org_secrets
Overview
Name | org_secrets |
Type | Resource |
Id | github.dependabot.org_secrets |
Fields
Name | Datatype | Description |
---|---|---|
name | string | The name of the secret. |
selected_repositories_url | string | |
updated_at | string | |
visibility | string | Visibility of a secret |
created_at | string |
Methods
Name | Accessible by | Required Params | Description |
---|---|---|---|
get_org_secret | SELECT | org, secret_name | Gets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint. |
list_org_secrets | SELECT | org | Lists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint. |
create_or_update_org_secret | INSERT | org, secret_name, data__visibility | Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organizationpermission to use this endpoint. #### Example encrypting a secret using Node.js Encrypt your secret using the tweetsodium library. <br />const sodium = require('tweetsodium');<br /><br />const key = "base64-encoded-public-key";<br />const value = "plain-text-secret";<br /><br />// Convert the message and key to Uint8Array's (Buffer implements that interface)<br />const messageBytes = Buffer.from(value);<br />const keyBytes = Buffer.from(key, 'base64');<br /><br />// Encrypt using LibSodium.<br />const encryptedBytes = sodium.seal(messageBytes, keyBytes);<br /><br />// Base64 the encrypted secret<br />const encrypted = Buffer.from(encryptedBytes).toString('base64');<br /><br />console.log(encrypted);<br /> #### Example encrypting a secret using Python Encrypt your secret using pynacl with Python 3. <br />from base64 import b64encode<br />from nacl import encoding, public<br /><br />def encrypt(public_key: str, secret_value: str) -> str:<br /> """Encrypt a Unicode string using the public key."""<br /> public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())<br /> sealed_box = public.SealedBox(public_key)<br /> encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))<br /> return b64encode(encrypted).decode("utf-8")<br /> #### Example encrypting a secret using C# Encrypt your secret using the Sodium.Core package. <br />var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");<br />var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");<br /><br />var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);<br /><br />Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));<br /> #### Example encrypting a secret using Ruby Encrypt your secret using the rbnacl gem. ruby<br />require "rbnacl"<br />require "base64"<br /><br />key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")<br />public_key = RbNaCl::PublicKey.new(key)<br /><br />box = RbNaCl::Boxes::Sealed.from_public_key(public_key)<br />encrypted_secret = box.encrypt("my_secret")<br /><br /># Print the base64 encoded secret<br />puts Base64.strict_encode64(encrypted_secret)<br /> |
delete_org_secret | DELETE | org, secret_name | Deletes a secret in an organization using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint. |