Question 1

How do I set up Secrets Sync Action for multiple repositories?

Accepted Answer

Define a regex pattern in the 'repositories' input to match target repos, provide a token with write access, and use the 'secrets' input with regex to select environment variables. Test with dry-run mode first to avoid errors.

Question 2

What token do I need for Secrets Sync Action?

Accepted Answer

You need a classic PAT with full 'repo' scope or a fine-grained token with 'Secrets' set to 'Read and write'. The default GITHUB_TOKEN won't work due to scope limitations, as noted in the README.

Question 3

Can Secrets Sync Action sync to private repositories?

Accepted Answer

Yes, but only if the token user has owner or collaborator access. The action lists all repositories available to the token and filters with regex, ignoring archived ones.

Question 4

How does Secrets Sync Action handle regex patterns for secrets?

Accepted Answer

It uses newline-delimited regex expressions from the 'secrets' input to match environment variables passed via 'env', allowing selective syncing. Ensure patterns are precise to avoid unintended leaks.

Question 5

Secrets Sync Action vs GitHub Environments: which is better?

Accepted Answer

Secrets Sync Action is ideal for centralized management across many repos with regex control, while GitHub Environments is better for per-repo, environment-specific secrets without cross-repo syncing. Choose based on scale and isolation needs.

Question 6

Does Secrets Sync Action support deleting secrets?

Accepted Answer

Yes, set the 'delete' input to true to find and remove selected secrets from target repositories, but use caution and test with dry-run to prevent accidental data loss.

Secrets Sync Action

What is Secrets Sync Action?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions