Add docs on allow-secrets Change-Id: Ic37bf36eb7c83ce1b4fee1760711feb211c60dee

commit: f17aa9c37fed1e5daa4972644decc5398d276ad5 [log] [tgz]
author: James E. Blair <jeblair@redhat.com> Wed Jul 05 13:21:23 2017 -0700
committer: James E. Blair <jeblair@redhat.com> Thu Jul 06 15:03:24 2017 -0700
tree: 0a0ae485ff552e671416142e3efd169e144d36af
parent: cc3ca7dc618f4130fe7e089c861b231bef28894e [diff]
diff --git a/doc/source/user/config.rst b/doc/source/user/config.rst
index e7226e9..6537854 100644
--- a/doc/source/user/config.rst
+++ b/doc/source/user/config.rst

@@ -164,6 +164,17 @@
     For more detail on the theory and operation of Zuul's dependent
     pipeline manager, see: :doc:`gating`.
 
+**allow-secrets**
+  This is a boolean which can be used to prevent jobs which require
+  secrets from running in this pipeline.  Some pipelines run on
+  proposed changes and therefore execute code which has not yet been
+  reviewed.  In such a case, allowing a job to use a secret could
+  result in that secret being exposed.  The default is False, meaning
+  that in order to run jobs with secrets, this must be explicitly
+  enabled on each Pipeline where that is safe.
+
+  For more information, see :ref:`secret`.
+
 **description**
   This field may be used to provide a textual description of the
   pipeline.  It may appear in the status page or in documentation.
commit	f17aa9c37fed1e5daa4972644decc5398d276ad5	[log] [tgz]
author	James E. Blair <jeblair@redhat.com>	Wed Jul 05 13:21:23 2017 -0700
committer	James E. Blair <jeblair@redhat.com>	Thu Jul 06 15:03:24 2017 -0700
tree	0a0ae485ff552e671416142e3efd169e144d36af
parent	cc3ca7dc618f4130fe7e089c861b231bef28894e [diff]