GitHub Actions for EngineersSecrets and Environment Variables

Secrets and Environment Variables

Securely pass API keys and config to your workflows.

~15 min read

Secrets and Environment Variables

Repository secrets

Settings → Secrets and variables → Actions → New repository secret.

- run: curl -H "Authorization: Bearer ${{ secrets.API_KEY }}" https://api.example.com

Environment variables

env:
  NODE_ENV: production
  DATABASE_URL: ${{ secrets.DATABASE_URL }}

Never echo a secret explicitly — GitHub redacts known values from logs.