Open jeffpaul opened 4 years ago
jeffpaul
commented
4 years ago Note that I didn't say this PR closes the related issue as there are additional steps needed, as noted in the Possible Drawbacks section, in order for these GitHub Actions to function properly.
tillkruss
commented
4 years ago Nice work 👍🏻
felixarntz
commented
4 years ago @jeffpaul This would be really neat. I'm just a bit wary about the SVN username and password - of course it's needed, but I'm not sure what we could do here. I personally at least rather wouldn't provide mine.
jeffpaul
commented
4 years ago @felixarntz the SVN username and password are encrypted GitHub secrets, so if your concern is someone else gaining access to your credentials that seems like a low probability. If your concern relates to the account being tied to you instead of some generic core/committer account, then maybe see if someone from Systems or Meta could have the .org @wordpressdotorg account's SVN credentials added as GitHub secrets (or some similar account)?
peterwilsoncc
commented
4 years ago @felixarntz
To avoid storing the credentials of a personal account, I recommend setting up a bot account for the purpose. I use peterwilsoncc-syncbot on wp.org, for example.
It will allow you to give the account minimum required permissions, I certainly recommend against storing the credentials of an account with core commit in the GH secrets.
To reenforce @jeffpaul's point, not even the account that added them can see the secrets once they're stored.
Description of the Change
masterthat only affecting readme and asset files on GitHub to WordPress.ORG SVNBenefits
Possible Drawbacks
SVN_USERNAMEandSVN_PASSWORDsecret be set within the Settings of thiswp-lazy-loadingGitHub repowp-lazyloading` WordPress.ORG SVN repoApplicable Issues
Relates to #1