Manage secrets and more with the GitHub Actions API
We introduced GitHub Actions as a platform to help teams automate their software workflows. When we first shipped it, we knew a key feature was missing for platforms, an API. In the past few months, we’ve been fortunate to learn more from you and the community about what you want out of the Actions API.
Today the GitHub Actions API beta is available to all repositories. As we reviewed your feedback, we discovered several themes that we focused on for the first iteration:
- Reading workflow run and job data
- Managing repository secrets
- Downloading artifacts
- Registering self-hosted runners
You can query detailed information such as outcome, conclusion, and timing using the workflow run and job API. This helps teams incorporate data about the overall success or failure of their workflow runs with data from other tools they use. You can also download the raw logs for each run using the workflow run and job API so you can store them for long term archival or other analysis.
The secrets API enables you to automate secret management on your repositories. This helps teams with a large volume of repositories implement best practices like secret rotation and it allows partners to write integrations that automatically provision secrets.
Keeping your secrets safe is vital and the secrets API provides two mechanisms to help. First, the API doesn’t return any values, only names. Second, we require that you encrypt the secrets with a public key before setting them, which means they’re never logged in the GitHub infrastructure. Learn more from the API documentation, including how to encrypt secrets when creating or updating.
It’s common for a continuous integration workflow to generate a binary or other artifact that needs to be consumed by other services. Download an archive of an artifact from a workflow run using the artifacts API for your teams and partners to integrate Actions artifacts into other tools and services.
Now you can run Actions on your own hardware with self-hosted runners. Until recently, these runners had to be manually set up individually. With the API, developers can automate the registration and removal of their runners by creating registration tokens and passing them to the runner configuration script.
With the new API, we’ve added two new pieces of data to the runner context and environment variables.
Each Actions run now has a
run_number available. Now, developers can write scripts in their workflows that easily interact with the new API endpoints. Make a workflow to cancel an in-progress run or download an Artifact—it’s all possible using Actions.
We’ve also updated the
GITHUB_TOKEN on the runner to have access to the newer Actions permissions making authentication to the API seamless.
The post Manage secrets and more with the GitHub Actions API appeared first on The GitHub Blog.
>>> Read the Full Story at The GitHub Blog