问题描述

在 GitHub 文档中声明机密的优先级从最低到最高(Environment > Repository > Organization)，它还指出 Organization 机密可用于组织中的所有存储库.但它没有说明任何关于 Environment 和 Repository 秘密的信息.

In the GitHub documentation it states that the precedence of secrets is from lowest to highest (Environment > Repository > Organization), it also states that the Organization secrets are available for all repositories in the organization. But it doesn't state anything about Environment and Repository secrets.

我的问题是:

1. Environment 和 Repository secret 有什么区别?
2. 我应该什么时候使用 Environment 机密?
3. 我应该什么时候使用 Repository 机密?

1. What is the difference is between Environment and Repository secrets?
2. When should I use Environment secrets?
3. When should I use Repository secrets?

推荐答案

嗯，环境机密是特定于 environment 允许您在单个存储库中为作业运行不同的配置，例如先部署到暂存，然后再部署到生产.

Well, environment secrets are specific to an environment in Github Actions which allow you to run different configurations for jobs in a single repository, e.g. to deploy to staging first and later to production.

存储库机密特定于单个存储库(以及其中使用的所有环境)，而组织机密特定于整个组织及其下的所有存储库.

Repository secrets are specific to a single repository (and all environments used in there), while organisation secrets are specific to an entire organisation and all repositories under it.

如果您有特定于环境的机密，则可以使用环境机密.

You can use environment secrets if you have secrets which are specific to an environment.

如果您不确定，您也可以从所有内容的存储库秘密开始.如果您稍后引入需要不同机密的不同环境，您可以将存储库机密移动到特定环境.由于继承链，这对作业应该是透明的.

If you are unsure, you could also start with repository secrets for everything. If you later introduce different environments which require different secrets, you can move the repository secrets to the specific environments. Due to the inheritance chain, this should be transparent to the jobs.

这篇关于Github的“环境"的区别和“存储库"秘密?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！