github 秘密存储在哪里?

Where are github secrets stored?

I'm on the CI part of the course

首先我会说一切都很好,我可以轻松地遵循这个过程。但是,有些东西可以用,但我不知道怎么做。让我们来看看 main.yml 文件的这一部分:

  - name: Log in to GitHub Packages
    run: echo ${GITHUB_TOKEN} | docker login -u ${GITHUB_ACTOR} --password-stdin docker.pkg.github.com
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

我有像 GITHUB_ACTOR 和 GITHUB_TOKEN 这样的参数,我没有将它们定义为代码的任何部分,也没有写入 github 中的面板。它们是由 github 自动填写的吗?如果我更改令牌,此代码是否仍然有效?

提前致谢

这在“Automatic token authentication

中有记录

At the start of each workflow run, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow.
You can use the GITHUB_TOKEN to authenticate in a workflow run.

When you enable GitHub Actions, GitHub installs a GitHub App on your repository.
The GITHUB_TOKEN secret is a GitHub App installation access token. You can use the installation access token to authenticate on behalf of the GitHub App installed on your repository. The token's permissions are limited to the repository that contains your workflow

您有Default environment variables,包括:

GITHUB_ACTOR: The name of the person or app that initiated the workflow.
For example, octocat.