Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Microsoft GH-200 - GitHub Actions Exam

Page: 3 / 3
Total 100 questions

Which default GitHub environment variable indicates the owner and repository name?

A.

REPOSITORY NAME

B.

GITHUB REPOSITORY

C.

ENV REPOSITORY

D.

GITHUB WORKFLOW REPO

As a developer, you need to make sure that only actions from trusted sources are available for use in your GitHub Enterprise Cloud organization. Which of the following statements are true? (Choose three.)

A.

Specific actions can individually be enabled for the organization, including version information.

B.

GitHub-verified actions can be collectively enabled for use in the enterprise.

C.

Actions can be restricted to only those available in the enterprise.

D.

Actions created by GitHub are automatically enabled and cannot be disabled.

E.

Individual third-party actions enabled with a specific tag will prevent updated versions of the action from introducing vulnerabilities.

F.

Actions can be published to an internal marketplace.

When creating and managing custom actions in an enterprise setting, which of the following is considered a best practice?

A.

creating a separate repository for each action so that the version can be managed independently

B.

creating a separate branch in application repositories that only contains the actions

C.

creating a single repository for all custom actions so that the versions for each action are all the same

D.

including custom actions that other teams need to reference in the same repository as application code

As a developer, you need to integrate a GitHub Actions workflow with a third-party code quality provider that uses the Checks API. How should you trigger a follow-up workflow?

A.

Add the workflow_run webhook event as a trigger for the workflow for the code quality integration name

B.

Add the check_run webhook event as a trigger for the workflow when the code quality integration is completed

C.

Add the pull_request webhook event as a trigger for the workflow when the code quality integration is synchronized

D.

Add the deployment webhook event as a trigger for the workflow when the code quality integration is completed

As a developer, how can you identify a composite action on GitHub?

A.

The action’s repository includes Dockerfile and package.json files.

B.

The action.yml metadata file has the runs.using value set to composite.

C.

The action’s repository name includes the keyword “composite.”

D.

The action’s repository includes an init.sh file in the root directory.

You create a self-hosted runner labeled as runner1.

You need to ensure that a GitHub Actions workflow job runs only on runner1.

Which YAML statement should you use?

A.

runs-on: [self-hosted, linux-xlarge]

B.

runs-on: - self-hosted - ubuntu-latest

C.

runs-on: [self-hosted, runner1]

D.

runs-on: self-hosted

What is the most secure way to store sensitive information in GitHub Actions workflows?

A.

Use environment variables in the workflow and store sensitive data directly in the variables.

B.

From the GitHub repository settings, store sensitive data as unencrypted text.

C.

Store the sensitive information as plain text in the workflow YAML file.

D.

Use GitHub Enterprise Managed User (OIDC) integration to dynamically fetch secrets from a third-party secrets manager.

You have exactly one Windows x64 self-hosted runner, and it is configured with custom tools. Which syntax could you use in the workflow to target that runner?

A.

self-hosted: [windows-x64]

B.

runs-on: [self-hosted, windows, x64]

C.

runs-on: windows-latest

D.

self-hosted: [windows, x64]

As a developer, how can you identify a JavaScript action on GitHub?

A.

The action.yml metadata file references a package.json file.

B.

The action ' s repository includes a js.yml file in the .github/workflows directory.

C.

The action’s repository name includes the keyword “JavaScript.”

D.

The action.yml metadata file has the runs.using value set to node16.

Which of the following is the most common way to target a specific major release version?

A.

steps:

uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c

B.

steps:

uses: actions/checkout@U1673995124

C.

steps:

uses: actions/checkout@v3

D.

steps:

uses: actions/checkout