You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -50,7 +50,7 @@ You can configure Monorobot to [unfurl GitHub links](https://api.slack.com/refer
50
50
51
51
### Documentation
52
52
53
-
The bot expects two configuration files to be present.
53
+
Add a configuration file to each repository you want to support, and a secrets file on the bot server itself. Read on for instructions to set up each file:
Copy file name to clipboardExpand all lines: documentation/secret_docs.md
+28Lines changed: 28 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,6 +17,8 @@ A secrets file stores sensitive information. Unlike the repository configuration
17
17
|-|-|-|-|
18
18
|`gh_token`| specify to grant the bot access to private repositories; omit for public repositories | Yes | - |
19
19
|`gh_hook_token`| specify to ensure the bot only receives GitHub notifications from pre-approved repositories | Yes | - |
20
+
|`repos`| an object mapping repository URLs to repository-specific GitHub secrets | Yes | - |
21
+
|`allowed_repos`| a whitelist of repository URLs to process payloads for | Yes | all incoming payloads are processed |
20
22
|`slack_access_token`| slack bot access token to enable message posting to the workspace | Yes | try to use webhooks defined in `slack_hooks` instead |
21
23
|`slack_hooks`| list of channel names and their corresponding webhook endpoint | Yes | try to use token defined in `slack_access_token` instead |
@@ -27,10 +29,36 @@ Note that either `slack_access_token` or `slack_hooks` must be defined.
27
29
28
30
Some operations, such as fetching a config file from a private repository, or the commit corresponding to a commit comment event, require a personal access token. Refer [here](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token) for detailed instructions on token generation.
29
31
32
+
*See `repos` if you need to support multiple repositories that use different tokens.*
33
+
30
34
## `gh_hook_token`
31
35
32
36
Refer [here](https://docs.github.com/en/free-pro-team@latest/developers/webhooks-and-events/securing-your-webhooks) for more information on securing webhooks with a token.
33
37
38
+
*See `repos` if you need to support multiple repositories that use different tokens.*
39
+
40
+
## `repos`
41
+
42
+
If you're using Monorobot for multiple repositories that need different secrets (e.g., one on github.com and another on GitHub Enterprise), you can provide them as an object. Secrets defined here will take precedence over those defined at the top level of the secrets file.
43
+
44
+
Repository URLs should be fully qualified (include the protocol).
45
+
46
+
```json
47
+
{
48
+
"https://github.com/acme/runner" : {
49
+
"gh_token": "XXX"
50
+
},
51
+
"https://git.acme.com/acme/coyote" : {
52
+
"gh_token": "XXX",
53
+
"gh_hook_token": "XXX"
54
+
}
55
+
}
56
+
```
57
+
58
+
## `allowed_repos`
59
+
60
+
Use this option to restrict incoming notifications from GitHub to approved repository URLs.
61
+
34
62
## `slack_access_token`
35
63
36
64
Refer [here](https://api.slack.com/authentication/oauth-v2) for obtaining an access token via OAuth.
0 commit comments