如何在 Github Actions 中设置秘密？

Question

The official boilerplate code injects the npm token as follows

NODE_AUTH_TOKEN: ${{secrets.npm_token}}

How do I access and set this variable? I cant find it in the GUI.

Answer 1

1. Go to your project in Github
2. Select the Settings tab
3. Click the Secrets section in the left hand menu
4. Add a new secret and provide a name (eg npm_token ) and a value.

Answer 2

In addition to the GUI, you now (January 2020) have a GitHub Actions API (!, still beta though), as announced here .

And it does include a GitHub Actions Secrets API :

Create or update an repository secret :

Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium.

You must authenticate using an access token with the admin:repo scope to use this endpoint.
GitHub Apps must have the secrets organization permission to use this endpoint.

 PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}

Get a repository secret

Gets a single secret without revealing its encrypted value.
Anyone with write access to the repository can use this endpoint.
GitHub Apps must have the secrets permission to use this endpoint.

 GET /repos/:owner/:repo/actions/secrets/:name

So the GUI is no longer the sole option: you can script and get/set an Actions secret through this new API.

Answer 3

This page is hard to find, but it exists in the official docs here: Creating and using secrets (encrypted variables) .

Copied from the docs below for convenience:

Secret names cannot include any spaces. To ensure that GitHub redacts your secret in logs, avoid using structured data as the values of secrets, like JSON or encoded Git blobs.

1. On GitHub, navigate to the main page of the repository.
2. Under your repository name, click Settings.
3. In the left sidebar, click Secrets.
4. Type a name for your secret in the "Name" input box.
5. Type the value for your secret.
6. Click Add secret.

The link above has a bit more info around using secrets as well.

Answer 4

I've created a simple CLI that can help you achieve that - https://github.com/unfor19/githubsecrets

This CLI is based on the official API. You can install it with pip or use Docker , read the README.md for more information