How to set secrets in Github Actions?
- Go to your project in Github
- Select the
Settings
tab - Click the
Secrets
section in the left hand menu Add a new secret
and provide a name (e.g.npm_token
) and a value.
I've created a simple CLI that can help you achieve that - https://github.com/unfor19/githubsecrets
This CLI is based on the official API. You can install it with pip
or use Docker
, read the README.md for more information
In addition to the GUI, you now (January 2020) have a GitHub Actions API(!, still beta though), as announced here.
And it does include a GitHub Actions Secrets API:
Create or update an repository secret:
Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium.
You must authenticate using an access token with the
admin:repo
scope to use this endpoint.
GitHub Apps must have thesecrets
organization permission to use this endpoint.PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}
Get a repository secret
Gets a single secret without revealing its encrypted value.
Anyone with write access to the repository can use this endpoint.
GitHub Apps must have the secrets permission to use this endpoint.GET /repos/:owner/:repo/actions/secrets/:name
So the GUI is no longer the sole option: you can script and get/set an Actions secret through this new API.
This page is hard to find, but it exists in the official docs here: Creating and using secrets (encrypted variables).
Copied from the docs below for convenience:
Secret names cannot include any spaces. To ensure that GitHub redacts your secret in logs, avoid using structured data as the values of secrets, like JSON or encoded Git blobs.
- On GitHub, navigate to the main page of the repository.
- Under your repository name, click Settings.
- In the left sidebar, click Secrets.
- Type a name for your secret in the "Name" input box.
- Type the value for your secret.
- Click Add secret.
The link above has a bit more info around using secrets as well.