The map uses three external services that require credentials: Google Places (restaurant hours), a Cloudflare Worker (click tracking and the stats dashboard), and Cloudflare Web Analytics (page views). None of these keys should appear in committed code. This page lists every secret, where it must be stored, and which feature it unlocks.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/samgutentag/sbburgerweek/llms.txt
Use this file to discover all available pages before exploring further.
GitHub Repo Secrets
Add these at Settings → Secrets and variables → Actions → New repository secret in your GitHub repo. They are injected as environment variables into GitHub Actions workflow runs and are never exposed in logs or committed files.| Secret | Used By | Required For |
|---|---|---|
GOOGLE_PLACES_API_KEY | fetch-hours.yml, fetch-place-ids.py, fetch-hours.py | Restaurant hours feature |
CF_ACCOUNT_ID | snapshot-tracking.yml | Tracking data snapshots |
CF_API_TOKEN | snapshot-tracking.yml, Worker | Tracking + snapshots |
GOOGLE_PLACES_API_KEY — A Google Cloud API key restricted to the Places API. Required to resolve restaurant mapUrl links to stable Google Place IDs (fetch-place-ids.py) and to fetch daily operating hours (fetch-hours.py). The key is injected into workflow runs only; it is never written to any file or sent client-side.
CF_ACCOUNT_ID — Your Cloudflare account ID (found in the Cloudflare dashboard sidebar or in the URL after you log in). Required by snapshot-tracking.yml to authenticate Analytics Engine SQL queries when snapshotting daily tracking data.
CF_API_TOKEN — A Cloudflare API token with Analytics Engine → Read and Workers Scripts → Edit permissions scoped to your account. Used by the snapshot workflow to query Analytics Engine and by Wrangler when deploying or managing the tracking Worker. The same token is also set as a Worker secret (see below).
Cloudflare Worker Secrets
These secrets are stored inside the Cloudflare Worker itself and are never visible in your repository. Set them from theworkers/track/ directory using the Wrangler CLI:
| Secret | Required For |
|---|---|
CF_API_TOKEN | Worker reads from Analytics Engine (same token as the GitHub repo secret) |
ADMIN_TOKEN | Password for the /admin search query viewer |
CF_API_TOKEN — The same Cloudflare API token stored as a GitHub repo secret. Inside the Worker, it is used to authenticate GET /?admin=true requests to the Analytics Engine SQL API, which powers the stats dashboard and the /admin search query endpoint.
ADMIN_TOKEN — A password you choose. Required to access the GET /?admin=true&token=<ADMIN_TOKEN> endpoint, which returns the top search queries entered by users in the last seven days. The Worker rejects any request where the token does not match. Choose any strong password — it only needs to be known to you.
config.js Fields That Look Like Secrets But Aren’t
Severalconfig.js fields handle credentials or service tokens, but behave differently from the secrets above.
cfAnalyticsToken — This is a public, client-side token. Cloudflare Web Analytics is designed so the token can appear in page source — it only allows writing analytics data to your account, not reading it. It is safe to commit directly in config.js. Set it to null to disable analytics and remove the injected snippet. This field is currently null in the SB Burger Week 2026 config.
trackUrl — This is the public URL of your deployed Cloudflare Worker. It is embedded in the client-side track.js module and appears in page source. This is expected — the Worker URL is not a secret. Anyone can send POST requests to it, but the Worker only writes to your private Analytics Engine dataset. It is safe to commit. This field is currently null in the SB Burger Week 2026 config, which disables all tracking.
googlePlacesApiKey — This field should always be null in committed code. It exists as a placeholder to make the config self-documenting. The actual key lives in the GOOGLE_PLACES_API_KEY GitHub repo secret and is never set here. Do not paste a live key into config.js.