search

uwhackweek / jupyterbook-template

Template repository for UW Hackweek JupyterBook websites
http://book-template.hackweek.io/
MIT License
9 stars 6 forks source link

Minimize required github secrets and document how to add them #81

Open scottyhq opened 2 years ago

scottyhq commented 2 years ago

Currently the GitHub Actions fail when run for the first time after 'Using This Template' if certain secrets are not available in the organization. All of these secrets could be made optional. For example, only push to Dockerhub if DOCKER_PASSWORD and DOCKER_USERNAME values exist.

DOCKER_PASSWORD 
DOCKER_USERNAME

QUAY_PASSWORD
QUAY_USERNAME

# ? I'm not entirely sure this is necessary for the pages publishing...
GH_PAT 

# Requires a lot of manual setup via netlify app https://jupyterbook.org/publish/netlify.html 
NETLIFY_AUTH_TOKEN:
NETLIFY_SITE_ID:
scottyhq commented 2 years ago

Netlify previews require setting up an account linked to a github user with 'owner' permissions in the github organization, docs here: https://jupyterbook.org/publish/netlify.html

Quay.io requires first creating a new repository and then giving a 'robot' user permissions to push to that repository. documented here https://github.com/jupyterhub/repo2docker-action#push-repo2docker-image-to-quayio

scottyhq commented 4 months ago

Going to reopen this because I think it would also be useful to add recommendations on how to share secrets (if necessary) among a hackweek organizing team potentially at different institutions. We've been using a UW organizational LastPass account. Also some good recommendations here for open source projects https://scientific-python.org/specs/spec-0006/