From 043db010cc5b453d97d700ed12d466eb5dbf7695 Mon Sep 17 00:00:00 2001 From: jnywong Date: Mon, 8 Jul 2024 15:44:11 +0000 Subject: [PATCH 1/3] Add docs on GH organization secrets --- reference/documentation/secrets.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/reference/documentation/secrets.md b/reference/documentation/secrets.md index 93d6ca11..de8b53bd 100644 --- a/reference/documentation/secrets.md +++ b/reference/documentation/secrets.md @@ -28,18 +28,19 @@ load_dotenv() SECRET_NAME = os.environ["SECRET_NAME"] ``` -### Access secret in GitHub actions +### Access organization-level secrets in GitHub actions -Add your secret as a GitHub repository secret to be used in GitHub actions when you build and publish online. +Add your secret as a GitHub an organizational-level repository secret to be used in GitHub actions when you build and publish online. :::{note} -This section describes how to create a secret for an individual repository. To create a secret for the 2i2c organization for multiple users, see the [GitHub Docs – Using secrets in GitHub actions](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization). +To create a secret for the 2i2c organization for multiple users, see the [GitHub Docs – Using secrets in GitHub actions](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization). We recommend organization-level secrets against individual-level secrets to minimize the need to create duplicate secrets for multiple repositories. ::: -1. Navigate to your repository online on GitHub. +1. Navigate to the 2i2c GitHub organization. 1. In the *{octicon}`gear` Settings* menu, click on *{octicon}`key-asterisk` Secrets and Tokens > Actions* in the left-side menu. -1. Under the *Repository Secrets* section, click on the {guilabel}`New repository secret` button. +1. Under the *Organization Secrets* section, click on the {guilabel}`New organization secret` button. 1. Enter the name of your secret in the *Name* field and paste in the value of your secret in the *Secret* field. +1. Scope the secret to the relevant select repositories under the *Repository access* dropdown. 1. Click {guilabel}`Add secret` to confirm. Following this, adjust your GitHub action workflow file to make the secret available to your job with the `env` key value. See the [GitHub Docs – Using secrets in GitHub actions](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow) or the example code snippet from the `team-compass/.github/workflows/test-docs.yaml` file below: From 30e350ce5e31ac8bbe052fba1c0a283d8837bacb Mon Sep 17 00:00:00 2001 From: jnywong Date: Mon, 8 Jul 2024 15:50:14 +0000 Subject: [PATCH 2/3] Upload Sphinx error log as artifact --- .github/workflows/test-docs.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/test-docs.yaml b/.github/workflows/test-docs.yaml index 3c4aa167..cff9db77 100644 --- a/.github/workflows/test-docs.yaml +++ b/.github/workflows/test-docs.yaml @@ -31,3 +31,9 @@ jobs: GRAFANA_TOKEN: ${{ secrets.GRAFANA_TOKEN }} run: | make dirhtml SPHINXOPTS='--color -W --keep-going' + + - name: Upload Logs and Build + uses: actions/upload-artifact@v3 + with: + name: sphinx-logs + path: book/_build From bd2fa99dcf5ae084ce902de4e046cfb6838cda45 Mon Sep 17 00:00:00 2001 From: jnywong Date: Mon, 8 Jul 2024 16:30:58 +0000 Subject: [PATCH 3/3] Add note about org secrets --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 46177c2f..06aaee9a 100644 --- a/README.md +++ b/README.md @@ -29,3 +29,7 @@ To build live documentation that updates when you update local files, run the fo ```console $ nox -s docs-live ``` + +## Organization Secrets + +This repo requires access to organizational-level secrets that cannot be access via forked PR. Therefore the GH action `test-docs.yaml` will fail unless you push a non-forked PR.