Home>

Please tell me how to execute regularly without disclosing confidential information such as API key in Github Actions.
I am also a beginner about Mac, so I would appreciate it if you could tell me in detail.

environment

Language: Python 3.9.0
OS: Mac
Github: Free (Public)

background

I used Github Actions to create a code that regularly receives push notifications from LINEbot.
Since CHANNEL_ACCESS_TOKEN etc. is entered in the json file and committed,
I thought, "Isn't this bad for an unspecified number of people to see?", So I tried to find out how to hide the information.
Apparently, it seems good to set "environment variables", but for me as a super beginner, it's refreshing ...

▪️json file

{
    "CHANNEL_ACCESS_TOKEN": "*****",
    "USER_ID": "********"
}


▪️ Python file

import json
from linebot import LineBotApi
from linebot.models import TextSendMessage
from linebot.models import messages
file = open ('info.json','r')
info = json.load (file)
CHANNEL_ACCESS_TOKEN = info ['CHANNEL_ACCESS_TOKEN']
line_bot_api = LineBotApi (CHANNEL_ACCESS_TOKEN)
def main ():
    USER_ID = info ['USER_ID']
    messages = TextSendMessage (text ='Good morning!')
    line_bot_api.push_message (USER_ID, messages = messages)
if __name__=='__main__':
    main ()
  • Answer # 1

    Set Secrets on Github and reference Secrets as an environment variable (in the yml file).
    I was able to read environment variables with Python code (os.environ ['environment variable name']).