OTB-Continuous-Integration-platform.md

@@ -36,6 +36,37 @@ When a pipeline ends, there are two cases:
 
 Failed jobs can be retried if you think the failure was not bound to your commit.
 
+## Q: Why some features are disabled when I push from my OTB fork?
+
+First, you need an access to the Runners from main repository. You
+can request it when doing your first merge request. During code review, someone
+from CI admins will assign the runners to your fork.
+
+Then, there are two security tokens that are needed to enable some features of
+the CI platform:
+
+* `K8S_SECRET_API_TOKEN`: A token for Gitlab API. It enables the dashboard links
+  in the External pipeline section, and the handling of twin pipelines (for MR,
+  two pipelines are spawned).
+* `SONAR_OTB_TOKEN`: this token enables the QA jobs and the reporting to
+  [SonarQube](https://sonar.orfeo-toolbox.org)
+
+These 2 tokens are already supplied for pipelines triggered on the main
+repository. On your fork, you need to provide them. Note that they are optional,
+you can still enjoy most of the CI platform without them. For your fork, these
+tokens can be created as follows:
+
+* `K8S_SECRET_API_TOKEN`: this is a
+  [personal access token](https://docs.gitlab.com/ce/user/profile/personal_access_tokens.html)
+  , you may choose the scope API.
+* `SONAR_OTB_TOKEN`: login to [SonarQube](https://sonar.orfeo-toolbox.org), then
+  go to your profile page, then Security, and create a token
+
+Once a token is created, you can supply it to your OTB fork: go to your fork
+project page. In the left sidebar, go to `Settings -> CI/CD -> Variables`. Then
+add a new variable with the token name and token value. For security reasons,
+it is advised to mask these variables.
+
 ## Q: What about baseline files?
 
 They are now stored in the main OTB repository, under