Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass secrets more secure way #613

Open
erdembayar opened this issue Mar 21, 2023 · 2 comments
Open

Pass secrets more secure way #613

erdembayar opened this issue Mar 21, 2023 · 2 comments
Labels
documentation Documentation bug or enhancement, does not impact product or test code Priority:3 Work that is nice to have

Comments

@erdembayar
Copy link

erdembayar commented Mar 21, 2023
edited
Loading

I assume signing happens on the CI pipeline, but many CI pipelines log CLI arguments and output for investigating issues. As a result, secrets may get logged into some storage without the user's knowledge by accident.
I'm wondering could we have another way of passing secrets other than CLI argument.
image
@jozefizso
Copy link

Most of the CI pipelines support concept of secrets. To securely pass the secret, you will define it as env variable for the command. Its value won't be logged.

@clairernovotny clairernovotny added the documentation Documentation bug or enhancement, does not impact product or test code label Feb 28, 2024
@clairernovotny
Copy link
Member

@jozefizso is correct and we also support managed identities.

@dtivel dtivel added the Priority:3 Work that is nice to have label Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Documentation bug or enhancement, does not impact product or test code Priority:3 Work that is nice to have
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jozefizso @clairernovotny @erdembayar @dtivel