How to Add GitHub Actions Secrets ?
Last Updated :
16 Apr, 2024
When it comes to safely managing sensitive data in your workflows—like access tokens, API keys, and other credentials—GitHub Actions secrets are essential. By using these tricks, you can securely access and save private information without exposing it to the source code of your repository. You may improve the security of your CI/CD pipelines and guarantee that confidential or sensitive data is kept safe during the development and deployment phases by making use of the secrets. We will go over how to add, manage, and use GitHub Actions secrets in this article to protect your projects and automate tasks to make your workflow more efficient. We can call and store the secrets in the pipeline by using the secrets. We can configure the secrets on GitHub by following the procedures listed below.
Steps To Configure Secrets in GitHub Actions
Step 1: Log in to the GitHub repository, click on the repository, and click on settings.
Step 2: Scrole down left side and click on secrets and variables and click on actions.
Step 3: Secret tokens and GitHub Actions
- In the left sidebar, select "Secrets."
- Click on the "New repository secret" button.
- Provide a name for your secret, such as "SERVICE_ACCOUNT_KEY."
- Paste the value of your secret into the "Value" field.
- Click on the "Add secret" button to save your new repository secret.
Step 4: GitHub Actions secret example
In this workflow, we are calling the secret SERVICE_ACCOUNT_KEY from the GitHub repository secrets. This key is crucial for authenticating with Google Cloud Platform (GCP) services during the CI/CD process. By referencing the secret directly within the workflow file, we ensure that sensitive credentials remain secure and inaccessible to unauthorized users. This practice adheres to best security practices and safeguards against potential security vulnerabilities.
name: <Respective name of cicd>
on:
push:
branches: [ <Branch Name> ]
jobs:
build-push-gcr:
name: Build and Push to GCP
runs-on: ubuntu-latest #Runner
env:
IMAGE_NAME: <Image-name>
PROJECT_ID: <Project-id>
steps:
#Checkout stage
- name: Checkout
uses: actions/checkout@v2
#Call the secert into action file
- uses: google-github-actions/setup-gcloud@v2
with:
service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }}
project_id: ${{ env.PROJECT_ID }}
export_default_credentials: true
- Secrets Setup: The
google-github-actions/setup-gcloud action is used to set up Google Cloud SDK. It requires access to the SERVICE_ACCOUNT_KEY secret, which contains the service account key JSON file necessary for authentication. - Accessing Secrets: The
service_account_key parameter of the setup-gcloud action fetches the secret value stored in the GitHub repository secrets. - Secret Management: Secrets like
SERVICE_ACCOUNT_KEY are stored securely in GitHub repository settings, ensuring that sensitive information is not exposed in the workflow file.
Step 5: Verify the console output of the github actions here the actions file calling the secrets from the secrets.
How To Log GitHub Actions Secret
We can utilize the env context to retrieve and publish the secret values in your workflow logs in order to log Git-Hub Actions secrets.
name: <Respective name of cicd>
on:
push:
branches: [main]
jobs:
log-secrets:
runs-on: ubuntu-latest
steps:
- name: Log GitHub Actions Secrets
env:
SECRET_USER: ${{ secrets.USER }}
SECRET_PASSW: ${{ secrets.PASSW }}
run: |
echo "Username: $SECRET_USER"
echo "Password: $SECRET_PASSW"
The echo command is being used to retrieve two secrets (USERNAME and PASSWORD) and print their respective values like here secrets and passwords.
GitHub Actions Secret Review
Enter into the your repositories on GitHub and select the "Settings" page in order to examine GitHub Actions secrets. Next, choose "Secrets" from the sidebar on the left. A list of all the secrets kept for your repository may be found here. Reviewing their names allows you to change or remove them as necessary. By following this step we can review the secret on github.
Conclusion
GitHub Actions secrets provide a strong way to handle private data safely in your processes. You may add, manage, and use secrets to protect your projects and expedite your automated processes with ease by following the instructions in this article. Do not forget to periodically evaluate your secrets to make sure that only individuals with permission can access private information. You can keep the integrity of your development and deployment workflows and improve the security of your CI/CD pipelines with Git-Hub Actions secrets. Uisng the above steps to configure the screts on github.
Similar Reads
How to Test GitHub Actions Before Merge?
GitHub Actions work as minor helpers, take care of tasks automatically whenever something goes wrong in your GitHub project. GitHub Actions could be likened as an ever-present friend who is ready to help anytime you need it. Consider how nice it would be to have your code automatically tested follow
6 min read
How to Run Bash Script in Github Actions ?
GitHub Actions are helpful resources for coding. They automate processes in your GitHub projects, save you time and effort. It is possible that GitHub Actions will automate the steps involved in testing, deploying, and alerting users of your code. Because you can configure them to run at specified t
5 min read
How do I use Docker with GitHub Actions?
Docker packages all the components required for software into containers, much like a recipe box. By automating chores in your development workflow, GitHub Actions serves as your personal chef. When combined, they optimize software development by effectively packaging applications and smoothly autom
5 min read
How to Delete GitHub Actions Cache ?
Resources or dependencies that you regularly utilize in your workflows can be temporarily stored in the GitHub Actions cache. The GitHub Actions the cache significantly speeds up the workflow execution by reuse these files and eliminate the need to rebuild dependencies or download them each time a p
5 min read
How to use AWS CLI in GitHub Actions ?
Through a command-line interface, Amazon offers a powerful tool called the Amazon Web Services Command Line Interface, or AWS CLI, which makes managing AWS resources easier. The importance of this is that it can simplify the process of utilizing AWS services straight from the terminal, removing the
4 min read
How to get Build Number in GitHub Actions ?
GitHub Actions is a powerful automation tool provided by GitHub, designed to streamline workflows and enhance collaboration among developers. It plays a vital role in CI/CD pipelines by automating tasks such as testing, building, and deploying software projects. With GitHub Actions, developers can d
5 min read
How to Run Python Script in GitHub Actions ?
A tool available on GitHub that can help you automate chores in your software projects is called GitHub Actions. It enables you to design workflows that, when executed automatically, carry out actions like as deploying, testing, and even sending out notifications. It basically works like a small rob
6 min read
How to Add SSH Key to Your GitHub Account?
An SSH (Secure Shell) key is a pair of cryptographic keys used for authenticating and securing network communications over the SSH protocol. SSH keys are commonly used to securely access remote systems, transfer files, and execute commands on remote machines without passwords. Components of an SSH K
3 min read
How to Skip a Job in GitHub Actions ?
With the help of GitHub Actions, developers can effectively automate a range of processes and workflows right within their repositories. You can develop, test, and publish your code using GitHub Actions without ever leaving the GitHub website. It provides an adaptable and configurable workflow frame
6 min read
How to Download GitHub Actions Artifacts
Whenever a workflow is executed, GitHub Actions provide artifacts that include useful outputs like build logs and results. Both automated and manual ways to download artifacts are addressed in this guide. Become familiar with the GitHub CLI and API to find artifacts quickly. Effective artifact manag
7 min read