How to avoid exposing the NETLIFY_AUTH_TOKEN?

[NatanCieplinski]

The action does work if i paste my token into the .yml file. However, if i try to use ${{ secrets.NETLIFY_AUTH_TOKEN }}then it doesn't work because the action doesn't pick the token. Is there any way to not simply paste the token into the .yml file?

[NatanCieplinski]

Solved.

${{ secrets.NETLIFY_AUTH_TOKEN }} this syntax is supported for the NETLIFY_AUTH_TOKEN but not for the NETLIFY_SITE_ID

[jsmrcaga]

Hi @NatanCieplinski , as long as you create the secrets in your repo, you can reference them in your yml file with the ${{ secrets.XXXXX }} syntax.

It should not matter what env variable you want to assign it to