Hello! This is one part question, but (I think) more a feature request.
I’ve had a lot of luck experimenting with GitHub Actions for a few things I’ve used other CI platforms for, but one thing I’ve run up against is (what I think) is the lack of an ability to centralize and share secrets. For example — I’d like to be able to set up credentials to push static assets to S3, but I’d like to be able to not have to potentially go to 20+ different repositories and add those secrets manually. Not only would that be tedious, it’d be difficult to swap them in a single swoop if necessary.
Perhaps it would be a feature that’d only make sense for Organizations (AKA every repository in an organization that meets X criteria will be able to tap into Y secrets) because that is a natural grouping.
The use case here isn’t just laziness. I have a scenario where a new repository can get programmatically created (like, say, with a CLI tool) by a user of the Organization, who will do some work that’d eventually get compiled and deployed as a static site. Ideally it wouldn’t be up to them to also then go put in the credentials every single time they create one.
But also happy to hear any suggestions of how to solve such a thing with the current offerings! Thank you!