Fill the gap of credential file management in GitHub Actions

Safe from the outside world but flexible within your team

GitHub Actions is a CI/CD platform

In short, GitHub Actions is a CI/CD platform/service similar to Travis CI and CircleCI. It’s different in:

1. It’s made by GitHub, so it has better integration with the GitHub platform.
2. It’s a componentized CI/CD, so you can re-use and/or assemble other people’s CI/CD.

We love CI/CD (or at least CD) because it simplifies the process of preparing an environment

Speaking of delivering apps, as developers, there are a couple of things we hate:

1. Getting code signing credential files (especially for mobile developers).
2. Getting server credential files.
3. Getting server secrets.
4. Setting up configuration files to point to 1, 2 and 3.
5. After completing 1, 2, 3 and 4. You realized it’s time to upgrade your laptop and you will have to do them all over again.

Hmmm… it seems that most of our headache is credential related.

Credentials are kept inside the GitHub repositories

It’s nice that with GitHub Actions, we finally have a way to keep our credentials…