GH-100 · Question #50
GH-100 Question #50: Real Exam Question with Answer & Explanation
The correct answer is D: Organization secret. Organization secrets (D) include a built-in access policy setting that lets you restrict which repositories can use the secret - options include all repositories, private/internal only, or a selected list - making it the exact place to enforce this requirement. A (Actions policie
Question
You want to ensure a secret is automatically available to only workflows in internal and private repositories in the organization. Where do you configure the required access policy?
Options
- AActions policies
- BRunner groups
- CRulesets
- DOrganization secret
Explanation
Organization secrets (D) include a built-in access policy setting that lets you restrict which repositories can use the secret - options include all repositories, private/internal only, or a selected list - making it the exact place to enforce this requirement.
A (Actions policies) controls what workflows are allowed to run (e.g., which actions can be used), not which repositories can access specific secrets. B (Runner groups) determines which repositories can use self-hosted runners, not which can read secrets. C (Rulesets) enforce branch/tag protection rules like required reviews or status checks - they have no role in secret visibility.
Memory tip: Think "secret access lives on the secret itself." Just as you'd set permissions on a file at the file level, GitHub lets you scope an organization secret's repository access directly within that secret's settings under Settings → Secrets and variables → Actions.
Topics
Community Discussion
No community discussion yet for this question.