https://github.com/math280h/validate-secrets-action
Validate variables and secrets inside github actions workflows using the Github API.
https://github.com/math280h/validate-secrets-action
Last synced: 12 months ago
JSON representation
Validate variables and secrets inside github actions workflows using the Github API.
- Host: GitHub
- URL: https://github.com/math280h/validate-secrets-action
- Owner: math280h
- License: mit
- Created: 2024-02-24T23:24:55.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-06-04T17:59:58.000Z (about 2 years ago)
- Last Synced: 2025-07-01T05:11:41.376Z (about 1 year ago)
- Language: JavaScript
- Homepage:
- Size: 79.1 KB
- Stars: 1
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# validate-secrets-action
Validate variables and secrets inside github actions workflows using the Github API.
The action can check repository secrets/vars, environment secrets/vars and organization secrets/vars given the right permissions on the GH Token.
## Usage/Examples
For this to work, you must create a token with the following permissions:

To enable organization level checks, you must also give the token access to read organization level secrets
The action will be marked as failed if any of the secrets or vars in the files being checked is missing.
```yml
on: [push]
jobs:
hello_world_job:
runs-on: ubuntu-latest
name: Validate secrets in the repository
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install npm package
run: npm install
- name: Test the action
id: test
uses: ./
with:
files: |-
test.yaml
gh_token: ${{ secrets.SECRET_VALIDATION_TOKEN }}
verbose: "true"
- name: Test secret exists
run: echo ${{ secrets.TEST_SECRET }}
- name: Test secret does not exist
run: echo ${{ secrets.TEST_SECRET_2 }}
- name: Test var exists
run: echo ${{ vars.TEST_VAR }}
- name: Test var does not exist
run: echo ${{ vars.TEST_VAR_2 }}
```