secrets
Creates, updates, deletes, gets or lists a secrets resource.
Overview
| Name | secrets |
| Type | Resource |
| Id | github.codespaces.secrets |
Fields
The following fields are returned by SELECT queries:
- get_secret_for_authenticated_user
- list_secrets_for_authenticated_user
Response
| Name | Datatype | Description |
|---|---|---|
name | string | The name of the secret (example: SECRET_NAME) |
created_at | string (date-time) | The date and time at which the secret was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ. |
selected_repositories_url | string (uri) | The API URL at which the list of repositories this secret is visible to can be retrieved (example: https://api.github.com/user/secrets/SECRET_NAME/repositories) |
updated_at | string (date-time) | The date and time at which the secret was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ. |
visibility | string | The type of repositories in the organization that the secret is visible to (all, private, selected) |
Response
| Name | Datatype | Description |
|---|---|---|
secrets | array | |
total_count | integer |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_secret_for_authenticated_user | select | secret_name | Gets a development environment secret available to a user's codespaces without revealing its encrypted value. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint. | |
list_secrets_for_authenticated_user | select | per_page, page | Lists all development environment secrets available for a user's codespaces without revealing their encrypted values. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint. | |
create_or_update_secret_for_authenticated_user | insert | secret_name, key_id | Creates or updates a development environment secret for a user's codespace with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API." The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint. | |
delete_secret_for_authenticated_user | delete | secret_name | Deletes a development environment secret from a user's codespaces using the secret name. Deleting the secret will remove access from all codespaces that were allowed to access the secret. The authenticated user must have Codespaces access to use this endpoint. OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
secret_name | string | The name of the secret. |
page | integer | The page number of the results to fetch. For more information, see "Using pagination in the REST API." |
per_page | integer | The number of results per page (max 100). For more information, see "Using pagination in the REST API." |
SELECT examples
- get_secret_for_authenticated_user
- list_secrets_for_authenticated_user
Gets a development environment secret available to a user's codespaces without revealing its encrypted value.
The authenticated user must have Codespaces access to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.
SELECT
name,
created_at,
selected_repositories_url,
updated_at,
visibility
FROM github.codespaces.secrets
WHERE secret_name = '{{ secret_name }}' -- required
;
Lists all development environment secrets available for a user's codespaces without revealing their
encrypted values.
The authenticated user must have Codespaces access to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.
SELECT
secrets,
total_count
FROM github.codespaces.secrets
WHERE per_page = '{{ per_page }}'
AND page = '{{ page }}'
;
INSERT examples
- create_or_update_secret_for_authenticated_user
- Manifest
Creates or updates a development environment secret for a user's codespace with an encrypted value. Encrypt your secret using
LibSodium. For more information, see "Encrypting secrets for the REST API."
The authenticated user must have Codespaces access to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.
INSERT INTO github.codespaces.secrets (
encrypted_value,
key_id,
selected_repository_ids,
secret_name
)
SELECT
'{{ encrypted_value }}',
'{{ key_id }}' /* required */,
'{{ selected_repository_ids }}',
'{{ secret_name }}'
;
# Description fields are for documentation purposes
- name: secrets
props:
- name: secret_name
value: "{{ secret_name }}"
description: Required parameter for the secrets resource.
- name: encrypted_value
value: "{{ encrypted_value }}"
description: |
Value for your secret, encrypted with [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages) using the public key retrieved from the [Get the public key for the authenticated user](https://docs.github.com/rest/codespaces/secrets#get-public-key-for-the-authenticated-user) endpoint.
- name: key_id
value: "{{ key_id }}"
description: |
ID of the key you used to encrypt the secret.
- name: selected_repository_ids
value: "{{ selected_repository_ids }}"
description: |
An array of repository ids that can access the user secret. You can manage the list of selected repositories using the [List selected repositories for a user secret](https://docs.github.com/rest/codespaces/secrets#list-selected-repositories-for-a-user-secret), [Set selected repositories for a user secret](https://docs.github.com/rest/codespaces/secrets#set-selected-repositories-for-a-user-secret), and [Remove a selected repository from a user secret](https://docs.github.com/rest/codespaces/secrets#remove-a-selected-repository-from-a-user-secret) endpoints.
DELETE examples
- delete_secret_for_authenticated_user
Deletes a development environment secret from a user's codespaces using the secret name. Deleting the secret will remove access from all codespaces that were allowed to access the secret.
The authenticated user must have Codespaces access to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the codespace or codespace:secrets scope to use this endpoint.
DELETE FROM github.codespaces.secrets
WHERE secret_name = '{{ secret_name }}' --required
;