# 3. Setting up sfops repository Once you have forked the repository from sfops upstream (contact team for access) into a repository in your GitHub organisation, please set up the following variables and secrets. ### Variables & Secrets To use the associated workflows, you need to set the following repository secrets and variables: #### GitHub Authentication **GitHub Personal Access Token** | Variable | Type | Value Type | Example | Comments | | ---------- | ----------------- | ---------- | -------- | ---------------------------------------------------------------------------------------------------------- | | GHA\_TOKEN | Repository Secret | String | ghp\_... | The GitHub PAT created in [Prerequisites](/flxbl/sfops/self-managed-instances/setting-up.md#prerequisites) | **GitHub App Credentials** These credentials are from the sfops-bot [GitHub App](/flxbl/sfops/self-managed-instances/setting-up/github-app.md): | Variable | Type | Value Type | Example | Comments | | --------------------------- | --------------------- | ---------- | ----------------- | -------------------------------------------------------------------- | | SFOPSBOT\_APP\_ID | Organization Variable | String | 1768214 | The App ID from your GitHub App settings page | | SFOPSBOT\_APP\_PRIVATE\_KEY | Organization Secret | String | -----BEGIN RSA... | The entire contents of the .pem file downloaded from your GitHub App | #### Docker Registry Configuration **Secrets for Pushing Docker Images** These secrets are required to push the built sfops Docker images to GitHub Container Registry (ghcr.io): | Variable | Type | Value Type | Example | Comments | | ------------------- | ----------------- | ---------- | -------- | ---------------------------------------------------------------- | | DOCKER\_PUSH\_TOKEN | Repository Secret | String | ghp\_... | GitHub PAT with write:packages permission (can reuse GHA\_TOKEN) | {% hint style="warning" %} **Important:** `DOCKER_PUSH_TOKEN` is recommended for pushing Docker images. While `GITHUB_TOKEN` can work if you grant repository access to the packages (see troubleshooting), a PAT with `write:packages` permission is more reliable and required for initial package creation. {% endhint %} {% hint style="info" %} **Alternative to DOCKER\_PUSH\_TOKEN:** If you prefer using `GITHUB_TOKEN`, you must grant your `sfops` repository write access to the container packages: 1. Go to: `https://github.com/orgs/YOUR_ORG/packages/container/sfops/settings` 2. Under **"Manage Actions access"**, click **"Add Repository"** 3. Add `sfops` with **Write** role 4. Repeat for `sfops-lite` package This is required because packages created by a PAT are owned by that user, not the repository. {% endhint %} **Configuration for Pulling Base Images** These settings configure where to pull the sfp-pro base images that sfops Docker images are built upon. **Default Setup (Using official sfp-pro from Gitea)** | Variable | Type | Value Type | Example | Comments | | ------------------------ | ------------------- | ---------- | --------------- | --------------------------------------------------- | | BASE\_REGISTRY | Repository Variable | String | source.flxbl.io | Keep as source.flxbl.io for official images | | BASE\_REPO | Repository Variable | String | flxbl | Keep as flxbl for official images | | BASE\_REGISTRY\_USERNAME | Repository Secret | String | your-username | Your Gitea username | | BASE\_REGISTRY\_TOKEN | Repository Secret | String | gitea\_token | Your Gitea token (same as created in Prerequisites) | **If You've Forked sfp-pro** If you've built your own sfp-pro images ([instructions](https://docs.flxbl.io/sfp/getting-started/docker-images/sfp-pro#building-docker-images)), configure these variables to point to your registry. **Example for GitHub Container Registry:** | Variable | Type | Value Type | Example | Comments | | ------------------------ | ------------------- | ---------- | ------------- | ---------------------------------------------------------------- | | BASE\_REGISTRY | Repository Variable | String | ghcr.io | GitHub Container Registry | | BASE\_REPO | Repository Variable | String | your-org | Your GitHub organization name | | BASE\_REGISTRY\_USERNAME | Repository Secret | String | your-username | Your GitHub username | | BASE\_REGISTRY\_TOKEN | Repository Secret | String | ghp\_... | Your GitHub PAT with read:packages (can reuse GHA\_TOKEN) | | BASE\_IMAGE\_NAME | Repository Variable | String | your-sfp-pro | Your custom sfp-pro image name (defaults to `sfp-pro`) | | BASE\_LITE\_IMAGE\_NAME | Repository Variable | String | your-sfp-lite | Your custom sfp-pro-lite image name (defaults to `sfp-pro-lite`) | {% hint style="info" %} **Important:** If you have forked sfp-pro and are using custom image names, ensure you set both: * `BASE_IMAGE_NAME`: For the main sfops image (defaults to `sfp-pro`) * `BASE_LITE_IMAGE_NAME`: For the lite sfops image (defaults to `sfp-pro-lite`) These variables are crucial for the workflows to correctly pull your custom base images. {% endhint %} #### Environment Configuration You need to create environments in your sfops repository for each organization you want to deploy to. Each environment requires the same set of variables with different values. **Setting Up Environments** Navigate to your sfops repository → **Settings** → **Environments** (or directly: `https://github.com/YOUR_ORG/sfops/settings/environments`) **Required: Production Environment** **Step 1: Create Production Environment** 1. Click **"New environment"** and name it (e.g., `production` or `prod`) 2. Add these environment variables: | Variable | Example Value | Comments | | ------------------- | ---------------------------------- | ---------------------------------------------------------- | | REPO\_OWNER | your-org | Your GitHub organization name | | PROJECT\_REPO | sf-core | Your production Salesforce repository | | SFOPS\_ACTION\_REPO | sfops-gh-actions | Production actions repository | | DASHBOARD\_REPO | sfops-dev-central | Dev Central repository | | SFP\_SERVER\_URL | | Codev Hub URL (use placeholder if not using Codev Hub yet) | | SFOPS\_IMAGE | ghcr.io/your-org/sfops:latest | Docker image with latest tag | | SFOPS\_LITE\_IMAGE | ghcr.io/your-org/sfops-lite:latest | Lite Docker image with latest tag | **Optional: Test Environment** {% hint style="info" %} **Recommended:** Create a test environment to validate changes before deploying to production. Skip this if you prefer to test directly in production. 🎲 {% endhint %} **Step 2: Create Test Environment** *(Optional)* 1. Click **"New environment"** and name it (e.g., `test` or `dev`) 2. Add these environment variables: | Variable | Example Value | Comments | | ------------------- | --------------------------------------- | --------------------------------------------------------------- | | REPO\_OWNER | your-org | Your GitHub organization name | | PROJECT\_REPO | sf-core-test | Your test Salesforce repository | | SFOPS\_ACTION\_REPO | sfops-gh-actions-test | Test actions repository | | DASHBOARD\_REPO | sfops-dev-central-test | Test Dev Central repository | | SFP\_SERVER\_URL | | Test Codev Hub URL (use placeholder if not using Codev Hub yet) | | SFOPS\_IMAGE | ghcr.io/your-org/sfops:development | Docker image with development tag | | SFOPS\_LITE\_IMAGE | ghcr.io/your-org/sfops-lite:development | Lite Docker image with dev tag | **Step 3: Configure Repository Variables** Go to Settings → **Secrets and variables** → **Actions** → **Variables** tab and create: * `ORGS`: Array with all your environment names, e.g., `['production']` or `['production', 'test']` {% hint style="info" %} **Important:** The values in ORGS must exactly match the environment names you created above. Add all your environments (production, test, etc.) to this single array. See [4. Trigger the workflows](/flxbl/sfops/self-managed-instances/setting-up/4.-trigger-the-workflows.md) for deployment instructions. {% endhint %} {% hint style="warning" %} These variables will be automatically set up during the set up of sfops in your repository by the FLXBL team. This guide is only applicable when you are setting up a self managed instance of sfops {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.flxbl.io/flxbl/sfops/self-managed-instances/setting-up/3.-setting-up-sfops-repository.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.