c863678e73
* adding new tables and linking to info on audit logs * editing some text: * adding new info on how to add image registry login * adding link and fixing table * formatting * formatting * Apply suggestions from code review Co-authored-by: Laura Coursen <lecoursen@github.com> * updaing private image registry secret info and other improvements * some minor fixes * fixing test errors * rewriting registry secret section * rewriting registry secret section * updating link to reflect title * Update content/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces.md Co-authored-by: Laura Coursen <lecoursen@github.com> * updating bullet point * moving codespaces to top-level item * fixing duplicated redirect * Adding some organization for contributors * adding learning codespaces to index file * do not error out if category array is empty * Apply suggestions from code review Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com> * fixing broken link * Document choosing machine type for a codespace in the GitHub UI (#19055) * Document choosing machine type in the GitHub UI * Replace link placeholder with actual path * Update content/codespaces/changing-the-machine-type-for-your-codespace.md Co-authored-by: Amy Burns <timeyoutakeit@github.com> Co-authored-by: Amy Burns <timeyoutakeit@github.com> * reoganizing based on CD * putting machine type doc in correct location * fixing broken redirects * removing quickstart example from index page * updating main index file * Fixing broken links * adding intros * adding js quickstart (#18960) * adding js quickstart * clarify walkthrough * adding more images and last few sections * fixing broken links * fixing broken links and formatting * formatting fixes * Apply suggestions from code review Co-authored-by: hubwriter <hubwriter@github.com> * adding index file for learn folder * adding some feedback changes * adding some review comments * fixing broken links Co-authored-by: hubwriter <hubwriter@github.com> * doing some additional re-org * fixing topics * adding Codespaces as a topic * fixing so title matches slug * Update data/reusables/codespaces/codespaces-machine-types.md Co-authored-by: Meg Bird <megbird@github.com> * expanding intro Co-authored-by: Laura Coursen <lecoursen@github.com> Co-authored-by: Sarah Schneider <sarahs@github.com> Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com> Co-authored-by: hubwriter <hubwriter@github.com> Co-authored-by: Meg Bird <megbird@github.com>
4.3 KiB
title, intro, product, versions, redirect_from, topics
| title | intro | product | versions | redirect_from | topics | ||||
|---|---|---|---|---|---|---|---|---|---|
| Managing encrypted secrets for Codespaces | You can store sensitive information, like tokens, that you want to access in your codespaces via environment variables. | {% data reusables.gated-features.codespaces %} |
|
|
|
{% note %}
Note: Encrypted secrets for {% data variables.product.prodname_codespaces %} is currently in beta and subject to change.
{% endnote %}
About encrypted secrets for {% data variables.product.prodname_codespaces %}
You can add encrypted secrets to your user account that you want to use in your codespaces. For example, you may want to store and access the following sensitive information as encrypted secrets.
- Personal access tokens to cloud services
- Service principals
- Subscription identifiers
- Credentials for a private image registry
You can choose which repositories should have access to each secret. Then, you can use the secret in any codespace you create for a repository that has access to the secret.
Adding a secret
{% note %}
Note: Tokens starting with GITHUB_ are reserved
{% endnote %}
{% data reusables.user_settings.access_settings %} {% data reusables.user_settings.codespaces-tab %}
- To the right of "Codespaces secrets", click New secret.
- Under "Name", type a name for your secret.
{% data reusables.user_settings.codespaces-secret-value %}
{% data reusables.user_settings.codespaces-secret-repository-access %} - Click Add secret.
Editing a secret
You can update the value of an existing secret, and you can change which repositories can access a secret.
{% data reusables.user_settings.access_settings %} {% data reusables.user_settings.codespaces-tab %}
- Under "Codespaces secrets", to the right of the secret you want to edit, click Update.
- Under "Value", click enter a new value.
{% data reusables.user_settings.codespaces-secret-value %}
{% data reusables.user_settings.codespaces-secret-repository-access %} - Optionally, to remove the secret's access to a repository, deselect the repository.
- Click Save changes.
Deleting a secret
{% data reusables.user_settings.access_settings %} {% data reusables.user_settings.codespaces-tab %}
- Under "Codespaces secrets", to the right of the secret you want to delete, click Delete.
- Read the warning, then click OK.
Allowing your codespace to access private images
A registry is a secure space for storing and managing private container images, such as Azure Container Registry or DockerHub. By adding a secret, your codespace can access private images within the registry.
When a codespace launches, {% data variables.product.prodname_codespaces %} will check for the following three secrets, which define the server name, username, and personal access token (PAT) for the container registry. If those secrets are found, {% data variables.product.prodname_codespaces %} will make the registry available inside your codespace.
<*>_CONTAINER_REGISTRY_SERVER<*>_CONTAINER_REGISTRY_USER<*>_CONTAINER_REGISTRY_PASSWORD
Use the steps in "Adding a secret" to add a secret for each of these items. Replace the “<*>” in the name with a consistent identifier. For example, if you had a private image registry in Azure, it might look like the following:
ACR_CONTAINER_REGISTRY_SERVER = mycompany.azurecr.io
ACR_CONTAINER_REGISTRY_USER = acr-user-here
ACR_CONTAINER_REGISTRY_PASSWORD = <PAT>
