fix(security): migrate GITHUB_TOKEN to a buildkit secret file

Kong / kong-build-tools

Build tools to package and release Kong

Apache License 2.0

83 stars 72 forks source link

fix(security): migrate GITHUB_TOKEN to a buildkit secret file #556

Closed hutchic closed 2 years ago

hutchic commented 2 years ago

Instead of relying on a private docker hub repository to gate access to the GITHUB_TOKEN getting baked into the docker images utilise docker buildkit secret file to inject the token

github-actions[bot] commented 2 years ago

:tada: This PR is included in version 4.35.7 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: