How to Add a Secret

  1. GitHub repository → “Settings” → “Secrets and variables” → “Actions”
  2. “New repository secret” → enter Name and Secret value

Reference in a Workflow

steps:
  - name: Deploy
    env:
      API_KEY: ${{ secrets.API_KEY }}
    run: echo "Using the API key"

Common Pitfalls

  • Secret values are masked in logs — they won’t appear in plain text
  • Once saved, you can’t view the value again — only overwrite it
  • Secrets are not available in workflows triggered by forks

For managing environment variables in Cloudflare Pages, see How to Set Environment Variables in Cloudflare Pages. Also add .env to .gitignore — see How to Set Up .gitignore.

  • Fiverr - Find freelance developers and tech experts