Reference An Encrypted Secret In An Action

CI environments like GitHub Actions want to help you keep your secrets secret. They allow you to store an encrypted version of a secret that can be access in an action.

First, you need to add an encrypted secret to your repository. Navigate to your repository's Settings page and then to the Secrets tab. You can then add the secret with the New repository secret button.

Once the secret is added, you can reference it in your actions.

Let's say you added your repository secret with the name MY_API_KEY. And then let's say that your project needs to be built with that API key available in the environment as SECRET_API_KEY. You can reference it from secrets in the env section.

  - name: Build the JS bundle
    run: yarn build
    env:
      SECRET_API_KEY: ${{ secrets.MY_API_KEY }}

Though this API key is stored on GitHub's servers as an encrypted value, it will be decrypted when this workflow step is run.

source

Last updated