Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rennf93/github-actions-secrets-mgmt

This is a tool to manage and automate GitHub Actions Secrets modifications.
https://github.com/rennf93/github-actions-secrets-mgmt

security-automation

Last synced: 2 months ago
JSON representation

This is a tool to manage and automate GitHub Actions Secrets modifications.

Host: GitHub
URL: https://github.com/rennf93/github-actions-secrets-mgmt
Owner: rennf93
License: mit
Created: 2024-07-01T11:20:03.000Z (7 months ago)
Default Branch: master
Last Pushed: 2024-09-09T09:07:39.000Z (5 months ago)
Last Synced: 2024-09-09T10:57:47.525Z (5 months ago)
Topics: security-automation
Language: Python
Homepage:
Size: 84 KB
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # github-actions-secrets-mgmt

This Actions project provides a tool to manage GitHub Actions secrets programmatically.

---

## Features

- Retrieve environment variables

- Generate authentication headers

- Retrieve public key details from GitHub

- Encrypt secrets using NaCl

- Save secrets to GitHub Actions

---

## Requirements

- Python 3.11+

- `requests` library

- `PyNaCl` library

---

## Usage

```yaml

- name: Create or update Github Actions secret

  uses: rennf93/[email protected]

  with:

    OWNER: 

    REPOSITORY: 

    ACCESS_TOKEN: 

    SECRET_NAME: 

    SECRET_VALUE: 

```

where

`OWNER` is the owner of the repository where the secret is to be created or updated. Required.

`REPOSITORY` is the name of the respository where the secret is to be created or updated. Required.

`ACCESS_TOKEN` is the personal access token (PAT) to use for authentication against the repository where the secret is stored. Using `secrets.GIHUB_TOKEN` will not work. Follow steps [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to create one if you dont already have one. Besure to allow the token to be used to read user public keys.

Required:

![permission](permission.png)

`SECRET_NAME` is the name of the secret to be created or updated. Required.

`SECRET_VALUE` is value the secret should be set to. Optional. This should be an output from a previous step or job. For reference: [here](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs)

To view the newly created secret, navigate to settings >> secrets >> actions in the Github repository portal.

---

## References

1. [Create personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens)

1. [Get repository public key](https://docs.github.com/en/rest/actions/secrets#get-a-repository-public-key)

1. [Create or update a repository secret

](https://docs.github.com/en/rest/actions/secrets#create-or-update-a-repository-secret)

1. [Custom actions](https://docs.github.com/en/actions/creating-actions/about-custom-actions)

![Custom Badge](https://rennf93.github.io/project-assets/images/rf-icon.png)