~ajhalili2006/ajhalili2006#6: [tildeweb] Investigate about how do we can use secrets via Git(Hub/Lab)

#About this issue

Currently, hottub dispatches job requests to sourcehut builds with secrets disabled by default in the codebase. Can we make secrets only disabled in external merge requests (also for GitLab too)?

/cc ~emersion

Status: REPORTED
Submitter: ~ajhalili2006
Assigned to: No-one
Submitted: 1 year, 11 months ago
Updated: 1 year, 16 days ago
Labels: devops

~ajhalili2006 1 year, 11 months ago

The current (but planned) workaround would be handling the dispatch ourselves via webhooks and some backend code + hacking around the GraphQL API, for now.

~ajhalili2006 added devops 1 year, 11 months ago

~ajhalili2006 1 year, 11 months ago

Another workaround (this might cause possible security issues later on) is to embed an encrypted version of DOPPLER_TOKEN somewhere and do some PGP trickery to encrypt and decrypt the token and manage the secrets via Doppler Dashboard instead.

~ajhalili2006/ajhalili2006#6:

[tildeweb] Investigate about how do we can use secrets via Git(Hub/Lab)

#About this issue

~ajhalili2006 1 year, 11 months ago

~ajhalili2006 added devops 1 year, 11 months ago

~ajhalili2006 1 year, 11 months ago

~tsdh referenced this from ~tsdh/highlight-parentheses.el#6 1 year, 16 days ago

~tsdh referenced this from ~tsdh/highlight-parentheses.el#5 1 year, 16 days ago