The test upload key should not be hardcoded

[hategan]

The tests have a mechanism of ensuring that tests for a site cannot be easily hijacked. A secure random key is generated the first time tests are uploaded for a site. All subsequent result uploads must use the same key. The SDK uses a simplified version of what's in PSI/J. However, it's perhaps too much simplification, since they key is simply hardcoded (and visible to anybody who looks at the code -- or anybody who's looking for the answer to... well... everything).

That should probably change.

[mturilli]

@hategan is this current?

[mtitov]

That was fixed - https://github.com/ExaWorks/SDK/blob/master/.gitlab/README.md - corresponding env variable SDK_DASHBOARD_TOKEN is set within GitLab CI/CD settings, and not revealed even in logs