Easily add a Secret to the GitHub workflow file.

Subeg Aryal
4 min readOct 1, 2020

Using GitHub Actions makes you feel like a programming super hero. But multiple times, for the security purposes, GitHub workflow file will strictly ask you a secret of the GitHub repository. We are creating a Secret in following 2 phases.

1 : Create a Personal Access Token.

2 : Use that token to create Secret.

Personal Access Token are created on your GitHub account level and can be used to create many Secrets over multiple repositories while Secrets are created at the your GitHub Repository level and can be used only inside the repositories.

This is what the GitHub says about Secret.

Secrets are encrypted environment variables that you create in a repository or organization. The secrets you create are available to use in GitHub Actions workflows.

Step : 1

Create a Personal Access Token.

To create a Secret, first you need to create a personal access token. This will be our first ship to voyage on. The steps to create these Personal Access Token are :

Step 1.1 :
Click on the avatar present at the right top of the page. And then click on Settings from the dropdown.

Step 1.2 :
Then click on the Developer settings on the bottom left of the page.

Step : 1.3
First click on Personal access tokens option. Now our 1st ship arrives the station. This is where you create the new personal token. Now click on the Generate new token button.

Step 1.4 :
Enter the token note in text and remember to Check the repo scope. Then scroll down at the bottom of the page where you will find the green Generate token button, don’t even wait a second to smash that button.

Step 1.5 :

You will see the page reloads and it will be your AHA!! moment as you will see a hash of the token in the page. Copy that hash immediately.

Step 2 :

Our first ship that was determined to create a token has gotten its destination. Now we start voyage of the second ship that is destined to find a secret for our repository which is our treasure to find. Here we go.

Step 2.1

Go to the you repository. There you will see the Settings tab on the center

Step 2.2

Find the Secrets settings on the left column. This is the harbour of our second ship. Then click on New secret button.

Step 2.3

Now provide Name to your secret, which is of utmost significance to us. Then paste the hash of the token that we created at the step 1.5 to the Value of the secret. Then, it’s time to hit that Add green button again. Such a pleasure.

Step 2.4

This is last part of all the steps. Yeah , finally !! You will find the list of the secrets you created . AHA!! Second ship could now rest too. We have found our secret treasure.

Now you have a ready secret and you can use it in your workflow file like below snippet at the last line.

That’s it.
It’s an article on secrets doesn’t mean the article itself should be a secret, hey feel free to share this !!
Thank you.

--

--

Subeg Aryal

Transforming words into code and sharing the code of words