I worked on an Action to rotate AWS access keys that are stored as secrets in my repository. To my dismay, it fails at the point of accessing the public key required to encrypt the new values with the dreaded
Resource not accessible by integration
Are there plans to allow Actions to update secrets? I know i can create a personal access token, but that seems like a bad hack.
Solved! Solved! Go to Solution.
Using the GitHub API, you can currently update a secret: https://developer.github.com/v3/actions/secrets/#create-or-update-a-secret-for-a-repository
Note that this GitHub Actions API is currently in Public Beta and could change without warning.
Right, that seems like it's by design. It does not make much sense from a security standpoint to allow a GitHub action itself to have the power to update, delete, or add GitHub secrets. I think the only way for this to occur is to use a Personal Access Token (which I think is how you access pretty much all of the GitHub API).