Which secret source is used by Dependabot-triggered workflows?

[ppkarwasz]

Select Topic Area

Question

Body

I'm looking for official documentation (or confirmation) about which secret source is used in GitHub Actions workflows triggered by Dependabot (i.e., when github.actor == 'dependabot[bot]').

Based on my testing, it seems that the secret source varies depending on the event type:

• push: Secrets come from the Dependabot secret store.
• pull_request_target: Secrets come from the Actions secret store.
• workflow_run (triggered upon completion of a Dependabot-triggered workflow): Also uses the Actions secret store.
• pull_request: Identifies Dependabot as the source, but secrets appear to be inaccessible (as expected).

Is this behavior documented anywhere? And is there a canonical way to predict or control which secret source is used for a given workflow/event combination?

Thanks in advance!

[bandirevanth]

Secrets in GitHub Actions Workflows Triggered by Dependabot

When workflows are triggered by dependabot[bot], the source of secrets depends on the event type.

---

Summary of Behavior by Event Type

Event Trigger	Actor = dependabot[bot]	Secret Source	GITHUB_TOKEN Permissions	Can You Control It?	Notes
push	✅	Dependabot secrets	Read-only	✅ Use Dependabot secrets	Standard push workflow triggered by Dependabot updates
pull_request	✅	Dependabot secrets	Read-only	✅ Use Dependabot secrets	Secrets available but limited to Dependabot's store
pull_request_target	✅	❌ No secrets available	Read-only	❌ Not controllable (security-restricted)	Secrets are blocked for PRs from bots/forks
workflow_run	✅ (triggered after prior)	GitHub Actions secrets	Default (based on job)	✅ Use standard Actions secrets	Use this to chain post-Dependabot workflows with elevated access
Other events	✅	Dependabot secrets	Read-only	✅ Use Dependabot secrets	e.g., create, deployment, schedule, etc.

---

Can You Control Which Secret Source Is Used?

Scenario	Control Strategy
Dependabot-triggered CI needs secrets	Add them to the Dependabot secret store
Need Actions secrets for complex flows	Use a workflow_run that triggers after the initial Dependabot workflow
Need to use secrets in PRs from Dependabot	❌ Not possible in pull_request_target due to GitHub’s bot+fork protection
Consistency across event types	✅ Use identical secret names in both Dependabot and Actions secret stores to simplify access logic

Official Documentation References

• GitHub Docs – Dependabot Secrets
• GitHub Docs – GitHub Actions Security
• GitHub Docs – Events that Trigger Workflows
• GitHub Blog – Dependabot Actions Secrets Support

---

Important Notes

• Dependabot secrets are separate from standard GitHub Actions secrets.
• pull_request_target explicitly blocks secret access if the PR is from a fork or bot (like Dependabot).
• workflow_run allows use of standard Actions secrets — useful for chaining after Dependabot updates.
• You should mirror secret names across both secret stores to keep workflows DRY.

HOPE IT HELPS :)

[ppkarwasz]

HOPE IT HELPS :)

Thanks for your answer, but I believe there's a key issue: the rows for pull_request and pull_request_target appear to be reversed.

Specifically, pull_request is the event that blocks access to secrets, while pull_request_target runs in the context of the base repository and does have access to secrets.

Based on the "Set up job" step that appears in each GitHub job, I observed the following:

Event	Secret source
pull_request	Dependabot (that is what the job says, no actual secrets are available)
pull_request_target	Actions
push	Dependabot
workflow_run	Actions

These results come from my test repository (ppkarwasz/logging-log4j2) and reflect the current behavior of GitHub Actions.

I was hoping somebody had a complete list of cases and an explanation, why the secret source changes from event to event.

[thesunjrs]

The secret source used by Dependabot-triggered workflows in GitHub Actions depends on the event type:

• For push events, the secrets come from the Dependabot secret store.
• For workflow_run events (triggered after a Dependabot-initiated workflow), the secrets come from the standard GitHub Actions secret store.
• For pull_request events, Dependabot is identified as the source, but secrets are not accessible due to GitHub's security restrictions.

To control the secret source, you can:

1. Add secrets to the Dependabot secret store if the Dependabot-triggered workflow needs them.
2. Use a workflow_run event to trigger a subsequent workflow that can access the standard GitHub Actions secrets.

The official GitHub documentation covers these details in the following articles:

• Dependabot Secrets
• GitHub Actions Security
• Events that Trigger Workflows

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[PRIYAtechky]

Answer

GitHub doesn’t have a single centralized official doc that explicitly lists which secret source is used for Dependabot-triggered workflows, but the behavior you’ve observed is correct and aligns with the security model.

• push (from Dependabot)
  Secrets come from the Dependabot secret store (configured under your repository → Settings → Security → Dependabot → Secrets).
  This is intentional to limit scope, since Dependabot runs on your behalf.

• pull_request_target
  Secrets come from the Actions secret store (configured under repository → Settings → Secrets and variables → Actions).
  This workflow has read/write permissions against the base repository, so normal GitHub Actions secrets are exposed.

• workflow_run (triggered by a Dependabot workflow)
  Uses the Actions secret store as well, since the trigger is no longer Dependabot itself, but your workflow runner responding to another workflow’s completion.

• pull_request
  Dependabot is treated like any external contributor (to protect against untrusted code execution). No secrets are exposed, as expected.

---

Documentation references

• GitHub Docs – Using secrets in GitHub Actions
• GitHub Docs – About Dependabot security updates
• GitHub Docs – Security hardening for GitHub Actions

---

Key takeaway

There’s no single canonical doc that outlines the exact matrix of event → secret source, but the rule of thumb is:

• Direct Dependabot events → Dependabot secret store.
• Repository-trusted contexts (pull_request_target, workflow_run) → Actions secret store.
• Untrusted contexts (pull_request) → No secrets available.

If you need predictable behavior, explicitly design workflows around these rules and use pull_request_target or workflow_run for cases where Actions secrets must be accessed.