.json

The resulting JSON file contains the URL in the "sfdxAuthUrl" property of the "result" object. Since we need the authFile.json contents for the login action, but saving raw JSON inputs in GitHub secrets is known to cause problems, we perform an additional step and encode the contents as a Base64 string to avoid headaches like:

cat authFile.json | base64

We then only have to store the Base64 string received in a GitHub action secret, e.g. SFDX_AUTH_URL, and can reference it whenever we are using the action in one of our workflows. A complete guide to secrets can be found here: Using secrets in GitHub Actions

In a GitHub workflow, the use of the action after the initial checkout step and the installation of the SF CLI could then look like this:

jobs:
  validation:
    name: Validation
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install SF CLI
        uses: svierk/sfdx-cli-setup@main
        
      - name: Salesforce Org Login
        uses: svierk/sfdx-login@main
        with:
          sfdx-url: ${{ secrets.SFDX_AUTH_URL }}

The SF CLI in this example workflow is installed via the action sfdx-cli-setup.

TBD

The two authorisation options supported by this GitHub composite action can be found in the Salesforce CLI Command Reference here:

• org login sfdx-url
• org login jwt

Latest release notes can be found on the release page.

The scripts and documentation in this project are released under the MIT License.