Microsoft GH-200 Online Practice Questions and Exam Preparation

Microsoft GH-200 Online Questions & Answers

• Question 1:

  When creating and managing custom actions in an enterprise setting, which of the following is considered a best practice?

  A. creating a separate repository for each action so that the version can be managed independently
  B. creating a separate branch in application repositories that only contains the actions
  C. creating a single repository for all custom actions so that the versions for each action are all the same
  D. including custom actions that other teams need to reference in the same repository as application code
  A. creating a separate repository for each action so that the version can be managed independently

  ---

  explanation:

  Explanation

  Managing custom actions Choosing a location for your action If you're developing an action for other people to use, we recommend keeping the action in its own repository instead of bundling it with other application code. This allows you to

  version, track, and release the action just like any other software.

  Creating a separate repository for each custom action allows you to manage the versioning independently for each action. This approach provides flexibility, as each action can be updated, tested, and versioned separately, avoiding potential

  conflicts or dependencies between different actions.

  https://docs.github.com/en/actions/how-tos/create-and-publish-actions/manage-custom-actions

• Question 2:

  Which of the following is the best way for an enterprise to prevent certain marketplace actions from running?

  A. Create a list of the actions that are restricted from being used as an enterprise policy. Every other action can be run.
  B. It is not possible; if an action is in the marketplace, its use cannot be restricted.
  C. Create a list that is maintained as a . yml file in a . github repository specified in the enterprise. Only these actions can be run.
  D. Create a list of the actions that are allowed to run as an enterprise policy. Only these actions can be run.
  D. Create a list of the actions that are allowed to run as an enterprise policy. Only these actions can be run.

  ---

  explanation:

  Explanation

  The best way for an enterprise to control which GitHub Actions run is by creating a list of approved actions as an enterprise policy. This approach restricts workflows to only use the actions that are explicitly allowed, ensuring security and compliance within the organization.

  Note: To allow a specific list of actions at the GitHub Enterprise level, an administrator must navigate to Enterprise > Policies > Actions and select "Allow select actions". Then, from the dropdown menus, they choose "Allow selected actions and reusable workflows" and add the desired actions to the allowed list using the format OWNER/REPOSITORY@TAG-OR-SHA. These actions can also include local actions, actions from specific organizations, or specific tags or commit SHAs.

  https://docs.github.com/en/enterprise-cloud@latest/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise

• Question 3:

  Your organization needs to simplify reusing and maintaining automation in your GitHub Enterprise Cloud. Which components can be directly reused across all repositories in an organization? (Each correct answer presents a complete solution. Choose three.)

  A. actions stored in an organizational partition in the GitHub Marketplace
  B. custom Docker actions stored in GitHub Container Registry
  C. self-hosted runners
  D. encrypted secrets
  E. workflow templates
  F. actions stored in private repositories in the organization
  D. encrypted secrets
  E. workflow templates
  F. actions stored in private repositories in the organization

  ---

  explanation:

  Explanation

  [D] Encrypted secrets can be accessed across repositories in the same organization, making it easy to store sensitive data (like API keys or tokens) securely while allowing multiple workflows to access them.

  [E] Workflow templates allow you to create reusable templates for workflows that can be shared across repositories within the organization. This makes it easier to standardize processes and automate them across multiple projects.

  [F] Actions stored in private repositories within the organization can be reused across all repositories by referencing them in workflows. This ensures a centralized way of maintaining custom actions.

  https://docs.github.com/en/actions/how-tos/reuse-automations/reuse-workflows

• Question 4:

  A workflow that had been working now stalls in a waiting state until failing. The workflow file process-ml.yaml has not changed and contains jobs specifying runs-on: [gpu ]. Which of the following steps would troubleshoot the issue? (Each answer presents a complete solution. Choose two.)

  A. Review the contents of the Runner_*.log files in the _diag folder.
  B. Increase the usage limits for the GitHub-hosted runners.
  C. Check the “Set up job” step for the logs of the last successful run to determine the runner.
  D. Update the org settings to enable GPU-based GitHub-hosted runners.
  E. Rotate the GITHUB_TOKEN secret for the appropriate runners.
  A. Review the contents of the Runner_*.log files in the _diag folder.
  D. Update the org settings to enable GPU-based GitHub-hosted runners.

  ---

  explanation:

  Explanation

  Monitoring and troubleshooting self-hosted runners

  You can monitor your self-hosted runners to view their activity and diagnose common issues.

  [A] Reviewing the self-hosted runner application log files You can monitor the status of the self-hosted runner application and its activities. Log files are kept in the _diag directory where you installed the runner application, and a new log is generated each time the application is started. The filename begins with Runner_, and is followed by a UTC timestamp of when the application was started.

  [D] You can choose one of the standard GitHub-hosted runner options or, if you are on the GitHub Team or GitHub Enterprise Cloud plan, you can provision a runner with more cores, or a runner that's powered by a GPU processor. These machines are referred to as "larger runner."

  https://docs.github.com/en/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot https://docs.github.com/en/actions/concepts/runners/github-hosted-runners

• Question 5:

  What are the most significant advantages of adding documentation while distributing custom actions? (Each answer presents a complete solution. Choose two.)

  A. It generates auto completion when using the action in a workflow.
  B. It shares the description of the action to the users.
  C. It provides an example of the action.
  D. It creates a readme.md for the consuming workflow.
  B. It shares the description of the action to the users.
  D. It creates a readme.md for the consuming workflow.

  ---

  explanation:

  Explanation

• Question 6:

  A single secret must be accessed by workflows in specific repositories. What is the best way to create the secret?

  A. Create an environment secret at the organization level and leverage that environment in each of the specified repositories.
  B. Create an organization secret, specify Selected repositories as the Repository access, and select the required repositories.
  C. Create the secret in one of the repositories, check the Share secret option, and select the required repositories.
  D. Store the secret in a supported external key vault. Configure OpenID Connect (OIDC) to allow access to the external vault and link the secret from the external key vault in each of the specific repositories.
  B. Create an organization secret, specify Selected repositories as the Repository access, and select the required repositories.

  ---

  explanation:

  Explanation

  Creating secrets for an organization

  When creating a secret or variable in an organization, you can use a policy to limit access by repository.

  For example, you can grant access to all repositories, or limit access to only private repositories or a specified list of repositories.

  To specify that the secret should be available to selected repositories within the organization, use the --repos or -r flag.

  gh secret set --org ORG_NAME SECRET_NAME --repos REPO-NAME-1, REPO-NAME-2

  Note: REST API endpoints for GitHub Actions Secrets

  Use the REST API to interact with secrets in GitHub Actions.

  * Set selected repositories for an organization secret Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. Request example Put /orgs/{org}/actions/secrets/{secret_name}/repositories

  https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#set-selected-repositories-for-an-organization-secret

• Question 7:

  An organization’s policies specify only local actions are allowed. How should actions be distributed for this organization?

  A. via a repository owned by a third party
  B. via repositories owned by the organization
  C. via the GitHub Marketplace
  D. via the .github repository owned by the organization
  B. via repositories owned by the organization

  ---

  explanation:

  Explanation

  Local GitHub Actions refer to two concepts: custom actions developed within your own repository and the process of running any GitHub Action locally on your machine for faster testing and debugging.

  1. Local Actions (within your repository)

  Definition:

  These are custom actions that you define and store directly in your repository under the .github/actions/directory. They are not publicly shared, unlike actions from the GitHub Marketplace.

  Purpose:

  They are used for project-specific, repetitive tasks that you want to reuse within your workflows without publishing them globally.

  How it works:

  You can call these local actions in your workflow files as if they were standard published actions.

  2. Running Actions Locally (on your development machine)

  Note: Pinned repositories You can give users easy access to important or frequently used repositories, by choosing up to six repositories for public users and six repositories for members of the organization. Once you pin repositories to your

  organization profile, the "Pinned" section is shown above the "Repositories" section of the profile page.

  https://dev.to/codenamegrant/supercharging-your-workflows-with-local-github-actions-2o23 https://docs.github.com/en/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile

• Question 8:

  GitHub-hosted runners support which capabilities? (Each correct answer presents a complete solution. Choose two.)

  A. support for Linux, Windows, and macOS
  B. support for a variety of Linux variations including CentOS, Fedora, and Debian
  C. requiring a payment mechanism (e.g., credit card) to use for private repositories
  D. automatic file-system caching between workflow runs
  E. automatic patching of both the runner and the underlying OS
  A. support for Linux, Windows, and macOS
  E. automatic patching of both the runner and the underlying OS

  ---

  explanation:

  Explanation

  [A, not B] Each GitHub-hosted runner is a new virtual machine (VM) hosted by GitHub with the runner application and other tools preinstalled, and is available with Ubuntu Linux, Windows, or macOS operating systems.

  [E] When you use a GitHub-hosted runner, machine maintenance and upgrades are taken care of for you.

  https://docs.github.com/en/enterprise-server@3.17/actions/concepts/runners/github-hosted-runners

• Question 9:

  As a developer, you are authoring a workflow that will deploy to both DevCloud and TestCloud resources. Each cloud resource is accessed with a different deployment key. Which approach best allows you to use the same reusable workflow in separate jobs to target the different cloud resources?

  A. Populate a DEPLOY_KEY repository secret with a JSON object containing DevCloud and TestCloud properties. Then specify DEPLOY_KEY.DevCloud in the secrets sections of the reusable workflow.
  B. Use a marketplace action to conditionally parse the DEPLOY_KEY repository secret based on the cloud resource name.
  C. Store the different keys in a DEPLOY_KEY environment secret in the DevCloud and TestCloud environments. Specify DEPLOY_KEY in the secrets section of the reusable workflow.
  D. Create repository secrets named DevCloud.DEPLOY_KEY and TestCloud.DEPLOY_KEY so that the reusable workflow parses the secrets by resource name.
  C. Store the different keys in a DEPLOY_KEY environment secret in the DevCloud and TestCloud environments. Specify DEPLOY_KEY in the secrets section of the reusable workflow.

  ---

  explanation:

  Explanation

  Using inputs and secrets in a reusable workflow

  You can define inputs and secrets, which can be passed from the caller workflow and then used within the called workflow.

  In the reusable workflow, use the inputs and secrets keywords to define inputs or secrets that will be passed from a caller workflow.

  on: workflow_call: inputs:

  config-path:

  required: true

  type: string

  secrets:

  personal_access_token:

  required: true

  https://docs.github.com/en/enterprise-cloud@latest/actions/how-tos/reuse-automations/reuse-workflows

• Question 10:

  What are two reasons to keep an action in its own repository instead of bundling it with other application code? (Each correct answer presents a complete solution. Choose two.)

  A. It makes the action.yml file optional.
  B. It makes it easier for the GitHub community to discover the action.
  C. It widens the scope of the code base for developers fixing issues and extending the action.
  D. It decouples the action’s versioning from the versioning of other application code.
  E. It allows sharing workflow secrets with other users.
  B. It makes it easier for the GitHub community to discover the action.
  D. It decouples the action’s versioning from the versioning of other application code.

  ---

  explanation:

  Explanation

  Storing an action in its own repository makes it easier for the GitHub community to discover the action [B], narrows the scope [Not C] of the code base for developers fixing issues and extending the action, and decouples the action's versioning from the versioning of other application code [D].

  https://docs.github.com/en/actions/how-tos/create-and-publish-actions/manage-custom-actions