From 6fd3811ec692886a68b12ce0992840e3653e9658 Mon Sep 17 00:00:00 2001
From: Max Held <maximilian.held83@gmail.com>
Date: Mon, 20 May 2019 20:04:47 +0200
Subject: [PATCH] explain how to run act with secrets

again, thought this might be helpful for other users.
**Caveat**: I'm not an InfoSec expert, so someone should look this over.
Don't want to encourage people to do stupid things.
---
 README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.md b/README.md
index 842f446..accaa00 100644
--- a/README.md
+++ b/README.md
@@ -49,6 +49,17 @@ act -r
 act -v
 ```
 
+# Secrets
+
+To run `act` with secrets, you can enter them interactively or supply them as environment variables.
+If you have a secret called `FOO` in your `main.workflow`, `act` will take whatever you have set as `FOO` in the session from which you are running `act`.
+If `FOO` is unset, it will ask you interactively.
+
+You can set environment variables for the current session by running `export FOO="zap"`, or globally in your `.profile`.
+You can also set environment variables *per directory* using a tool such as [direnv](https://direnv.net/).
+**Be careful not to expose secrets**:
+You may want to `.gitignore` any files or folders containing secrets, and/or encrypt secrets.
+
 # Support
 
 Need help? Ask on [Gitter](https://gitter.im/nektos/act)!