GitHub Foundations — Question 17

As a developer, you are authoring a workflow that will deploy to both DevCloud and TestCloud resources. Each cloud resource is accessed with a different deployment key. Which approach best allows you to use the same reusable workflow in separate jobs to target the different cloud resources?

Answer options

• A. Populate a DEPLOY_KEY repository secret with a JSON object containing DevCloud and TestCloud properties. Then specify DEPLOY_KEY.DevCloud in the secrets sections of the reusable workflow.
• B. Use a marketplace action to conditionally parse the DEPLOY_KEY repository secret based on the cloud resource name.
• C. Store the different keys in a DEPLOY_KEY environment secret in the DevCloud and TestCloud environments. Specify DEPLOY_KEY in the secrets section of the reusable workflow.
• D. Create repository secrets named DevCloud.DEPLOY_KEY and TestCloud.DEPLOY_KEY so that the reusable workflow parses the secrets by resource name.

Correct answer: C

Explanation

Option C is correct because it allows the workflow to access the appropriate deployment key for each environment, ensuring a clean and reusable solution. Option A introduces unnecessary complexity with JSON objects, while Option B relies on additional parsing logic that is less straightforward. Option D requires separate naming conventions that could lead to confusion and increased maintenance overhead.