You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs: update credentials section for org-level secrets
- All secrets are now managed at organization level
- Remove outdated "Read and write permissions" requirement
- Remove release bot secrets (not used by template workflows)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* `OSS_SONATYPE_USERNAME` / `OSS_SONATYPE_PASSWORD` - Maven Central deployment
75
+
* `PAGES_DEPLOY_TOKEN` - GitHub Pages deployment
76
+
* `SONAR_TOKEN` - SonarCloud analysis
79
77
80
-
They are picked up in the predefined pipeline-configurations:
78
+
No repository-level secret configuration is needed.
81
79
82
-
* `.github/workflows/maven.yml`
83
-
* `.github/workflows/maven-release.yml`
80
+
For reference:
84
81
85
-
Ensure that the actions are authorized correctly: Settings > Actions > General > Workflow permissions > "Read and write permissions" must be selected *not* "Read repository contents permission"
86
-
87
-
Documentation on how to create a signing key can be found https://github.com/cuioss/cui-parent-pom/blob/master/doc/signing_key.adoc[Documentation at cui-parent-pom]
88
-
89
-
A sonar token can be derived from https://sonarcloud.io/account/security
82
+
* Signing key documentation: https://github.com/cuioss/cui-parent-pom/blob/master/doc/signing_key.adoc[Documentation at cui-parent-pom]
0 commit comments