Keep your secrets synced across multiple repositories with organization secrets
Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.
Secrets allow you to store sensitive information, such as access tokens, in your repository. Now, you can easily share, update, and automatically sync secrets with multiple repositories by creating them at the organization level. This increases security for your organization by reducing manual duplication of secrets, and reduces the likelihood of workflow failure due to an out-of-date secret.
Creating and sharing organization secrets
You can share organization secrets with the repositories you choose. This reduces duplication of secrets across repository settings, while allowing you to limit the exposure of the secret to just the repositories that require it.
You also have the option to share an organization secret with all repositories or all private repositories. When a new repository is added to the organization, it has access to any organization secret by default
Updating secrets
Organization admins can update the value of organization secrets, as well as manage which repositories have access to that secret. When the admin rotates the secret, that secret automatically syncs with repositories that have access to it, making it easy to manage secrets used by multiple repositories in one place.
We’ve updated repository secrets as well, and repository owners can now update their values, too.
Programmatically managing secrets through the GitHub Actions API
We’ve made organization secrets available for the GitHub Actions API, allowing partners to write integrations that automatically provision organization secrets.
Organization secrets can be shared with any public repository, and to private repositories within that organization that are part of a GitHub Team or Enterprise, or GitHub One plan.
Learn more about organization secrets
Tags:
Written by
Related posts
Enhance build security and reach SLSA Level 3 with GitHub Artifact Attestations
Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.
Streamlining your MLOps pipeline with GitHub Actions and Arm64 runners
Explore how Arm’s optimized performance and cost-efficient architecture, coupled with PyTorch, can enhance machine learning operations, from model training to deployment and learn how to leverage CI/CD for machine learning workflows, while reducing time, cost, and errors in the process.
GitHub Enterprise: The best migration path from AWS CodeCommit
AWS CodeCommit is discontinuing new customer access and will no longer introduce new features. Learn how to migrate to GitHub Enterprise and why it’s the best option for you.