CLI tool to update GitHub repository secrets.
Project description
GitHub Secret Updater
Background
Managing secrets in GitHub repositories is crucial for maintaining security in CI/CD pipelines. This script automates the process of updating secrets in GitHub repositories using GitHub API.
What is the Script?
This script allows you to update GitHub secrets either by specifying individual secret names and values or by reading from an environment file (.env). It fetches the public key for the repository, encrypts the secret using the public key, and then updates the secret in the repository.
Usage
Prerequisites
- Python installed on your machine
- Required Python packages:
argparse,requests,pynacl - GitHub personal access token with appropriate permissions
Installation
-
Install the required Python packages:
pip install requests pynacl
-
Save the script to a file, for example,
update_github_secrets.py.
Command Line Arguments
--secret: Name of the secret to update--value: Value of the secret to update--repo: Name of the repository (in the formatowner/repo)--token: GitHub token (can also be set as an environment variableGH_TOKEN)--env-file: Path to the environment file containing secrets (recommended filename:.env)
Examples
Update a Single Secret
To update a single secret:
python update_github_secrets.py --secret SECRET_NAME --value SECRET_VALUE --repo owner/repo --token YOUR_GITHUB_TOKEN
To update a set of secrets from an environment file:
python update_github_secrets.py --env-file .env --repo owner/repo --token YOUR_GITHUB_TOKEN
The env file should contain the secrets in the formats
SECRET_NAME=SECRET_VALUE
or
export SECRET_NAME="SECRET_VALUE"
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file secret-updater-0.1.0.tar.gz.
File metadata
- Download URL: secret-updater-0.1.0.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.0.1 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5b98d070d1a16f3f8ab64ba5780eacd9366a5d5a9035b2cfee4f42bd0b87ad85
|
|
| MD5 |
b838b97203434f4f61b04f03e9311d59
|
|
| BLAKE2b-256 |
f4ba9e12356242d786f3b8ebde6968aa46bde56c3eb3902b8841e3c4f24859cc
|
File details
Details for the file secret_updater-0.1.0-py3-none-any.whl.
File metadata
- Download URL: secret_updater-0.1.0-py3-none-any.whl
- Upload date:
- Size: 5.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.0.1 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dd4a598b86b9dd7e6dda1d8465168dd278824998c2b7cade0b67e3bc72c47365
|
|
| MD5 |
758e115869b92104029174360a33738f
|
|
| BLAKE2b-256 |
50a176d5a101f20348ef165a5d9c1699cd881468dfe7cea7fd5347c015514b09
|
