organization_secrets
Creates, updates, deletes, gets or lists an organization_secrets resource.
Overview
| Name | organization_secrets |
| Type | Resource |
| Id | github.codespaces.organization_secrets |
Fields
The following fields are returned by SELECT queries:
- get_org_secret
- list_org_secrets
Response
| Name | Datatype | Description |
|---|---|---|
name | string | The name of the secret (example: SECRET_NAME) |
created_at | string (date-time) | The date and time at which the secret was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ. |
selected_repositories_url | string (uri) | The API URL at which the list of repositories this secret is visible to can be retrieved (example: https://api.github.com/orgs/ORGANIZATION/codespaces/secrets/SECRET_NAME/repositories) |
updated_at | string (date-time) | The date and time at which the secret was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ. |
visibility | string | The type of repositories in the organization that the secret is visible to (all, private, selected) |
Response
| Name | Datatype | Description |
|---|---|---|
secrets | array | |
total_count | integer |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_org_secret | select | org, secret_name | Gets an organization development environment secret without revealing its encrypted value. OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. | |
list_org_secrets | select | org | per_page, page | Lists all Codespaces development environment secrets available at the organization-level without revealing their encrypted values. OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. |
create_or_update_org_secret | insert | org, secret_name, visibility | Creates or updates an organization development environment secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API." OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. | |
delete_org_secret | delete | org, secret_name | Deletes an organization development environment secret using the secret name. OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
org | string | The organization name. The name is not case sensitive. |
secret_name | string | The name of the secret. |
page | integer | The page number of the results to fetch. For more information, see "Using pagination in the REST API." |
per_page | integer | The number of results per page (max 100). For more information, see "Using pagination in the REST API." |
SELECT examples
- get_org_secret
- list_org_secrets
Gets an organization development environment secret without revealing its encrypted value.
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
SELECT
name,
created_at,
selected_repositories_url,
updated_at,
visibility
FROM github.codespaces.organization_secrets
WHERE org = '{{ org }}' -- required
AND secret_name = '{{ secret_name }}' -- required
;
Lists all Codespaces development environment secrets available at the organization-level without revealing their encrypted
values.
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
SELECT
secrets,
total_count
FROM github.codespaces.organization_secrets
WHERE org = '{{ org }}' -- required
AND per_page = '{{ per_page }}'
AND page = '{{ page }}'
;
INSERT examples
- create_or_update_org_secret
- Manifest
Creates or updates an organization development environment secret with an encrypted value. Encrypt your secret using
LibSodium. For more information, see "Encrypting secrets for the REST API."
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
INSERT INTO github.codespaces.organization_secrets (
encrypted_value,
key_id,
visibility,
selected_repository_ids,
org,
secret_name
)
SELECT
'{{ encrypted_value }}',
'{{ key_id }}',
'{{ visibility }}' /* required */,
'{{ selected_repository_ids }}',
'{{ org }}',
'{{ secret_name }}'
;
# Description fields are for documentation purposes
- name: organization_secrets
props:
- name: org
value: "{{ org }}"
description: Required parameter for the organization_secrets resource.
- name: secret_name
value: "{{ secret_name }}"
description: Required parameter for the organization_secrets resource.
- name: encrypted_value
value: "{{ encrypted_value }}"
description: |
The value for your secret, encrypted with [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages) using the public key retrieved from the [Get an organization public key](https://docs.github.com/rest/codespaces/organization-secrets#get-an-organization-public-key) endpoint.
- name: key_id
value: "{{ key_id }}"
description: |
The ID of the key you used to encrypt the secret.
- name: visibility
value: "{{ visibility }}"
description: |
Which type of organization repositories have access to the organization secret. `selected` means only the repositories specified by `selected_repository_ids` can access the secret.
valid_values: ['all', 'private', 'selected']
- name: selected_repository_ids
value:
- {{ selected_repository_ids }}
description: |
An array of repository IDs that can access the organization secret. You can only provide a list of repository IDs when the `visibility` is set to `selected`. You can manage the list of selected repositories using the [List selected repositories for an organization secret](https://docs.github.com/rest/codespaces/organization-secrets#list-selected-repositories-for-an-organization-secret), [Set selected repositories for an organization secret](https://docs.github.com/rest/codespaces/organization-secrets#set-selected-repositories-for-an-organization-secret), and [Remove selected repository from an organization secret](https://docs.github.com/rest/codespaces/organization-secrets#remove-selected-repository-from-an-organization-secret) endpoints.
DELETE examples
- delete_org_secret
Deletes an organization development environment secret using the secret name.
OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
DELETE FROM github.codespaces.organization_secrets
WHERE org = '{{ org }}' --required
AND secret_name = '{{ secret_name }}' --required
;