ComputerSurge/shields
3
0
Fork 0
Code Pull Requests 1 Activity
Files
483ecf24de3e55ce2e23f6534db360e0de227765
shields/doc/server-secrets.md
Cedric van Putten 483ecf24de [Drone] Add Drone build badge (#3240) 
* Add drone build badge based on travis

* Fix wrong mocked endpoint for done builder

* Refactor service tester using helper method

* Add missing failure status to red statuses

* Remove extraneous invalid svg test from drone

* Test on failure red status in build status spec

* refactor(drone): use json service instead of svg

* refactor(drone): remove status text and extraneous build path in test

* refactor(drone): allow defining self-hosted drone instances

* fix(drone): use proper urls in drone examples

* fix(drone): add drone token authorization for self-hosted instances

* refactor(drone): call render build status badge directly instead of render

* refactor(drone): use server query parameter for self-hosted instances

* fix(drone): separate url and query params in example

* fix(drone): use actual build status message in examples

* fix(drone): add missing message for status code 401

Co-Authored-By: byCedric <me@bycedric.com>

* refactor(drone): remove color from drone tests

* refactor(drone): remove extraneous comments from drone tests

* refactor(drone): remove unused static preview method

* refactor(drone): remove unused static render method

* refactor(drone): reuse render build status badge helper in static previews

* fix(drone): test inaccessible repos on new message
2019-04-16 11:33:15 -05:00

4.9 KiB
Raw Blame History

Server Secrets

It is possible to provide a token or credentials for a number of external services. These may be used to lift a rate limit or provide access to private resources from a self-hosted instance.

There are two ways of setting secrets:

  1. Via environment variables. This is a good way to set them in a PaaS environment.
  2. Via checked-in config/local.yml:
private:
  gh_token: '...'

See the node-config documentation for more information.

Azure DevOps

  • AZURE_DEVOPS_TOKEN (yml: azure_devops_token)

An Azure DevOps Token (PAT) is required for accessing private Azure DevOps projects.

Create a PAT using an account that has access to your target Azure DevOps projects. Your PAT only needs the following scopes:

  • Build (read)
  • Release (read)
  • Test Management (read)

Bintray

  • BINTRAY_USER (yml: bintray_user)
  • BINTRAY_API_KEY (yml: bintray_apikey)

The bintray API requires authentication Create an account and obtain a token from the user profile page.

Drone

  • DRONE_TOKEN (yml: drone_token)

The self-hosted Drone API requires authentication Login to your Drone instance and obtain a token from the user profile page.

GitHub

  • GH_TOKEN (yml: gh_token)

Because of Github rate limits, you will need to provide a token, or else badges will stop working once you hit 60 requests per hour, the unauthenticated rate limit.

You can create a personal access token through the Github website. When you create the token, you can choose to give read access to your repositories. If you do that, your self-hosted Shields installation will have access to your private repositories.

When a gh_token is specified, it is used in place of the Shields token rotation logic.

  • GH_CLIENT_ID (yml: gh_client_id)
  • GH_CLIENT_SECRET (yml: gh_client_secret)

These settings are used by shields.io for GitHub OAuth app authorization but will not be necessary for most self-hosted installations. See production-hosting.md.

Jenkins CI

  • JENKINS_USER (yml: jenkins_user)
  • JENKINS_PASS (yml: jenkins_pass)

Provide a username and password to give your self-hosted Shields installation access to a private Jenkins CI instance.

JIRA

  • JIRA_USER (yml: jira_user)
  • JIRA_PASS (yml: jira_pass)

Provide a username and password to give your self-hosted Shields installation access to a private JIRA instance.

Nexus

  • NEXUS_USER (yml: nexus_user)
  • NEXUS_PASS (yml: nexus_pass)

Provide a username and password to give your self-hosted Shields installation access to your private nexus repositories.

NPM

  • NPM_TOKEN (yml: npm_token)

Generate an npm token to give your self-hosted Shields installation access to private npm packages

Sentry

  • SENTRY_DSN (yml: sentry_dsn)

A Sentry DSN may be used to send error reports from your installation to Sentry.io. For more info, see the self hosting docs.

SymfonyInsight (formerly Sensiolabs)

  • SL_INSIGHT_USER_UUID (yml: sl_insight_userUuid)
  • SL_INSIGHT_API_TOKEN (yml: sl_insight_apiToken)

The SymfonyInsight API requires authentication. To obtain a token, Create an account, sign in and obtain a uuid and token from your account page.

SonarQube

  • SONARQUBE_TOKEN (yml: sonarqube_token)

Generate a token to give your self-hosted Shields installation access to a private SonarQube instance or private project on a public instance.

Wheelmap

  • WHEELMAP_TOKEN (yml: wheelmap_token)

The wheelmap API requires authentication. To obtain a token, Create an account, sign in and use the Authentication Token displayed on your profile page.

View Git Blame Copy Permalink