Skip to content

jpoehnelt/secrets-sync-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

6c08766 · Mar 29, 2020

History

18 Commits
Mar 29, 2020
Mar 29, 2020
Mar 29, 2020
Mar 29, 2020
Mar 23, 2020
Mar 24, 2020
Mar 23, 2020
Mar 23, 2020
Mar 23, 2020
Mar 23, 2020
Mar 23, 2020
Mar 23, 2020
Mar 24, 2020
Mar 23, 2020
Mar 23, 2020
Mar 23, 2020
Mar 23, 2020

Repository files navigation

Secrets Sync Action

Build Release codecov GitHub contributors semantic-release

A Github Action that can sync secrets from one repository to many others. This action allows a maintainer to define and rotate secrets in a single repository and have them synced to all other repositories in the Github organization or beyond. Secrets do not need to be sensitive and could also be specific build settings that would apply to all repositories and become available to all actions. Regex is used to select the secrets and the repositories. Exclude is currently not supported and it is recommended to use a bot user if possible.

Inputs

github_token

Required Token to use to get repos and write secrets. ${{secrets.GITHUB_TOKEN}} will not work.

repositories

Required New line deliminated regex expressions to select repositories. Repositires are limited to those in whcich the token user is an owner or collaborator.

secrets

Required New line deliminated regex expressions to select values from process.env. Use the action env to pass secrets from the repository in which this action runs with the env attribute of the step.

dry_run

Run everything except for secret create and update functionality.

Usage

uses: google/[email protected]
  with:
    SECRETS: |
      ^FOO$
      ^GITHUB_.*
    REPOSITORIES: |
      ${{github.repository}}
    DRY_RUN: true
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN_SECRETS }}
  env:
    FOO: ${{github.run_id}}
    FOOBAR: BAZ

See the workflows in this repository for another example.