Organization secrets showing up empty in private repo #25428
-
Hi, I am trying to use organization secret in my private organization repo. I am using the new free Team accounts. This secret is a Google cloud service account json file. It is around 2K size. I notice that these secrets are empty in GitHub actions during execution. This seems like a bug. Can you please fix this? Regards, Tamal |
Beta Was this translation helpful? Give feedback.
Replies: 14 comments
-
Hi @tamalsaha , I am sorry to tell you that using org-level secrets on a free plan, that secrets are not supported for private repos. So it is not a bug. There should be some indicate in organization secrets tab and repo secrets tab. If you don’t see this notice in your org, please feel free to let me know. |
Beta Was this translation helpful? Give feedback.
-
Hello, I have the same problem, and I don’t see the note that you’ve highlighted in your screenshot (e.g. for any repo of the pullpreview organization. |
Beta Was this translation helpful? Give feedback.
-
I also have the same issue. I successfully created a secret at the org level to see all private repositories called ACTION. When I go to print out the secret in the workflow (I am expecting to see ***), I see nothing. When I look at the string length it is 0.
I get the result: echo “$SUPER_SECRET” echo “${#SUPER_SECRET}” shell: /bin/bash --noprofile --norc -e -o pipefail {0} env: 0 I see no documentation anywhere saying that this is not a free feature for private repos. Can anyone shed some light on this?? |
Beta Was this translation helpful? Give feedback.
-
I am having the same issue. My private repository shows the organization level secret, not a disclaimer that they are not available. |
Beta Was this translation helpful? Give feedback.
-
You should see a message like this: if your organization is on a free plan. |
Beta Was this translation helpful? Give feedback.
-
I don’t see that message, what I see is: |
Beta Was this translation helpful? Give feedback.
-
@MarkStega Thanks for the screenshot! 🙇♂️ Checked some data on our side, and something does not work correctly. For reference, here is what you should see: I’ll look into this some more, we’ll fix this. |
Beta Was this translation helpful? Give feedback.
-
Our runs started failing recently, and after checking logs, we found out that all secrets are blank. This used to work earlier (i.e. org secrets were passed correctly into private repos), but now it doesn’t. Why has this behaviour changed, why wasn’t it announced, and why isn’t it mentioned anywhere? |
Beta Was this translation helpful? Give feedback.
-
This should be fixed now, you should correctly see a message indicating the private-repository behavior for organizations on a free plan. |
Beta Was this translation helpful? Give feedback.
-
I was just bitten by this. Even when the option to enable a secret for all private repos is disabled, there is an option to pick which repos a secret is for one by one, and private repos are shown there (and selectable). I assumed you still could pick private repos one by one if you can actually do it via the UI. But then I also have the empty secret issue. If I go to the repo and define the same secret, I’m even told I’m overriding an organization secret, which I’m not apparently. (another screenshot was here but apparently I can only embed one media since I’m a new user in the forums) I understand the limitation but hopefully the UI can be improved to not offer enabling stuff that won’t work at all, it could save time and confusion to users :slight_smile: |
Beta Was this translation helpful? Give feedback.
-
The other image: |
Beta Was this translation helpful? Give feedback.
-
What plan is needed to have organizational level secrets on a private repo? |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
This is also true for environments secrets |
Beta Was this translation helpful? Give feedback.
Hi @tamalsaha ,
I am sorry to tell you that using org-level secrets on a free plan, that secrets are not supported for private repos. So it is not a bug. There should be some indicate in organization secrets tab and repo secrets tab.
If you don’t see this notice in your org, please feel free to let me know.