User Supplied Secrets

User specified variables which are encrypted for security purposes are referred to as “secrets” in GitHub Actions. They are provided by the DevOps engineer who is developing the workflow. They are needed in order to identify the iCR server to be used for analysis and its accompanying configuration parameters. They are:

1. secrets.ICR_URL ``Provide the URL to the location of the iCR server to be used for the analysis and review. Using examples from the Private Platform User Guide, the url would look like: http://3.237.77.219:3001 **** ****Where 3.237.77.219 is the IP address of the iCR server and 3001 is the TCP port that the Navigator uses.

2. secrets.ICR_PASSPHRASE ``Entry into the Navigator is protected using a passphrase. This is the same passphrase that is used to enter the Navigator as described in Section 4.1 of the Private Platform User Guide.

3. secrets.LANGUAGE_VERSION With some languages that are analyzed by iCR, such as Python, the specific version of the language or related libraries needs to be specified in order for iCR to work correctly for the target source. For example, if you are using Python 3.7, then the string 3.7 is assigned.

4. secrets.PERSONAL_ACCESS_TOKEN ``To authorize the workflow to operate upon the project on behalf of a specific user, that workflow needs to supply a Personal Access Token (PAT) that authorizes access to their repositories. You can reuse the token you used in Preparing and Registering the Docker Image, or you can create another one as described in Creating a Personal Access Token.

5. secrets.MAIL_ADDRESS ``When the analysis triggered by this workflow completes, the User, upon whose behalf this analysis was performed, will receive an email notification letting them know it is complete. That User’s email will be entered here. An email address MUST be provided to allow a way for iCR to notify the User in the event of either success of some kind of failure. If no address is provided the workflow will not proceed.