You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I assume signing happens on the CI pipeline, but many CI pipelines log CLI arguments and output for investigating issues. As a result, secrets may get logged into some storage without the user's knowledge by accident.
I'm wondering could we have another way of passing secrets other than CLI argument.
The text was updated successfully, but these errors were encountered:
Most of the CI pipelines support concept of secrets. To securely pass the secret, you will define it as env variable for the command. Its value won't be logged.
I assume signing happens on the CI pipeline, but many CI pipelines log CLI arguments and output for investigating issues. As a result, secrets may get logged into some storage without the user's knowledge by accident.
![image](https://user-images.githubusercontent.com/8766776/226701621-51ff19b9-c666-4ff6-a3a0-89f1fdd286e4.png)
I'm wondering could we have another way of passing secrets other than CLI argument.
The text was updated successfully, but these errors were encountered: