If I install the GitHub CLI as part of the base image for a Codespace, I can use
gh on the command line without having to explicitly login due to Codespaces setting a default
GITHUB_TOKEN. Which is nice. However, I can’t use the
gh secret commands as that token does not have the necessary permissions.
This complicates some repo configuration automation that I would like to do (e.g. create the half-dozen or so repo-level secrets needed for CI/CD to work).
Is there a specific reason why the default
GITHUB_TOKEN does not have permission to manage repo secrets? The process of “logging out” (by unsetting the environment variable and then
gh auth login) in order to get a token with the right permissions is rather tedious.