This action can create or update secrets in the GitHub Actions API. It supports both repository and organization secrets in a unified input syntax.
Basic example (creates a secret in the repository where the workflow file is located):
steps:
- uses: gliech/create-github-secret-action@v1
with:
name: FRONT_DOOR_PASSWORD
value: Eternia
pa_token: ${{ secrets.PA_TOKEN }}
Create a secret in a different repository:
steps:
- uses: gliech/create-github-secret-action@v1
with:
location: horde-prime/spire-network
name: BROADCAST_FREQUENCY
value: ${{ secrets.JAMMING_FREQUENCY }}
pa_token: ${{ secrets.PAT_WRONG_HORDAK }}
Create a secret in an organization:
steps:
- uses: gliech/create-github-secret-action@v1
with:
location: united-states-air-force
name: NUCLEAR_LAUNCH_CODES
value: '00000000'
org_visibility: all
pa_token: ${{ secrets.PAT_STRATEGIC_AIR_COMMAND }}
(Required) Name of the secret that you want to create/update.
(Required) Value of the secret that you want to create/update.
This action cannot mask the provided secret value in workflow logs. If you do not want the secret value to appear in the output of your workflow run, you have to mask it before you provide it to this action as input.
Name of a GitHub repository or organization where you want to create/update a
secret. Expects the notation owner/repo
for repositories. Defaults to the
repository that invoked the workflow.
(Required) Personal access token with permission to modify repository or organization secrets.
For more information on PATs see the GitHub docs article on creating a personal access token. The GitHub Secrets API requires the
repo
scope to modify secrets in private repositories and thepublic_repo
scope for public repositories. It requiresadmin:org
scope to modify secrets in an organization.
Only used for organization secrets. Can be set to one of 3 values:
all
will make the secret visible to all repositories in the organizationprivate
makes it visible only to repositories that are not public- any other input value will be interpreted as a list of comma-seperated GitHub repository IDs, which will cause the created secret to be selectively visible only from these repositories
Defaults to private
.
GitHub repository IDs are not repository URLs or names. They are a number used to identify repositories on GitHub specifically. For more information see the GitHub API documentation on repositories or this question on Stack Overflow.
HTTP Status Code of the request against the GitHub API that created/updated the secret.
This project is licensed under the terms of the MIT License