Blog 3 Sp21

Blog 3-SP21

Github Actions - SECRETS

What is Github Secrets?

Secrets are essentially encrypted environment variables. Github Actions uses this variable within its workflows. Allows you to pass sensitive data. This data can be something like an API token, and/or any kind of information that is required for your application. The idea behind secrets, you can now pass this information through your CI/CD workflows, without having it easily readable within your yml file.

Types

Shhhhh, I got tell you a secret. There are two tpes of secrets, that can be utilized within Github. There are repository secrets and organizational secrets. The repository secret, is a secret that can only be used within the repository it’s set in. But what if you have a secret that needs to be access by multiple people within your organization? Well you geussed it, that’s what the organizational secret is for. Instead of being set within one repo, it can be access across your organization and multiple repositories, within Github.

Example

If we take a look at the final Github Action: Deploy, secrets/env variables can never be exposed to the public so in this process… The GitHub action is called -> Runs through the deploy script (to publish to github pages) -> It requires a secret/token (authorization to publish to this repo), and that’s where the secret token comes into play.

Setting Up an Encrypted Secret Within a Repo

  1. Navigate to the main page of your selected repository
  2. Click on the settings icon
  3. Click on Environments, which should be on the left panel
  4. Select which enironment you’d like to add a secret to.
  5. Click on Add secret
  6. Fill out the name
  7. Confirm your secret with the Add secret button

Setting Up an Encrypted Secret For an Organization

  1. Instead of navigating to the main page of the repo, go to the main page of your orgnaization
  2. Click on settings once again
  3. Click on Secrets
  4. Select New Orgnaization Secret
  5. Give it a name
  6. Give it a value
  7. Set the permissions through Rpository Access
  8. Select choose access policy
  9. Add the secret
Written on March 11, 2021