Organization secrets are used to store and manage sensitive information, such as passwords, tokens, and ssh keys. Storing this information in a secret is considered safer than storing it in your configuration file. Organization secrets can be used by any repository that belongs to the named organization.
Please note this feature is disabled on Drone Cloud. This feature is only available when self-hosting.
The system administrator role is required to create, update or delete organization secrets.
Create organization secrets using the command line tools:
$ drone orgsecret add [organization] [name] [data]
$ drone orgsecret add octocat docker_password pa55word
Source environment variables from named organization secrets:
Source plugin settings from named organization secrets:
Secrets are not exposed to pull requests by default. This prevents a bad actor from sending a pull request and attempting to expose your secrets. You can override this default behavior, at your own risk, using the