Skip to main content

org_secrets

Overview

Nameorg_secrets
TypeResource
Idgithub.dependabot.org_secrets

Fields

NameDatatypeDescription
namestringThe name of the secret.
selected_repositories_urlstring
updated_atstring
visibilitystringVisibility of a secret
created_atstring

Methods

NameAccessible byRequired ParamsDescription
get_org_secretSELECTorg, secret_nameGets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.
list_org_secretsSELECTorgLists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.
create_or_update_org_secretINSERTorg, secret_name, data__visibilityCreates or updates an organization secret with an encrypted value. Encrypt your secret using
LibSodium. You must authenticate using an access
token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization
permission to use this endpoint.

#### Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

<br />const sodium = require('tweetsodium');<br /><br />const key = "base64-encoded-public-key";<br />const value = "plain-text-secret";<br /><br />// Convert the message and key to Uint8Array's (Buffer implements that interface)<br />const messageBytes = Buffer.from(value);<br />const keyBytes = Buffer.from(key, 'base64');<br /><br />// Encrypt using LibSodium.<br />const encryptedBytes = sodium.seal(messageBytes, keyBytes);<br /><br />// Base64 the encrypted secret<br />const encrypted = Buffer.from(encryptedBytes).toString('base64');<br /><br />console.log(encrypted);<br />


#### Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

<br />from base64 import b64encode<br />from nacl import encoding, public<br /><br />def encrypt(public_key: str, secret_value: str) -&gt; str:<br /> """Encrypt a Unicode string using the public key."""<br /> public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())<br /> sealed_box = public.SealedBox(public_key)<br /> encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))<br /> return b64encode(encrypted).decode("utf-8")<br />

#### Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

<br />var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");<br />var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");<br /><br />var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);<br /><br />Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));<br />

#### Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

ruby<br />require "rbnacl"<br />require "base64"<br /><br />key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")<br />public_key = RbNaCl::PublicKey.new(key)<br /><br />box = RbNaCl::Boxes::Sealed.from_public_key(public_key)<br />encrypted_secret = box.encrypt("my_secret")<br /><br /># Print the base64 encoded secret<br />puts Base64.strict_encode64(encrypted_secret)<br />
delete_org_secretDELETEorg, secret_nameDeletes a secret in an organization using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.