- Secret and token names should be prefixed with the corresponding service. Ex:
AWS_<SECRET_NAME> DOCKERHUB_<SECRET_NAME> SENZING_GITHUB_<SECRET_NAME>
- We include the
SENZINGCommunity name prefix for all GitHub secrets due to GitHub restrictions.
- We include the
- The remaining secret name should allude to the purpose of the secret/token and the level of permissions where applicable. Ex.
SENZING_GITHUB_CODEOWNER_PR_RW_TOKEN
Used for automated approvals on dependabot pull requests.
-
Create a fine-grained personal access token (CODEOWNER)
- Click your profile photo, then click
Settings. - In the left sidebar, click
Developer settings. - In the left sidebar, under
Personal access tokens- click
Fine-grained tokens.
- click
- Click
Generate new token. - Under
Token name, enter a name for the token:SENZING_GITHUB_CODEOWNER_PR_RW_TOKEN. - Under
Expiration, select an expiration for the token. - Optionally, under
Description, describe the purpose of the token. - Under
Resource owner, select a resource owner:Senzing.- See Token Docs for additional details.
- Under
Repository access, select:All repositories - Under
Permissions>Repository Permissions>Pull requests- Select
Access: Read and writein the dropdown.
- Select
- Click
Generate token. - Copy the new token for use in Step 2.
- Click your profile photo, then click
-
Add the newly generated token in step 1 as an organization secret for Dependabot.
- Note: To create secrets at the organization level, you must have admin access.
- On GitHub.com, navigate to the main page of the organization.
- Under your organization name, click
Settings. - Expand
* Secrets and variablesin the left side nav.- Select
Dependabot.
- Select
- Click
New organization secret. - In the
Nameinput box type:SENZING_GITHUB_CODEOWNER_PR_RW_TOKEN. - From the
Repository accessdropdown list, chooseAll repositories. - Input the token generated in step one into the text box.
- Click
Add secret.