GitHub Foundations — Question 26

A single secret must be accessed by workflows in specific repositories. What is the best way to create the secret?

Answer options

• A. Create an environment secret at the organization level and leverage that environment in each of the specified repositories.
• B. Create an organization secret, specify Selected repositories as the Repository access, and select the required repositories.
• C. Create the secret in one of the repositories, check the Share secret option, and select the required repositories.
• D. Store the secret in a supported external key vault. Configure OpenID Connect (OIDC) to allow access to the external vault and link the secret from the external key vault in each of the specific repositories.

Correct answer: B

Explanation

The correct answer is B because creating an organization secret with selected repository access allows for centralized management and secure sharing across specific repositories. Option A is incorrect as environment secrets are not as flexible for specific repository access. Option C does not provide the best control and management for the secret, while option D introduces unnecessary complexity by relying on an external key vault when the organization secret suffices.