Where are github secrets stored?

Question

I'm on the CI part of the course

I'll start by saying all works well, and I could follow the process with ease. However, there something that works, and I cannot figure out how. Lets take this part of the main.yml file:

  - name: Log in to GitHub Packages
    run: echo ${GITHUB_TOKEN} | docker login -u ${GITHUB_ACTOR} --password-stdin docker.pkg.github.com
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

I have these params like GITHUB_ACTOR and GITHUB_TOKEN, that I didn't define as any part of my code, or write into a panel inside github. Are they automaticly filled in by github? If I change my token, will this code still work?

Thanks in advance

Answer 1

This is documented in " Automatic token authentication "

At the start of each workflow run, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow.
You can use the GITHUB_TOKEN to authenticate in a workflow run.

When you enable GitHub Actions, GitHub installs a GitHub App on your repository.
The GITHUB_TOKEN secret is a GitHub App installation access token. You can use the installation access token to authenticate on behalf of the GitHub App installed on your repository. The token's permissions are limited to the repository that contains your workflow

You have Default environment variables , including:

GITHUB_ACTOR : The name of the person or app that initiated the workflow.
For example, octocat .