5. Setting up project repository
Last updated
Last updated
Once you have set up your sfops repository, you need to configure your Salesforce project repository with the necessary variables and secrets.
Navigate to your project repository → Settings → Secrets and variables → Actions
These credentials connect your project repository to the sfops-bot GitHub App:
Core settings for connecting your project to sfops infrastructure:
SFOPS_DASHBOARD_REPO
Repository Variable
String
your-org/dev-central
The Dev Central repository for this project
SFOPS_METRICS_PROVIDER
Repository Variable
String
datadog
Metrics provider (datadog, newrelic, or splunk)
BRANCHES
Repository Variable
Array
["main"]
List of branches tracked in DevCentral dashboard (typically just your main/trunk branch)
If using Jira or other issue tracking:
SFOPS_ISSUETRACKER_URL_BASE
Repository Variable
String
https://jira.example.com
Base URL of your issue tracker
SFOPS_ISSUETRACKER_WORKITEM_FILTER
Repository Variable
String
(FGK|FFK)-[0-9]{3,4}
Regex pattern for issue IDs
SFOPS_JIRA_TOKEN
Repository Secret
String
jira_token_xyz
Jira API token
Required for deployments and validations:
DEVHUB_SFDX_AUTH_URL
Repository Secret
String
force://...
SFDX Auth URL of your deployment service account in production
If your workflows fail with errors like:
Error response from daemon: deniedwhen trying to pull ghcr.io/YOUR_ORG/sfops:VERSION or ghcr.io/YOUR_ORG/sfops-lite:VERSION, the Docker packages need to be configured for internal organization access.
Solution 1: Configure Package Visibility (Preferred)
After the first successful build in your sfops repository (step 4):
Navigate to your organization's packages: https://github.com/orgs/YOUR_ORG/packages
For both sfops and sfops-lite packages:
Click on the package name
Go to Package settings
In Danger Zone, click Change package visibility
Select Internal - Make this package visible to everyone in your organization
Type the package name to confirm
Click I understand the consequences, change package visibility
Solution 2: Manage Actions Access (If visibility change is disabled)
If you see "Setting is disabled by organization administrators" when trying to change visibility:
Navigate to your organization's packages: https://github.com/orgs/YOUR_ORG/packages
For both sfops and sfops-lite packages:
Click on the package name
Go to Package settings
Find Manage Actions access section
Under Actions repository access, click Add Repository
Add your project repository (e.g., sf-core)
Save the changes
This grants specific repository access to pull the packages even when they remain private.
Note: One of these solutions must be applied after the first successful workflow run that creates the packages. Until access is configured, project repositories cannot pull the Docker images.
These variables will be automatically set up during the setup of sfops in your repository by the FLXBL team. This guide is only applicable when you are setting up a self-managed instance of sfops.