Secrets

Information about the secrets used by this project.

GitHub

GitHub secrets are set in the settings of the repository for use by GitHub Actions.

Environment Secrets

Secrets specific to the repository, specific to a single environment.

DEPLOY_AWS_ACCESS_KEY_ID

AWS Access Key for the IAM user used to deploy infrastructure to accounts. This is not the user used when running tests but for deploying infrastructure used by tests (including the IAM user running the tests).

DEPLOY_AWS_SECRET_ACCESS_KEY

AWS Secret Access Key for the IAM user used to deploy infrastructure to accounts. This is not the user used when running tests but for deploying infrastructure used by tests (including the IAM user running the tests).

Repository Secrets

Secrets specific to the repository, available to all environments.

AWS_ACCESS_KEY

AWS Access Key for the IAM user used to publish artifacts to S3. This IAM user exists in the public AWS account.

AWS_SECRET_KEY

AWS Secret Access Key for the IAM user used to publish artifacts to S3. This IAM user exists in the public AWS account.

NPM_API_TOKEN

API access token used to publish Runway to NPM.

PYPI_PASSWORD

API token used to publish Runway to PyPi. This should be scoped to only the Runway project.

TEST_PYPI_PASSWORD

Similar to PYPI_PASSWORD but for https://test.pypi.org/.

TEST_RUNNER_AWS_ACCESS_KEY_ID

AWS Access Key for the IAM user used to run tests.

TEST_RUNNER_AWS_SECRET_ACCESS_KEY

AWS Secret Access Key for the IAM user used to run tests.

ReadTheDocs

Secrets are set as environment variables for ReadTheDocs to use when building documentation.

SPHINX_GITHUB_CHANGELOG_TOKEN

Used by sphinx-github-changelog to generate a changelog for GitHub Releases. The GitHub personal access token scope only needs to include repo.public_repo.