Organization secrets showing up empty in private repo

Hi,

I am trying to use organization secret in my private organization repo. I am using the new free Team accounts. This secret is a Google cloud service account json file. It is around 2K size. I notice that these secrets are empty in GitHub actions during execution. This seems like a bug. Can you please fix this?

Regards,

Tamal

Hi @tamalsaha , 

I am sorry to tell you that using org-level secrets on a free plan, that secrets are not supported for private repos.  So it is not a bug. There should be some indicate in organization secrets tab and repo secrets tab. 

If you don’t see this notice in your org, please feel free to let me know. 

Hello, I have the same problem, and I don’t see the note that you’ve highlighted in your screenshot (e.g. for any repo of the pullpreview organization.

I also have the same issue. I successfully created a secret at the org level to see all private repositories called ACTION. When I go to print out the secret in the workflow (I am expecting to see ***), I see nothing. When I look at the string length it is 0.

- shell: bash
  env:
    SUPER_SECRET: ${{ secrets.ACTION }}
  run: |
    echo "$SUPER_SECRET"
    echo "${#SUPER_SECRET}"

I get the result:

echo “$SUPER_SECRET”

echo “${#SUPER_SECRET}”

shell: /bin/bash --noprofile --norc -e -o pipefail {0}

env:
pythonLocation: /opt/hostedtoolcache/Python/3.7.7/x64
SUPER_SECRET:

0

I see no documentation anywhere saying that this is not a free feature for private repos. Can anyone shed some light on this??

I am having the same issue. My private repository shows the organization level secret, not a disclaimer that they are not available.

You should see a message like this:

if your organization is on a free plan.

I don’t see that message, what I see is:

1 Like

@MarkStega Thanks for the screenshot! :bowing_man: Checked some data on our side, and something does not work correctly. For reference, here is what you should see:

I’ll look into this some more, we’ll fix this.

Our runs started failing recently, and after checking logs, we found out that all secrets are blank. This used to work earlier (i.e. org secrets were passed correctly into private repos), but now it doesn’t.

Why has this behaviour changed, why wasn’t it announced, and why isn’t it mentioned anywhere?
I see what @MarkStega sees as well:

This should be fixed now, you should correctly see a message indicating the private-repository behavior for organizations on a free plan.