Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.
Secrets allow you to store sensitive information, such as access tokens, in your repository. Now, you can easily share, update, and automatically sync secrets with multiple repositories by creating them at the organization level. This increases security for your organization by reducing manual duplication of secrets, and reduces the likelihood of workflow failure due to an out-of-date secret.
You can share organization secrets with the repositories you choose. This reduces duplication of secrets across repository settings, while allowing you to limit the exposure of the secret to just the repositories that require it.
You also have the option to share an organization secret with all repositories or all private repositories. When a new repository is added to the organization, it has access to any organization secret by default
Organization admins can update the value of organization secrets, as well as manage which repositories have access to that secret. When the admin rotates the secret, that secret automatically syncs with repositories that have access to it, making it easy to manage secrets used by multiple repositories in one place.
We’ve updated repository secrets as well, and repository owners can now update their values, too.
We’ve made organization secrets available for the GitHub Actions API, allowing partners to write integrations that automatically provision organization secrets.
Organization secrets can be shared with any public repository, and to private repositories within that organization that are part of a GitHub Team or Enterprise, or GitHub One plan.
Start your free trial for 30 days and increase your team’s collaboration. $21 per user/month after trial expires.
Curious about other plans?
With this version, customers can choose how to best scale their security strategy, gain more control over deployments, and so much more.
GitHub Actions now offers Arm-hosted runners with images built by Arm for developers to begin building on the latest and most sustainable processors on the market.
This partnership between GitHub and JFrog enables developers to manage code and binaries more efficiently on two of the most widely used developer platforms in the world.
Jennifer Schelkopf 
