| title | shortTitle | intro | versions | redirect_from | type | topics | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Managing your account-specific secrets for GitHub Codespaces |
Codespaces secrets |
You can store sensitive information, like tokens, that you want to access in your codespaces via environment variables. |
|
|
how_to |
|
You can add development environment secrets to your personal account that you want to use in your codespaces. For example, you may want to store and access the following sensitive information as secrets:
- Access tokens to cloud services
- Service principals
- Subscription identifiers
- Credentials for a private image registry (for more information, see AUTOTITLE)
You can choose which repositories should have access to each secret. Then, you can use the secret in any codespace you create for a repository that has access to the secret. To share a secret with a codespace created from a template, you will need to publish the codespace to a repository on {% data variables.product.prodname_dotcom %}, then give that repository access to the secret.
{% data reusables.codespaces.secrets-on-start %}
{% data reusables.codespaces.secrets-naming %} For example, a secret created at the repository level must have a unique name in that repository.
{% data reusables.codespaces.secret-precedence %}
You can store up to 100 secrets for {% data variables.product.prodname_github_codespaces %}.
Secrets are limited to 48 KB in size.
{% data reusables.user-settings.access_settings %} {% data reusables.user-settings.codespaces-tab %}
- To the right of "Codespaces secrets", click New secret.
- Under "Name," type a name for your secret. {% data reusables.user-settings.codespaces-secret-value %} {% data reusables.user-settings.codespaces-secret-repository-access %}
- Click Add secret.
You can update the value of an existing secret, and you can change which repositories can access a secret.
{% data reusables.user-settings.access_settings %} {% data reusables.user-settings.codespaces-tab %}
-
Under "Codespaces secrets," to the right of the secret you want to edit, click Update.
-
Under "Value," click the link "enter a new value."
{% data reusables.user-settings.codespaces-secret-value %} {% data reusables.user-settings.codespaces-secret-repository-access %}
-
Optionally, to remove the secret's access to a repository, deselect the repository.
-
Click Save changes.
{% data reusables.user-settings.access_settings %} {% data reusables.user-settings.codespaces-tab %}
- Under "Codespaces secrets," to the right of the secret you want to delete, click Delete.
- Read the warning, then click OK.
A development environment secret is exported as an environment variable into the user's terminal session.
You can use development environment secrets after the codespace is built and is running. For example, a secret can be used:
- When launching an application from the integrated terminal or ssh session.
- Within a dev container lifecycle script that is run after the codespace is running. For more information about dev container lifecycle scripts, see the documentation on the Development Containers website: Specification.
Development environment secrets cannot be used:
- During codespace build time (that is, within a Dockerfile or custom entry point).
- Within a dev container feature. For more information, see the
featuresproperty in the dev containers specification on the Development Containers website.