When working with GitHub Actions, you may want to use private tokens or other types of credentials that shouldn't be exposed publicly. Secrets can resolve this by being able to store these credentials in GitHub.
To add a secret to a repo, in the Settings
tab, click on Secrets
. Then when one clicks on the "New Secret" button in the top right, it will present a form to add a new secret.
When you submit the secret, it then will be able to be used in your GitHub Actions.
Let's say we have to authenticate with a service like Netlify to deploy our site using their CLI, it requires a NETLIFY_AUTH_TOKEN
to be able to push the contents to their platform. If we have this token saved in the GitHub Actions Secrets store, we can then obtain it in our workflows as such:
steps:
- name: Deploy Site
env:
NETLIFY_AUTH_TOKEN: $
run: ntl deploy
As well, GitHub Actions Secrets can be uploaded, updated, or deleted through GitHub's API. For information on how to use the various endpoints, visit docs.github.com.