Integrating GitHub with Secret Server

Delinea Secret Server integrates with GitHub CI/CD pipelines to securely retrieve secrets at runtime and inject them into workflow jobs as environment variables. This integration eliminates hardcoded credentials and manual secret handling by fetching secrets directly from Delinea Secret Server or the Delinea Platform during workflow execution.

The integration uses a Docker image hosted on Docker Hub that contains the required components to authenticate with Delinea, securely retrieve secrets, and expose them to GitHub Actions jobs using GitHub’s environment variable injection mechanism.

Secrets can be retrieved using either a unique secret ID or a folder-based secret path and are mapped to environment variables defined by the workflow. Retrieved secrets are available only for the duration of the workflow job and are never stored in the GitHub repository or workflow configuration files.

No local installation is required. The Docker image is pulled dynamically during workflow execution, ensuring that the latest supported version of the integration is always used.

This integration works with Secret Server Cloud, Secret Server On-Premises, and Secret Server on the Delinea Platform.

For more information about this integration, see the following topics: