Skip to content

pathogen-repo-ci: Avoid the secret-check step before docker.io login#41

Merged
tsibley merged 2 commits intomasterfrom
trs/pathoge-repo-ci/docker.io-token-availability
May 10, 2023
Merged

pathogen-repo-ci: Avoid the secret-check step before docker.io login#41
tsibley merged 2 commits intomasterfrom
trs/pathoge-repo-ci/docker.io-token-availability

Conversation

@tsibley
Copy link
Copy Markdown
Contributor

@tsibley tsibley commented May 10, 2023
edited
Loading

@victorlin pointed out¹ that we could launder access to the secrets context thru the step env context without the need for an extra step.

I avoid putting the secret itself into the environment (which only increases its potential visibility) and put only its presence/absence instead.

¹ #38 (comment)

Testing

  • Checks pass

@tsibley
pathogen-repo-ci: Avoid the secret-check step before docker.io login
515a900 
@victorlin pointed out¹ that we could launder access to the secrets
context thru the step env context without the need for an extra step.

I avoid putting the secret itself into the environment (which only
increases its potential visibility) and put only its presence/absence
instead.

¹ <#38 (comment)>
@tsibley tsibley requested a review from victorlin May 10, 2023 21:27
@tsibley tsibley mentioned this pull request May 10, 2023
Merged
1 task
@tsibley
Copy link
Copy Markdown
Contributor Author

tsibley commented May 10, 2023

(Typo in branch name, but ah well, I'm not going to shuffle things around and create new PR noise just for that.)

@tsibley
ci: Test "secrets: inherit" for pathogen-repo-ci
d392130 
So we can see that the optional docker.io login step continues to work
(or not).  Only added to one invocation of the workflow so we can
compare it disabled in the other invocations.
victorlin
victorlin approved these changes May 10, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@victorlin victorlin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, even better than my suggestion.

joverlee521
joverlee521 approved these changes May 10, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@joverlee521 joverlee521 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tsibley tsibley merged commit a9364ce into master May 10, 2023
@tsibley tsibley deleted the trs/pathoge-repo-ci/docker.io-token-availability branch May 10, 2023 23:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@victorlin victorlin victorlin approved these changes

@joverlee521 joverlee521 joverlee521 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tsibley @victorlin @joverlee521