Add new API key prod docs (#1185)

TraceMachina · Jul 22, 2024 · f59f8ba · f59f8ba
1 parent 97f64b2
commit f59f8ba
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 2 deletions.
diff --git a/.github/styles/config/vocabularies/TraceMachina/accept.txt b/.github/styles/config/vocabularies/TraceMachina/accept.txt
@@ -52,3 +52,4 @@ proto
 quantiles
 Config
 Grafana
+GitHub
diff --git a/docs/astro.config.mjs b/docs/astro.config.mjs
@@ -122,6 +122,10 @@ export default defineConfig({
               label: "Pants",
               link: "/nativelink-cloud/pants/",
             },
+            {
+              label: "API Keys in Production",
+              link: "/nativelink-cloud/api-key/",
+            },
           ],
         },
         {

diff --git a/docs/scripts/md_to_mdx.ts b/docs/scripts/md_to_mdx.ts
@@ -76,7 +76,7 @@ pagefind: ${pagefind}
 `;
 }
 
-export function transformGithubMarkdown(content: RootContent[]): RootContent[] {
+export function transformGitHubMarkdown(content: RootContent[]): RootContent[] {
   return content.flatMap((node) => {
     if (node.type === "blockquote") {
       const transformed = transformBlockquote(node as Blockquote);
@@ -227,7 +227,7 @@ export async function transformMarkdownToMdx(
   const tree = parseMarkdown(preprocessedMarkdown);
   const { title, content } = extractTitle(tree);
 
-  let transformedContent = transformGithubMarkdown(content);
+  let transformedContent = transformGitHubMarkdown(content);
   transformedContent = preserveInlineCode(transformedContent);
 
   const modifiedMarkdown = remark()

diff --git a/docs/src/content/docs/nativelink-cloud/api-key.mdx b/docs/src/content/docs/nativelink-cloud/api-key.mdx
@@ -0,0 +1,30 @@
+---
+title: "API Keys in Production"
+description: "How to use NativeLink Cloud API keys in production"
+pagefind: true
+---
+
+## GitHub Actions
+GitHub Repository Secrets is the recommended way
+to store your NativeLink Cloud API keys
+for use with GitHub Actions.
+
+[GitHub Repository Secrets Tutorial](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)
+
+They can be access via the secrets context i.e.
+```
+${{ secrets.YourSecretKeyName }}
+```
+
+:::note
+If your repository uses forks for pull requests (PRs), note that the secrets
+context isn't accessible from PRs originating from forks. To address this,
+we will soon introduce Read-Only keys.
+
+Read-Only keys can be used for PRs and stored in the vars context. For
+merge-to-main actions, use a Read/Write key stored in the secrets context.
+:::
+
+If you need info on setting up API keys for different CI environments, ask in
+the [Slack channel](https://nativelink.slack.com/join/shared_invite/zt-281qk1ho0-krT7HfTUIYfQMdwflRuq7A#/shared-invite/email)
+or open an issue on our [GitHub](https://github.com/TraceMachina/nativelink).
-Original file line number
+Diff line change
@@ Expand Up / @@ -52,3 +52,4 @@ proto @@
     quantiles
     Config
     Grafana
+    GitHub