GitHub action secrets CLI
⚠️ DEPRECATED: this project will not be longer maintained, instead, GitHub has published a gh cli to manage secrets among other features of its ecosystem.
GitHub actions secrets management CLI tool
Available in:
- Node (NPM registry): https://www.npmjs.com/package/@kijart/gh-secrets
- Node (GitHub registry): https://github.com/kijart/gh-secrets/packages
- Docker: https://hub.docker.com/r/kijart/gh-secrets
Features
Repository
- [x] List repository secrets
- [x] Get a repository secret
- [x] Create or update a repository secret
- [x] Create or update a batch of repository secrets
- [x] Delete a repository secret
Organization
- [x] List organization secrets
- [x] Get an organization secret
- [x] Create or update an organization secret
- [x] Create or update a batch of organization secrets
- [x] Delete an organization secret
- [ ] List selected repositories for an organization secret
- [ ] Set selected repositories for an organization secret
- [ ] Add selected repository to an organization secret
- [ ] Remove selected repository from an organization secret
Setup
- Generate a GitHub Personal Access Token
- select repo scope permissions to manage repositories level secrets
- select admin:org scope permissions to manage organization level secrets
- select repo, admin:org scope permissions to manage repositories and organization level secrets
- Save and update .gh-secrets file in the user home directory:
cp .gh-secrets.example $HOME/.gh-secrets
Usage
Usage: gh-secrets <command> [options] <url> [parameters]
Commands:
gh-secrets list <url> Lists all secrets available in a repository/organization without revealing their encrypted values
gh-secrets get <name> <url> Gets a single secret from a repository/organization without revealing its encrypted value
gh-secrets set <name> <value> <url> [--visibility all | private | selected] Creates or updates a secret in a repository/organization with an encrypted value
gh-secrets setAll <file> <url> [--visibility all | private | selected] Creates or updates a batch of secrets in a repository/organization with an encrypted values from a file
gh-secrets delete <name> <url> Deletes a secret in a repository/organization using the secret name
Options:
-h, --help Show help [boolean]
-v, --version Show version number [boolean]
Examples:
gh-secrets list https://github.com/owner/repository-name
gh-secrets get SECRET_NAME https://github.com/owner/repository-name
gh-secrets set SECRET_NAME value https://github.com/owner/repository-name
gh-secrets setAll secrets.env https://github.com/owner/repository-name
gh-secrets delete SECRET_NAME https://github.com/owner/repository-name
gh-secrets list https://github.com/owner
gh-secrets get SECRET_NAME https://github.com/owner
gh-secrets set SECRET_NAME value https://github.com/owner
gh-secrets set SECRET_NAME value https://github.com/owner --visibility all
gh-secrets set SECRET_NAME value https://github.com/owner --visibility private
gh-secrets set SECRET_NAME value https://github.com/owner --visibility selected
gh-secrets setAll secrets.env https://github.com/owner
gh-secrets setAll secrets.env https://github.com/owner --visibility all
gh-secrets setAll secrets.env https://github.com/owner --visibility private
gh-secrets setAll secrets.env https://github.com/owner --visibility selected
gh-secrets delete SECRET_NAME https://github.com/owner
Local
- Install gh-secrets globally:
npm install -g @kijart/gh-secrets
- Run examples:
- help:
gh-secrets -h
- list:
gh-secrets list https://github.com/owner/repository-name
- setAll:
gh-secrets setAll /app/secrets.env https://github.com/owner/repository-name
- help:
Docker
-
Build from source:
docker pull kijart/gh-secrets
-
Run examples:
-
help:
docker run --rm -it -v $HOME/.gh-secrets:/home/node/.gh-secrets gh-secrets -h
-
list:
docker run --rm -it -v $HOME/.gh-secrets:/home/node/.gh-secrets gh-secrets list https://github.com/owner/repository-name
-
setAll:
docker run --rm -it \ -v $HOME/.gh-secrets:/home/node/.gh-secrets \ -v $(pwd)/secrets.env:/app/secrets.env \ kijart/gh-secrets setAll /app/secrets.env https://github.com/owner/repository-name`
-
Docker Compose
- Build docker service:
docker-compose up --no-start
- Run examples:
- help:
docker-compose run --rm gh-secrets -h
- list:
docker-compose run --rm gh-secrets list https://github.com/owner/repository-name
- setAll:
docker-compose run --rm gh-secrets setAll secrets.env https://github.com/owner/repository-name
- help:
Install from source
- Install project dependencies:
npm install
- Install project binary globally:
npm install -g .
- Update $HOME/.gh-secrets content with valid values
- Run examples:
- help:
gh-secrets -h
- list:
gh-secrets list https://github.com/owner/repository-name
- setAll:
gh-secrets setAll /app/secrets.env https://github.com/owner/repository-name
- help: