Skip to main content

Different Job Secret for Different Branch

This tutorial explains how to use different job secrets for different branches for same job.

Assumed Scenario

We have two job secrets:

  1. The production job secret allows to access production environment, and should only be used by code merged into main branch
  2. The development job secret allows to access development environment, and should be used by all code not merged into main branch

We need to set up the job so that it accesses development secret if not merged into main branch, and accesses production secret if merged into main branch.

How to Set Up

  1. Define a secret with name say deployment, and set its value to production secret. Define property authorization as below:
    on branch "main"
  2. After the production secret, define another secret with same name deployment, and set its value to development secret. Leave property authorization as default (can be used by all branches)
  3. Configure job to use the deployment secret

When access value of secret of name deployment, OneDev will search all secrets with that name, until an authorized one is found. So if code is merged into main branch, the job will get the first secret; otherwise it will get the second secret