Environment secrets are scoped to GitHub Actions environments and can be protected by environment protection rules. If an environment requires reviewers, a job that references that environment cannot access its environment secrets until the required approval is granted. This makes option A correct. Option B is incorrect because environment secrets are made available to jobs that reference the protected environment, not selectively to only one specific step by default. Option C is not the purpose of environment secrets; they are not specifically for connecting to GitHub Enterprise Server. Option D is also incorrect because GitHub environment secrets do not automatically pull from Azure Key Vault without additional integration or custom workflow logic. This topic covers environment protection, secrets, and deployment governance.
================
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit