Add PAT as a secret

This section shows you how to add the PAT as a secret to the infrastructure repository. It's the same PAT you created earlier.

Step 1: Add the secret

Change IAC_REPO to the name of your infrastructure repository and paste the PAT when asked to paste your secret.

CLIGUI

Run these commands and paste the PAT from the previous section of the guide when prompted.

IAC_REPO="oslokommune/pirates-iac"
gh secret set --repo "$IAC_REPO" PAT_ON_MACHINE_USER_FOR_IMAGE_TAG_COMMITS

Example output

? Paste your secret ***
✓ Set Actions secret PAT_ON_MACHINE_USER_FOR_IMAGE_TAG_COMMITS for oslokommune/pirates-iac

Go to your infrastructure repository and navigate to Settings > Secrets and variables > Actions > Repository secrets. Click on New repository secret.

Name: PAT_ON_MACHINE_USER_FOR_IMAGE_TAG_COMMITS
Value: The value of the PAT that you previously added to your team's 1Password vault (for example github_pat_R2eH8G6iO3qV7jK1bW0zN4pL).

Click on Add secret.

Why is this a repository secret?

You don't need to use an environment for this secret because it's the same value for all environments.

Next step

Create a GPG key for the GitHub machine user.