How to use the command 'gh secret set' (with examples)
The ‘gh secret set’ command is used to create or update GitHub secrets. This command allows you to securely store sensitive information, such as API keys or access tokens, as encrypted secrets in your GitHub repository. Secrets can be set for the current repository, a specific repository, or for an organization.
Use case 1: Set a secret for the current repository (user will be prompted for the value)
Code:
gh secret set NAME
Motivation: This use case is useful when you want to store a secret value in the current repository. For example, you may want to store an API key that is required for your application to function properly.
Explanation:
- ‘NAME’: The name of the secret to set.
Example output:
? Value for NAME: [prompt to enter the secret value]
Use case 2: Set a secret from a file for the current repository
Code:
gh secret set NAME < path/to/file
Motivation: Sometimes you may have your secret value stored in a file. This use case allows you to read the value from a file and set it as a secret in the current repository.
Explanation:
- ‘NAME’: The name of the secret to set.
- ‘path/to/file’: The file path containing the secret value.
Example output:
# No specific output, the secret value from the file is set as the secret for the repository.
Use case 3: Set a secret for a specific repository
Code:
gh secret set NAME --body VALUE --repo OWNER/REPOSITORY
Motivation: If you want to set a secret for a specific repository, this use case comes in handy. For instance, you may be working on a project where multiple repositories are involved, and you need to set a secret for just one of them.
Explanation:
- ‘NAME’: The name of the secret to set.
- ‘–body VALUE’: The value to be set as the secret.
- ‘–repo OWNER/REPOSITORY’: The repository where the secret should be set.
Example output:
# No specific output, the secret value is set for the specified repository.
Use case 4: Set organization secret for specific repositories
Code:
gh secret set NAME --org ORGANIZATION --repos "REPOSITORY1,REPOSITORY2,..."
Motivation: This use case is useful when you have multiple repositories in an organization, and you want to set the same secret value for multiple repositories.
Explanation:
- ‘NAME’: The name of the secret to set.
- ‘–org ORGANIZATION’: The name of the organization where the repositories exist.
- ‘–repos “REPOSITORY1,REPOSITORY2,…”’: The list of repositories where the secret should be set. Multiple repositories should be separated by commas.
Example output:
# No specific output, the secret value is set for the specified repositories in the organization.
Use case 5: Set organization secret with a specific visibility
Code:
gh secret set NAME --org ORGANIZATION --visibility all|private|selected
Motivation: If you want to set an organization secret with a specific visibility, this use case is helpful. You can set the visibility of the secret to be accessible by all repositories, private repositories only, or selected repositories within the organization.
Explanation:
- ‘NAME’: The name of the secret to set.
- ‘–org ORGANIZATION’: The name of the organization where the secret should be set.
- ‘–visibility all|private|selected’: The visibility setting for the secret. ‘all’ means the secret is accessible by all repositories, ‘private’ means it is accessible by private repositories only, and ‘selected’ means it is accessible by selected repositories within the organization.
Example output:
# No specific output, the secret value is set with the specified visibility for the organization.
Conclusion:
The ‘gh secret set’ command is a powerful tool for managing GitHub secrets. It allows you to securely store sensitive information and control access to these secrets based on your needs. By following the provided examples, you can easily create and update secrets for repositories and organizations, ensuring the security and integrity of your projects.
