Keep your secrets synced across multiple repositories with organization secrets
Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.
Secrets allow you to store sensitive information, such as access tokens, in your repository. Now, you can easily share, update, and automatically sync secrets with multiple repositories by creating them at the organization level. This increases security for your organization by reducing manual duplication of secrets, and reduces the likelihood of workflow failure due to an out-of-date secret.
Creating and sharing organization secrets
You can share organization secrets with the repositories you choose. This reduces duplication of secrets across repository settings, while allowing you to limit the exposure of the secret to just the repositories that require it.
You also have the option to share an organization secret with all repositories or all private repositories. When a new repository is added to the organization, it has access to any organization secret by default
Updating secrets
Organization admins can update the value of organization secrets, as well as manage which repositories have access to that secret. When the admin rotates the secret, that secret automatically syncs with repositories that have access to it, making it easy to manage secrets used by multiple repositories in one place.
We’ve updated repository secrets as well, and repository owners can now update their values, too.
Programmatically managing secrets through the GitHub Actions API
We’ve made organization secrets available for the GitHub Actions API, allowing partners to write integrations that automatically provision organization secrets.
Organization secrets can be shared with any public repository, and to private repositories within that organization that are part of a GitHub Team or Enterprise, or GitHub One plan.
Learn more about organization secrets
Tags:
Written by
Related posts
GitHub Actions, Arm64, and the future of automotive software development
Learn how GitHub’s Enterprise Cloud, GitHub Actions, and Arm’s latest Automotive Enhanced processors, work together to usher in a new era of efficient, scalable, and flexible automotive software creation.
The architecture of SAST tools: An explainer for developers
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let’s explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.