Hello, I have the same problem, and I don’t see the note that you’ve highlighted in your screenshot (e.g. for any repo of the pullpreview organization.

I also have the same issue. I successfully created a secret at the org level to see all private repositories called ACTION. When I go to print out the secret in the workflow (I am expecting to see ***), I see nothing. When I look at the string length it is 0.

- shell: bash
  env:
    SUPER_SECRET: ${{ secrets.ACTION }}
  run: |
    echo "$SUPER_SECRET"
    echo "${#SUPER_SECRET}"

I get the result:

echo “$SUPER_SECRET”

echo “${#SUPER_SECRET}”

shell: /bin/bash --noprofile --norc -e -o pipefail {0}

env:
pythonLocation: /opt/hostedtoolcache/Python/3.7.7/x64
SUPER_SECRET:

0

I see no documentation anywhere saying that this is not a free feature for private repos. Can anyone shed some light on this??

I am having the same issue. My private repository shows the organization level secret, not a disclaimer that they are not available.

You should see a message like this:

image830×165 45.1 KB

I don’t see that message, what I see is:

join.me_2020-06-26_15-08-081261×726 35.9 KB

@MarkStega Thanks for the screenshot! 🙇‍♂️ Checked some data on our side, and something does not work correctly. For reference, here is what you should see:

image1882×652 51.8 KB

I’ll look into this some more, we’ll fix this.

Our runs started failing recently, and after checking logs, we found out that all secrets are blank. This used to work earlier (i.e. org secrets were passed correctly into private repos), but now it doesn’t.

Why has this behaviour changed, why wasn’t it announced, and why isn’t it mentioned anywhere?
I see what @MarkStega sees as well:

image920×232 11.5 KB

This should be fixed now, you should correctly see a message indicating the private-repository behavior for organizations on a free plan.

I was just bitten by this. Even when the option to enable a secret for all private repos is disabled, there is an option to pick which repos a secret is for one by one, and private repos are shown there (and selectable). I assumed you still could pick private repos one by one if you can actually do it via the UI.

But then I also have the empty secret issue. If I go to the repo and define the same secret, I’m even told I’m overriding an organization secret, which I’m not apparently.

(another screenshot was here but apparently I can only embed one media since I’m a new user in the forums)

I understand the limitation but hopefully the UI can be improved to not offer enabling stuff that won’t work at all, it could save time and confusion to users :slight_smile:

The other image:

image1009×162 11.1 KB

What plan is needed to have organizational level secrets on a private repo?

A possible reason why you can't see Organization-level secrets is possibly because the Org secret was only allowed to be visible to certain repositories. You can make them available to selected repositories, or the organization as a whole:

This is also true for environments secrets