It is possible to provide a token or credentials for a number of external services. These may be used to lift a rate limit or provide access to private resources from a self-hosted instance.
There are two ways of setting secrets:
- Via environment variables. This is a good way to set them in a PaaS environment.
GH_TOKEN=...- Via checked-in
config/local.yml:
private:
gh_token: '...'For more complex scenarios, configuration files can cascade. See the node-config documentation for details.
AZURE_DEVOPS_TOKEN(yml:azure_devops_token)
An Azure DevOps Token (PAT) is required for accessing private Azure DevOps projects.
Create a PAT using an account that has access to your target Azure DevOps projects. Your PAT only needs the following scopes:
Build (read)Release (read)Test Management (read)
BINTRAY_USER(yml:bintray_user)BINTRAY_API_KEY(yml:bintray_apikey)
The bintray API requires authentication Create an account and obtain a token from the user profile page.
DRONE_TOKEN(yml:drone_token)
The self-hosted Drone API requires authentication Login to your Drone instance and obtain a token from the user profile page.
GH_TOKEN(yml:gh_token)
Because of Github rate limits, you will need to provide a token, or else badges will stop working once you hit 60 requests per hour, the unauthenticated rate limit.
You can create a personal access token through the Github website. When you create the token, you can choose to give read access to your repositories. If you do that, your self-hosted Shields installation will have access to your private repositories.
When a gh_token is specified, it is used in place of the Shields token
rotation logic.
GH_CLIENT_ID(yml:gh_client_id)GH_CLIENT_SECRET(yml:gh_client_secret)
These settings are used by shields.io for GitHub OAuth app authorization but will not be necessary for most self-hosted installations. See production-hosting.md.
JENKINS_USER(yml:jenkins_user)JENKINS_PASS(yml:jenkins_pass)
Provide a username and password to give your self-hosted Shields installation access to a private Jenkins CI instance.
JIRA_USER(yml:jira_user)JIRA_PASS(yml:jira_pass)
Provide a username and password to give your self-hosted Shields installation access to a private JIRA instance.
NEXUS_USER(yml:nexus_user)NEXUS_PASS(yml:nexus_pass)
Provide a username and password to give your self-hosted Shields installation access to your private nexus repositories.
NPM_TOKEN(yml:npm_token)
Generate an npm token to give your self-hosted Shields installation access to private npm packages
SENTRY_DSN(yml:sentry_dsn)
A Sentry DSN may be used to send error reports from your installation to Sentry.io. For more info, see the self hosting docs.
SL_INSIGHT_USER_UUID(yml:sl_insight_userUuid)SL_INSIGHT_API_TOKEN(yml:sl_insight_apiToken)
The SymfonyInsight API requires authentication. To obtain a token, Create an account, sign in and obtain a uuid and token from your account page.
SONARQUBE_TOKEN(yml:sonarqube_token)
Generate a token to give your self-hosted Shields installation access to a private SonarQube instance or private project on a public instance.
TWITCH_CLIENT_ID(yml:twitch_client_id)TWITCH_CLIENT_SECRET(yml:twitch_client_secret)
Register an application in the Twitch developer console in order to obtain a client id and a client secret for making Twitch API calls.
WHEELMAP_TOKEN(yml:wheelmap_token)
The wheelmap API requires authentication. To obtain a token, Create an account, sign in and use the Authentication Token displayed on your profile page.