Sync Repository Secrets #4

	name: Propagate Repository Secrets
	on:
	workflow_dispatch:

	jobs:
	get-mappings:
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.set-matrix.outputs.matrix }}
	steps:
	- uses: actions/checkout@v4

	- id: set-matrix
	run: \|
	MATRIX=$(jq -c '{ include: [ to_entries[] \| { secret: .key, repos: .value } ] }' mapping.json)
	echo "matrix=$MATRIX" >> $GITHUB_OUTPUT

	propagate:
	needs: get-mappings
	runs-on: ubuntu-latest
	strategy:
	matrix: ${{fromJson(needs.get-mappings.outputs.matrix)}}
	fail-fast: false
	steps:
	- uses: actions/github-script@v7
	with:
	token: ${{ secrets.SECRETS_TOKEN }}
	script: \|
	const secret = '${{ matrix.secret }}'
	const secretValue = process.env[secret]
	const repos = ${{ toJson(matrix.repos) }}

	for (const repo of repos) {
	try {
	console.log(`Checking repository ${context.repo.owner}/${repo}`)

	// First verify the repository exists and we have access
	try {
	await github.rest.repos.get({
	owner: context.repo.owner,
	repo: repo
	});
	} catch (e) {
	console.error(`Repository ${context.repo.owner}/${repo} not found or no access`);
	continue;
	}

	console.log(`Setting ${secret} for repository ${repo}`)
	await github.rest.actions.createOrUpdateRepoSecret({
	owner: context.repo.owner,
	repo: repo,
	secret_name: secret,
	secret_value: secretValue
	})
	console.log(`Successfully set secret for ${repo}`)
	} catch (error) {
	console.error(`Error setting secret for ${repo}:`, error.message)
	if (error.status === 404) {
	console.error('Repository not found or no access')
	}
	}
	}
	env:
	${{ matrix.secret }}: ${{ secrets[matrix.secret] }}

Provide feedback