Secrets on Team and Organization level

Yes, it’s being worked on now.

16 Likes

I trust this thread will be updated once it is available?

2 Likes

Please update this thread once is done. Thank you so much.

1 Like

You could consider adopting terraform to manage secretes across multiple repositories:

https://www.terraform.io/docs/providers/github/r/actions_secret.html

Looks like it’s completed from an API perspective!

https://developer.github.com/v3/actions/secrets/

1 Like

Not only API, it’s available already:

2 Likes

Awesome! I’ve been waiting for this, no more remembering to update the same secret in multiple repositories!

Here’s the changelog blog post on it: https://github.blog/changelog/2020-05-14-organization-secrets/

And the help docs: https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-an-organization

Organization level secrets are now available. Take a look at the changelog for more info: https://github.blog/changelog/2020-05-14-organization-secrets/. :partying_face:

8 Likes

That’s great news! 

Is there any updates in terms of the other part of this thread subject? Which is the Team level secrets. Where secrets could be asigned to teams to control secret usage throughout different teams in the organization?

Here is a quote from ealier in this thread of a use case about what I mean:

“We would like to be able to set Secrets at a Team level to be able to protect the usage of those secrets. When running an action for deployment to Production, we could have our ProdOps Team be the only ones to successfully run the production deployment workflow. We would like to protect our secrets through Team ownership.”

2 Likes

We plan to enable that scenario, but it’s a different set of work.

5 Likes

You gotta love how GitHub responds to user feedback. This is a great addition, thanks GitHub staff!

1 Like

Limiting to paid plans seems punitive.

@mscoutermarshAny updates as to when this is expected to actually work? I see documentation, and I see the Secrets tab, but no secrets actually end up in my Actions Workflows.

1 Like

I am facing the same issue. I am the project owner and set org secrets to all repositories, but org level secrets are not propograting to actions. Any advice would be much appreciated.

Has anyone tested the org secrets succesfully?
I tried using them but the workflow seems to be unable to access them, in the repo secrets they appear correctly, but the workflow is unable to retrieve them.

Not sure if there is a way to contact support or something to check on this.

1 Like

I’m having the same issue as well. Added secrets in org level but when echoing out the value, its empty

3 Likes

I am using org secret but those secret do not appear on the runner. I am using self-host. Does it related?

We’re seeing the same issue where organisation secrets are not accessible from private repos, but overriding them in the repo itself does seem to work.

I also remember organisational secrets being a paid feature, but I could not find any reference to that anymore. But it could explain why secrets are not being passed.

Yes, org secrets for private repos are a paid feature, you should see a message indicating that on the organization secrets settings page and when editing a secret.