Menu
I'm building out one of my company project through Github actions, in which we are running the workflow from latest pull request raised. I have notice one thing, whenever it tries to execute the secret from main the repository, its gives error as bad credentials. Same stage when I tried to run from main repository it works fine. Do We have given some permissions to pull request to call secret from main repository.
Any suggestions will help.
475
asked Dec 07 '25 09:12
By default, pull-request builds don't get access to the secrets to prevent people from using the pull requests to exfiltrate your secrets through a change that reads the environment and sends the data somewhere else.
Due to the dangers inherent to automatic processing of PRs, GitHub’s standard pull_request workflow trigger by default prevents write permissions and secrets access to the target repository. However, in some scenarios such access is needed to properly process the PR. To this end the pull_request_target workflow trigger was introduced.
See here for additional details:
56
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
