I know I can use curl to list the secrets of a repo via curl like so:
curl -H "Accept: application/vnd.github.v3 json" \
-H "Authorization: token [personal access token]" \
https://api.github.com/repos/[user]/[repo]/actions/secrets
This returns something like this:
{
"total_count": 1,
"secrets": [
{
"name": "A_TEST_SECRET",
"created_at": "2022-04-14T13:12:22Z",
"updated_at": "2022-04-14T13:12:22Z"
}
]
}
But is it somehow possible to also retrieve the secret's value?
My use case is this:
I have a step in a Github Actions workflow that uses a secret and needs to be executed before I can run my build
step, which just contains a script to run.
Now sometimes I want to also run my buildscript on my local machine, but to do that I also need to run the step before it, which needs the secret. Is there any way I can retrieve the secret's value to a local machine from Github to do that?
CodePudding user response:
As stated by Github Partner brightran on this Github Community Thread:
We have no safe way to fetch the values of secrets, and actually it is not recommended to try fetching and sharing the secrets.
He also shared in that post two ways to use the repository secrets in the source code files of your project when you build the project in the workflow runs, maybe you can try them with your buildscript in a Github Actions workflow that could be triggered manually (using a workflow_dispatch event, for example).