Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/rennf93/github-actions-secrets-mgmt

This is a tool to manage and automate GitHub Actions Secrets modifications.
https://github.com/rennf93/github-actions-secrets-mgmt

security-automation

Last synced: 3 months ago
JSON representation

This is a tool to manage and automate GitHub Actions Secrets modifications.

Awesome Lists containing this project

README 

        
# github-actions-secrets-mgmt



This Actions project provides a tool to manage GitHub Actions secrets programmatically.



---

## Features

- Retrieve environment variables

- Generate authentication headers

- Retrieve public key details from GitHub

- Encrypt secrets using NaCl

- Save secrets to GitHub Actions



---

## Requirements

- Python 3.11+

- `requests` library

- `PyNaCl` library



---

## Usage



```yaml

- name: Create or update Github Actions secret

  uses: rennf93/[email protected]

  with:

    OWNER: 

    REPOSITORY: 

    ACCESS_TOKEN: 

    SECRET_NAME: 

    SECRET_VALUE: 

```



where



`OWNER` is the owner of the repository where the secret is to be created or updated. Required.



`REPOSITORY` is the name of the respository where the secret is to be created or updated. Required.



`ACCESS_TOKEN` is the personal access token (PAT) to use for authentication against the repository where the secret is stored. Using `secrets.GIHUB_TOKEN` [will not work](https://github.com/orgs/community/discussions/12424). Follow steps [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to create one if you dont already have one. Besure to allow the token to be used to read user public keys.



Required:

![permission](permission.png)



`SECRET_NAME` is the name of the secret to be created or updated. Required.



`SECRET_VALUE` is value the secret should be set to. Optional. This should be an output from a previous step or job. For reference: [here](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs)



To view the newly created secret, navigate to settings >> secrets >> actions in the Github repository portal.



---

## References



1. [Create personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens)

1. [Get repository public key](https://docs.github.com/en/rest/actions/secrets#get-a-repository-public-key)

1. [Create or update a repository secret

](https://docs.github.com/en/rest/actions/secrets#create-or-update-a-repository-secret)

1. [Custom actions](https://docs.github.com/en/actions/creating-actions/about-custom-actions)



![Custom Badge](https://rennf93.github.io/project-assets/images/rf-icon.png)