octokit · gr2m · Feb 26, 2021 · Feb 26, 2021 · Feb 26, 2021 · Feb 26, 2021
diff --git a/docs/actions/cancelWorkflowRun.md b/docs/actions/cancelWorkflowRun.md
@@ -37,6 +37,8 @@ octokit.actions.cancelWorkflowRun({
 </td></tr>
 <tr><td>run_id</td><td>yes</td><td>
 
+The id of the workflow run
+
 </td></tr>
   </tbody>
 </table>

diff --git a/docs/actions/createOrUpdateEnvironmentSecret.md b/docs/actions/createOrUpdateEnvironmentSecret.md
@@ -0,0 +1,131 @@
+---
+name: Create or update an environment secret
+example: octokit.actions.createOrUpdateEnvironmentSecret({ repository_id, environment_name, secret_name })
+route: PUT /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}
+scope: actions
+type: API method
+---
+
+# Create or update an environment secret
+
+Creates or updates an environment secret with an encrypted value. Encrypt your secret using
+[LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). You must authenticate using an access
+token with the `repo` scope to use this endpoint. GitHub Apps must have the `secrets` repository permission to use
+this endpoint.
+
+#### Example encrypting a secret using Node.js
+
+Encrypt your secret using the [tweetsodium](https://github.com/github/tweetsodium) library.
+
+```
+const sodium = require('tweetsodium');
+
+const key = "base64-encoded-public-key";
+const value = "plain-text-secret";
+
+// Convert the message and key to Uint8Array's (Buffer implements that interface)
+const messageBytes = Buffer.from(value);
+const keyBytes = Buffer.from(key, 'base64');
+
+// Encrypt using LibSodium.
+const encryptedBytes = sodium.seal(messageBytes, keyBytes);
+
+// Base64 the encrypted secret
+const encrypted = Buffer.from(encryptedBytes).toString('base64');
+
+console.log(encrypted);
+```
+
+#### Example encrypting a secret using Python
+
+Encrypt your secret using [pynacl](https://pynacl.readthedocs.io/en/stable/public/#nacl-public-sealedbox) with Python 3.
+
+```
+from base64 import b64encode
+from nacl import encoding, public
+
+def encrypt(public_key: str, secret_value: str) -> str:
+  """Encrypt a Unicode string using the public key."""
+  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
+  sealed_box = public.SealedBox(public_key)
+  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
+  return b64encode(encrypted).decode("utf-8")
+```
+
+#### Example encrypting a secret using C#
+
+Encrypt your secret using the [Sodium.Core](https://www.nuget.org/packages/Sodium.Core/) package.
+
+```
+var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
+var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");
+
+var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);
+
+Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));
+```
+
+#### Example encrypting a secret using Ruby
+
+Encrypt your secret using the [rbnacl](https://github.com/RubyCrypto/rbnacl) gem.
+
+```ruby
+require "rbnacl"
+require "base64"
+
+key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
+public_key = RbNaCl::PublicKey.new(key)
+
+box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
+encrypted_secret = box.encrypt("my_secret")
+
+# Print the base64 encoded secret
+puts Base64.strict_encode64(encrypted_secret)
+```
+
+```js
+octokit.actions.createOrUpdateEnvironmentSecret({
+  repository_id,
+  environment_name,
+  secret_name,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>repository_id</td><td>yes</td><td>
+
+</td></tr>
+<tr><td>environment_name</td><td>yes</td><td>
+
+The name of the environment
+
+</td></tr>
+<tr><td>secret_name</td><td>yes</td><td>
+
+secret_name parameter
+
+</td></tr>
+<tr><td>encrypted_value</td><td>no</td><td>
+
+Value for your secret, encrypted with [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages) using the public key retrieved from the [Get an environment public key](https://docs.github.com/rest/reference/actions#get-an-environment-public-key) endpoint.
+
+</td></tr>
+<tr><td>key_id</td><td>no</td><td>
+
+ID of the key you used to encrypt the secret.
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/actions#create-or-update-an-environment-secret).
diff --git a/docs/actions/deleteEnvironmentSecret.md b/docs/actions/deleteEnvironmentSecret.md
@@ -0,0 +1,48 @@
+---
+name: Delete an environment secret
+example: octokit.actions.deleteEnvironmentSecret({ repository_id, environment_name, secret_name })
+route: DELETE /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}
+scope: actions
+type: API method
+---
+
+# Delete an environment secret
+
+Deletes a secret in an environment using the secret name. You must authenticate using an access token with the `repo` scope to use this endpoint. GitHub Apps must have the `secrets` repository permission to use this endpoint.
+
+```js
+octokit.actions.deleteEnvironmentSecret({
+  repository_id,
+  environment_name,
+  secret_name,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>repository_id</td><td>yes</td><td>
+
+</td></tr>
+<tr><td>environment_name</td><td>yes</td><td>
+
+The name of the environment
+
+</td></tr>
+<tr><td>secret_name</td><td>yes</td><td>
+
+secret_name parameter
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/actions#delete-an-environment-secret).
diff --git a/docs/actions/deleteWorkflowRun.md b/docs/actions/deleteWorkflowRun.md
@@ -39,6 +39,8 @@ octokit.actions.deleteWorkflowRun({
 </td></tr>
 <tr><td>run_id</td><td>yes</td><td>
 
+The id of the workflow run
+
 </td></tr>
   </tbody>
 </table>

diff --git a/docs/actions/deleteWorkflowRunLogs.md b/docs/actions/deleteWorkflowRunLogs.md
@@ -37,6 +37,8 @@ octokit.actions.deleteWorkflowRunLogs({
 </td></tr>
 <tr><td>run_id</td><td>yes</td><td>
 
+The id of the workflow run
+
 </td></tr>
   </tbody>
 </table>

diff --git a/docs/actions/downloadWorkflowRunLogs.md b/docs/actions/downloadWorkflowRunLogs.md
@@ -40,6 +40,8 @@ octokit.actions.downloadWorkflowRunLogs({
 </td></tr>
 <tr><td>run_id</td><td>yes</td><td>
 
+The id of the workflow run
+
 </td></tr>
   </tbody>
 </table>

diff --git a/docs/actions/getEnvironmentPublicKey.md b/docs/actions/getEnvironmentPublicKey.md
@@ -0,0 +1,42 @@
+---
+name: Get an environment public key
+example: octokit.actions.getEnvironmentPublicKey({ repository_id, environment_name })
+route: GET /repositories/{repository_id}/environments/{environment_name}/secrets/public-key
+scope: actions
+type: API method
+---
+
+# Get an environment public key
+
+Get the public key for an environment, which you need to encrypt environment secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the `repo` scope. GitHub Apps must have the `secrets` repository permission to use this endpoint.
+
+```js
+octokit.actions.getEnvironmentPublicKey({
+  repository_id,
+  environment_name,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>repository_id</td><td>yes</td><td>
+
+</td></tr>
+<tr><td>environment_name</td><td>yes</td><td>
+
+The name of the environment
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/actions#get-an-environment-public-key).
diff --git a/docs/actions/getEnvironmentSecret.md b/docs/actions/getEnvironmentSecret.md
@@ -0,0 +1,48 @@
+---
+name: Get an environment secret
+example: octokit.actions.getEnvironmentSecret({ repository_id, environment_name, secret_name })
+route: GET /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}
+scope: actions
+type: API method
+---
+
+# Get an environment secret
+
+Gets a single environment secret without revealing its encrypted value. You must authenticate using an access token with the `repo` scope to use this endpoint. GitHub Apps must have the `secrets` repository permission to use this endpoint.
+
+```js
+octokit.actions.getEnvironmentSecret({
+  repository_id,
+  environment_name,
+  secret_name,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>repository_id</td><td>yes</td><td>
+
+</td></tr>
+<tr><td>environment_name</td><td>yes</td><td>
+
+The name of the environment
+
+</td></tr>
+<tr><td>secret_name</td><td>yes</td><td>
+
+secret_name parameter
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/actions#get-an-environment-secret).
diff --git a/docs/actions/getPendingDeploymentsForRun.md b/docs/actions/getPendingDeploymentsForRun.md
@@ -0,0 +1,48 @@
+---
+name: Get pending deployments for a workflow run
+example: octokit.actions.getPendingDeploymentsForRun({ owner, repo, run_id })
+route: GET /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments
+scope: actions
+type: API method
+---
+
+# Get pending deployments for a workflow run
+
+Get all deployment environments for a workflow run that are waiting for protection rules to pass.
+
+Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the `repo` scope. GitHub Apps must have the `actions:read` permission to use this endpoint.
+
+```js
+octokit.actions.getPendingDeploymentsForRun({
+  owner,
+  repo,
+  run_id,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>owner</td><td>yes</td><td>
+
+</td></tr>
+<tr><td>repo</td><td>yes</td><td>
+
+</td></tr>
+<tr><td>run_id</td><td>yes</td><td>
+
+The id of the workflow run
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/actions#get-pending-deployments-for-a-workflow-run).