LinuxCommandLibrary

gh-secret-set

Set GitHub Actions secrets

TLDR

Set a secret for the current repository (user will be prompted for the value)

$ gh secret set [name]
copy

Set a secret from a file for the current repository
$ gh secret set [name] < [path/to/file]
copy

Set a secret for a specific repository
$ gh secret set [name] [[-b|--body]] [value] [[-R|--repo]] [owner]/[repository]
copy

Set an organization secret for specific repositories
$ gh secret set [name] [[-o|--org]] [organization] [[-r|--repos]] "[repository1,repository2,...]"
copy

Set an organization secret with a specific visibility
$ gh secret set [name] [[-o|--org]] [organization] [[-v|--visibility]] [all|private|selected]
copy

SYNOPSIS

gh secret set [flags]

PARAMETERS


    The name of the secret to create or update.

-b, --body
    The value of the secret from command line.

-e, --env
    Set the secret for an environment. Use "" to disable environments usage.

-f, --file
    Read secret value from file. Set to - to read from stdin.

-o, --org
    Set the secret for an organization.

-r, --repo
    Set the secret for a repository. Defaults to current repository.

DESCRIPTION

The `gh-secret-set` command, part of the GitHub CLI (`gh`), allows you to manage GitHub Actions secrets for repositories, organizations, or environments directly from your terminal. It simplifies the process of adding or updating secrets without navigating the GitHub web interface.

This is especially useful for automating deployment workflows and managing sensitive information used in your CI/CD pipelines. You can provide the secret value directly as an argument, read it from a file, or pipe it from standard input. The command automatically encrypts the secret before storing it on GitHub, ensuring security.

CAVEATS

The user needs to be authenticated to GitHub with sufficient permissions (write access to the repository or organization) to set secrets. The CLI requires the `gh` command line tool to be installed and configured.

EXAMPLES

Set a repository secret from command line:
`gh secret set MY_SECRET -b "secret_value"`

Set a secret from standard input:
`cat secret.txt | gh secret set MY_SECRET -f -`

Set a secret for a specific environment:
`gh secret set MY_SECRET -e production -b "production_secret"`

Set an organization secret:
`gh secret set MY_SECRET -o my-org -b "org_secret"`

SEE ALSO

gh(1), gh secret list(1), gh secret delete(1)

Copied to clipboard