From bb44a4bf831226879c708605191cf09a7ead9fdb Mon Sep 17 00:00:00 2001
From: HonkingGoose <34918129+HonkingGoose@users.noreply.github.com>
Date: Fri, 10 Jun 2022 07:00:51 +0200
Subject: [PATCH] docs(circleci): explain private orbs hostRules (#15939)

---
 lib/modules/manager/circleci/readme.md | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/lib/modules/manager/circleci/readme.md b/lib/modules/manager/circleci/readme.md
index 39533ff501..8b02aa3d36 100644
--- a/lib/modules/manager/circleci/readme.md
+++ b/lib/modules/manager/circleci/readme.md
@@ -1,3 +1,29 @@
 The `circleci` manager extracts both `docker` as well as `orb` datasources from CircleCI config files.
 
 If you need to change the versioning format, read the [versioning](https://docs.renovatebot.com/modules/versioning/) documentation to learn more.
+
+### Private orbs
+
+To get private orbs working you should:
+
+1. Encrypt your CircleCI token with the [Renovate encryption page](https://app.renovatebot.com/encrypt)
+1. Create a new `hostRules` entry in your Renovate config file
+1. Put the encrypted token in the `token` field
+
+The end-result should look like this:
+
+```json
+{
+  "hostRules": [
+    {
+      "matchHost": "circleci.com",
+      "authType": "Token-Only",
+      "encrypted": {
+        "token": "****"
+      }
+    }
+  ]
+}
+```
+
+This config strips the Bearer/Basic prefix from the `authorization` header.
-- 
GitLab