Dependabot Secrets Sync

Sync secrets from GitHub Actions to Dependabot.

Usage

Create a workflow (eg: .github/workflows/dependabot-secrets-sync). See Creating a Workflow file.

PAT(Personal Access Token)

You will need to create a PAT(Personal Access Token) that has repo access.

click here to create PAT

Add this PAT as a secret so we can use it as input github-token, see Creating encrypted secrets for a repository.

Organizations

If your organization has SAML enabled you must authorize the PAT, see Authorizing a personal access token for use with SAML single sign-on.

Important

You must pass all secrets to the action via the SECRETS environment variable!

        env:
          SECRETS: ${{ toJson(secrets) }} # IMPORTANT: pass all secrets to the action

Example

name: Usage
on:
  schedule:
    - cron: "0 0 * * *" # every day at midnight

jobs:
  run:
    runs-on: ubuntu-latest
    steps:
      - uses: austenstone/dependabot-secrets-sync@main
        with:
          github-token: ${{ secrets.TOKEN }}
        env:
          SECRETS: ${{ toJson(secrets) }} # IMPORTANT: pass all secrets to the action

Example Include List

        with:
          secrets-include: |
            MY_SECRET
            MY_OTHER_SECRET

Example Exclude List

        with:
          secrets-exclude: |
            SUPER_SECRET
            SUPER_OTHER_SECRET

Example Organization

        with:
          github-token: ${{ secrets.TOKEN }}
          organization: my-org
          secrets-exclude: |
            SUPER_SECRET

Example Organization select repos

        with:
          organization: my-org
          visibility: selected
          visibility-repos: |
            my-repo
            my-other-repo

➡️ Inputs

Various inputs are defined in action.yml:

Name	Description	Default
github-token	The GitHub token used to create an authenticated client	${{ github.token }}
organization	Optional organization to run the workflow on.
owner	Optional repository owner to run the workflow on.	${{ github.repository_owner }}
repo	Optional repository name to run the workflow on.	${{ github.repository }}
secrets-include	Optional list of secrets to include in the action payload.
secrets-exclude	Optional list of secrets to exclude from the action payload.
visibility	When using organization secrets. all, private, or selected	private
visibility-repos	When using organization secrets. List of repositories to share the secret with.

Further help

To get more help on the Actions see documentation.

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
.github		.github
dist		dist
src		src
tests		tests
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
action.yml		action.yml
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Dependabot Secrets Sync

Usage

PAT(Personal Access Token)

Organizations

Example

Example Include List

Example Exclude List

Example Organization

Example Organization select repos

➡️ Inputs

Further help

About

Releases 3

Sponsor this project

Packages

Languages

License

austenstone/dependabot-secrets-sync

Folders and files

Latest commit

History

Repository files navigation

Dependabot Secrets Sync

Usage

PAT(Personal Access Token)

Organizations

Example

Example Include List

Example Exclude List

Example Organization

Example Organization select repos

➡️ Inputs

Further help

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases 3

Sponsor this project

Packages 0

Languages

Packages