Create limited girder key secret for deployment #188
Assignees
Labels
ci-cd
Continuous Integration/Continuous Deployment
data-privacy
Handling sensitive or personal data
data-security
Ensuring the security of data storage and access
Comments
JavierCladellas
added
ci-cd
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The deploy workflow will move all reports saved under a Girder
staging/folder to eitherdenied/orproduction/.This can lead to a major security issue (e.g. someone changes the staging folder id to an important folder).
@prudhomm @vincentchabannes Could we create a GitHub secret (
GIRDER_BENCHMARKING) that has read+write permissions exclusively on this folder https://girder.math.unistra.fr/#collection/6493e7c2b0e9570499e1c9b8/folder/66e94858b0e95728eb00fcfb ?The text was updated successfully, but these errors were encountered: