Skip to content


GitHub Secrets can be used to store sensitive information. They are translated into environment variables in the Terrateam GitHub Action runtime environment. These environment variables may be referenced in your Terraform code.

TF_VAR Environment variables

Secrets that start with TF_VAR_ are treated specially by Terrateam.

GitHub Secrets are always uppercase, however by convention Terraform variables are lowercase. Terrateam automatically finds all secrets that start with TF_VAR_ and creates a new environment variable that has the lowercase name. If the lowercase name exists, no action is taken. The uppercase environment variable is left unchanged. For example, the secret TF_VAR_LOGIN_TOKEN will create a new environment variable called TF_VAR_login_token.

Creating Secrets


These instructions require you to run commands from a terminal.

Create a new secret

  1. Export your Terraform organization/repo combination as an environment variable.
  1. Create a new repository secret
gh secret --repo "$REPO" set SECRET_NAME