[Question] Access to repositories information from another account

[Drjacky]

https://github.com/Azure/actions-workflow-samples/blob/master/assets/create-secrets-for-GitHub-workflows.md

How to create secret for all repositories of a GitHub account A, to use it in another GitHub account B?

[TheProdigyLeague]

No tech guru here, but hope this helps nonetheless... /workflow/build/Deployment/Node.js | \Web.app ---> Azure(cTM) \user \profile From your Azure fs,

+ File: .github/workflows/workflow.yml

on: push

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
    # chkout repo
    - name: 'Checkout Github Action' 
      uses: actions/checkout@master

    - name: Setup Node 10.x
      uses: actions/setup-node@v1
      with:
        node-version: '10.x'
    - name: 'npm install, build, and test'
      run: |
        npm install
        npm run build --if-present
        npm run test --if-present

    - name: 'Run acct A and publish secret for @Drjacky  Azure/repo'
      uses: azure/webapps-deploy@v2
      with: 
        app-name: node-rn
        publish-profile: ${{ secrets.azureWebAppPublishProfile }}
- .portal, .crypto

Follow these steps to use it on Acct B:

• Download acct A's published profile for WebApp from Portal (Get Publish profile option)
• Define a new secret under Acc B's repository settings, Add secret menu
• Paste the contents for the downloaded publish profile file into the secret's value field
• Now in the workflow file in your branch: .github/workflows/workflow.yml replace the secret for the input publish-profile: of the deploy Azure WebApp action (Refer to the example above) Finally, usr/cred/Azure.Srvc | usr/profile/etc
  • repo.git ▶ .yml, .json, .py secrets

• User-level credentials i.e., Azure Service Principal for deployment.

  1. Define Secret/vars
  2. Settings -> Secrets -> New secret. Provide a secret variable Name, for example 'AZURE_CREDENTIALS'
  3. ⮕ az cli
  4. cmd/Store/io/value/_Secret_vars
  5. Store output as Value of secret variable az ad command scopes service principal to a specific resource group... {resource-group} within a specific Azure subscription {subscription-id} V

     
     $ az ad sp create-for-rbac --name "myApp" --role contributor \
                         --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group} \
                         --sdk-auth

  Replace {subscription-id}, {resource-group} "resource, group, details"

  The command should output a JSON object similar to this:

  { "clientId": "", "clientSecret": "", "subscriptionId": "", "tenantId": "", (...) }