Verification
Use the following steps to verify that the integration between GitHub Actions and Delinea Secret Server is working correctly.
Trigger the Workflow
A GitHub Actions workflow can be triggered in the following ways:
-
Manually, using
workflow_dispatch -
Automatically, based on configured events (for example,
repository_dispatch)
Manual Trigger
-
In your GitHub repository, navigate to Actions.
-
Select the workflow (for example, Run Docker Image).
-
Click Run workflow.
-
Select the branch and click Run workflow.
-
The workflow will start and execute the configured jobs.
If the workflow fails, one or more steps will be marked as failed in the run summary.
Verify Secret Retrieval in the Workflow
To confirm that secrets are being retrieved and injected correctly, you can temporarily add a step that references a retrieved environment variable.
Example:
- name: Verify secret retrieval
run: |
if [[ -z "$DB_PASSWORD" ]]; then
echo "Secret was not retrieved"
exit 1
fi
echo "Secret retrieval verified"
Important: Do not print secret values directly to the logs. Verify only that the variable exists. GitHub will mask secrets automatically, but best practice is to avoid echoing sensitive data.
Required GitHub Secrets for Verification
Ensure the following GitHub repository secrets are configured:
| Secret Name | Description | Security Recommendation |
|---|---|---|
| DPSS_SERVER_URL | URL of the Delinea Secret Server or Platform | Masked |
| DPSS_CLIENT_ID | Application or service account username | Masked |
| DPSS_CLIENT_SECRET | Application or service account password | Masked |
| DPSS_RETRIEVE | JSON array defining which secrets to retrieve | Masked |
Monitor Workflow Execution
Navigate to Actions in your GitHub repository.
Select a workflow run and review:
- Job and step status
- Logs for each step
- Any reported errors or failures
If the workflow completes successfully and the expected environment variables are available to downstream steps, the integration is working correctly.
