Secrets are encrypted environment variables that you create in a Git repository or organization. The secrets you create are available to use in GitHub Actions workflows. GitHub uses a libsodium sealed box to help ensure that secrets are encrypted before they reach GitHub, and remain encrypted until you use them in a workflow.

You can create a personal access token and use it in place of a password when performing Git operations over HTTPS with Git on the command line or the API.

Below is a list of Github Secrets or Tokens enabled and what they are enabled for.

Secret/Tokenrepository where enableddestination applicationdestination definitionIn LastPass ?Notes
DOCKERHUB_USER asfjenkins userYes - search asfjenkins dockerhubThe 'asfjenkins' user is a limited scope user, sole member of the 'jenkins' team in Dockerhub. As such, the 'jenkins' team needs to be added as 'Admin' to any repos in dockerhub where the token(s) will be used.
DOCKERHUB_TOKEN created as the asfjenkins dockerhub userYes - search asfjenkins dockerhub
SONARCLOUD_TOKENvarious ASF Github projects - set as a global secret at created as gmcdonald userYes, search sonarcloudGlobal scope for all projects