I am wondering how can I avoid having to set secrets in tens of repositories from multiple organizations that are calling one reusable workflow.
Mainly I just want to set the secrets inside the repository hosting the reusable workflow and not having to pass secrets when I call it. Obviously that this requires some kind of whilelisting of those allowed to call this workflow, otherwise anyone would be able to abuse it.
The use-case is very simple: posting a message for irc/matrix/slack/twitter. You do not want to configure secrets for each repository but you want to allow them to notify about new releases.
If we are expected to copy/paste secrets to tens if not hundreds of repositories in order to make it work it would effectively neuter the reusability part of them.