Services
Technology Web App Development Mobile App Development Windows App Development Database Development UI/UX Development Cloud Development SEO Digital Marketing Guest Posting Content Writing Artificial Intelligence Data Science ERP Development CRM Development CMS Development LMS Development Business Listing Blockchain Technology Startup Promotion
Products
Data Converter Cleaner TUC - Unit Converter Import Export Survey Manager Tweet Controller
Developer
Article Blog Forum Interview Beginner News Startup Quiz
Users
Career
Apply Job Internship
Pricing
Login Sign Up Get a Quote

forum

home / developersection / forums / how do you use secrets in github actions?
Ask Question

How do you use secrets in GitHub Actions?

Ravi Vishwakarma 500 06 Jul 2025

How do you use secrets in GitHub Actions, explain with example

GitHub githubgit
Updated 11 May 2026
Ravi Vishwakarma
Ravi Vishwakarma

IT-Hardware & Networking

Ravi Vishwakarma is a dedicated Software Developer with a passion for crafting efficient and innovative solutions. With a keen eye for detail and years of experience, he excels in developing robust software systems that meet client needs. His expertise spans across multiple programming languages and technologies, making him a valuable asset in any software development project.

Message

1 Answers

Ravi Vishwakarma
Ravi Vishwakarma 08 May 2026
Report Abuse

You can use Secrets in GitHub Actions to securely store sensitive data like:

  • API keys
  • Database passwords
  • Access tokens
  • SSH keys
  • Deployment credentials

1. Add a Secret in GitHub

Go to your repository:

GitHub Repository Settings

Then:

  • Open Settings
  • Click Secrets and variablesActions
  • Click New repository secret

Add:

  • Name → API_KEY
  • Secret → your actual key

2. Use Secret in GitHub Actions Workflow

Example .github/workflows/deploy.yml

name: Deploy App

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Use Secret
        run: echo "API Key loaded successfully"

        env:
          API_KEY: ${{ secrets.API_KEY }}

3. Access Secret in Commands

- name: Call API
  run: curl -H "Authorization: Bearer $API_KEY" https://example.com
  env:
    API_KEY: ${{ secrets.API_KEY }}

4. Use Secrets in ASP.NET MVC / .NET Builds

- name: Build Application
  run: dotnet build
  env:
    ConnectionStrings__Default: ${{ secrets.DB_CONNECTION }}

In C#:

string connection =
    Environment.GetEnvironmentVariable("ConnectionStrings__Default");

5. Organization Secrets

If multiple repositories need the same secret:

  • Organization Settings
  • Secrets and variables
  • Actions
  • Create organization secret

Useful for:

  • Shared deployment tokens
  • Common API credentials
  • CI/CD infrastructure keys

6. Important Security Rules

  • Never hardcode secrets in code
  • Never print secrets in logs
  • Rotate secrets regularly
  • Use least-privilege access tokens
  • Prefer short-lived tokens when possible

7. Example: Deploy to Server via SSH

- name: Deploy via SSH
  uses: appleboy/ssh-action@v1.0.3
  with:
    host: ${{ secrets.SERVER_HOST }}
    username: ${{ secrets.SERVER_USER }}
    key: ${{ secrets.SERVER_SSH_KEY }}
    script: |
      cd /var/www/app
      git pull
      docker compose up -d

8. GitHub Encrypted Secrets vs Variables

Feature Secrets Variables
Encrypted Yes No
Sensitive data Yes No
Visible in logs Masked Visible
Best for Passwords, tokens App config

Official Documentation

GitHub Actions Secrets Documentation

GitHub Actions Documentation

advertising