Demo repository for using Environments and Secrets in workflows.
- ❗ This is a template repository
- ❗ This demo contains GHEC/GHES-specific features
- The Environments feature is only available for GHEC, GHES (>=v3.1), and public repositories
- If you have a GHEC organization available, then please click Use this template to clone the repo into that organization
- If you do not have a GHEC organization available, please run the demo in this repository. Just make sure to complete the Cleanup steps afterwards 🏡
- In the repository, go to Settings --> Environments
- Create an environment (e.g.
test
)- No additional settings
- Create another environment (e.g.
prod
)- Add a required reviewer (you can set yourself as the required reviewer)
- The protection rules will be used later in the demo
- In the organization, go to Settings --> Secrets (if you have org owner access to the organization. If not, skip this step.)
- Add an org secret (e.g.
MY_ORG_SECRET
) with an arbitrary value - Show how org secrets can be scoped to specific repositories
- Add an org secret (e.g.
- In the repository, go to Settings --> Secrets
- Add a repository secret (e.g.
MY_REPO_SECRET
) with an arbitrary value
- Add a repository secret (e.g.
- In the repository, go to Settings --> Environments
- For one of the environments, add an environment secret (e.g.
MY_ENV_SECRET
)
- For one of the environments, add an environment secret (e.g.
💡 Ensure that the secrets and environments added above corresponds to what is defined in the workflow.
- Use one of the existing workflows in
.github/workflows
- Walk through the syntax
- Trigger the workflow by opening a new PR and ensure it succeeds
- E.g. edit one of the test files
- Show the environments GUI inside the PR (the Deployments section)
- Merge the PR
- If Required reviewers were added to the environment, the workflow should be halted until it is reviewed
- Show how to review a deployment, and ensure the job proceeds
- Show where to locate all Environments and deployments for the repository
- The Environments section on the repository landing page
- Show the redaction of secrets in the workflows log
- If the workflow was run in this repository, perform the following steps:
- Delete all secrets created
- Delete all environments created
- Ensure any PRs are closed/merged
- Delete any branches created