Using variables and secrets in a workflow
Use encrypted secrets, variables, and tokens in your workflows to protect your repository.
Creating and storing encrypted secrets→
Encrypted secrets allow you to store sensitive information, such as access tokens, in your repository.
Using environment variables→
GitHub sets default environment variables for each GitHub Actions workflow run. You can also set custom environment variables in your workflow file.
Authenticating with the GITHUB_TOKEN→
GitHub provides a token that you can use to authenticate on behalf of GitHub Actions.