How to see my git secrets?

Background

I had some secrets in my code and upon learning about GitHub Actions I decided to save them in the repositories secret menu for later use in my pipeline.

Problem

However, now I need to access this secrets to develop a new feature and I can’t. Every time I try to see the value it asks me to update the secrets. I dont want to update anything I just want to see their values.

Question

How can i see the unencrypted values of my secrets in the project?

@fl4m3ph03n1x,

I recommend that you should avoid trying to output the values of repository secrets in the workflow runs. This may lead to the risk that the secrets are leaked.
When you try to print secrets to the log, GitHub automatically redacts secrets printed to the log, the values of the secrets will be masked and displayed as “***”.

If you want to use the repository secrets in the source code files of your project when you build the project in the workflow runs, maybe you can try the following methods.

  1. If the source code files can recognize and access the system environment variables, you can set the secrets as environment variables on the runner machine.
    In the workflow files, you can use the 'env’ key to set the environment variables.
env:
  ENV_VAR_NAME: ${{ secrets.SECRET_NAME }}

In the source code files, use the appropriate expressions to access environment variables. The expressions may be different between different types of the files. The expressions may include “${ENV_VAR_NAME}”, “$ENV_VAR_NAME”, “$env:ENV_VAR_NAME”, etc…

  1. If the source code files can’t recognize the mapped system environment variables, you can use the command (such as ‘sed’) to directly replace the expressions in the source code files with the value of the environment variables.
    For example:
sed -i 's/${PKG_VERSION}/${{ env.PKG_VERSION }}/g' package.json

Below is a simple example that is applying both of the above two methods.



1 Like

Thank you for your response.

My app can read the secrets from environment variables and is indeed doing so. My question is more aimed at “How can I, a human being, see the secrets I saved earlier?” Is this even possible?

Let’s say I need to show someone the content of these secrets, how can I do it?

@fl4m3ph03n1x,

We have no safe way to fetch the values of secrets, and actually it is not recommended to try fetching and sharing the secrets.