programatically-create-delete-update-github-repository-secrets
- Personal Access Token (PAT) is the recommended way to authenticate. In this demo PAT is USED.
- You can generate a new one from Github settings
- You need to encrypt a secret before you can create or update secrets.
-
First this will execute the
get_repository_public_key.pypython programto get the Organization public key and public key id- This public key is required and used for encryption of secret
- This public key id is required at time of creation or updation of secret
Reference: get-a-repository-public-key -
Then the
python programencrypt_using_libnaclthis uses the public key from step 1 and encrypts the secret using the prefered method by GitHub.Reference: create-or-update-a-repository-secret- Reference used for encryption : example-encrypting-a-secret-using-python
-
Then
Python programcreate_or_update_repo_secretis used to take the public key id from above step and encrypted secret value to create or update the secret.
| status code | operation |
|---|---|
| 201 | Response when creating a repository secret |
| 204 | Response when updating a secret repository secret |
| input name | description |
|---|---|
| organization | name of github organization |
| repository_name | name of github repo where secret need to be created |
| secret_name | organization Secret name |
| secret_value | Secret value |
- This runs the
python programdelete_repo_secret.pywhich takes 3 inputs from github workflow
- organization name
- repository name
- secret name
- Then deletes the secret
| input | description |
|---|---|
| organization | GitHub Organization name |
| repository_name | name of github repo where secret need to be created |
| secret_name | Secert to be deleted |