Closed bruce-ricard closed 4 years ago
We have created an issue in Pivotal Tracker to manage this:
https://www.pivotaltracker.com/story/show/164811779
The labels on this github issue will be updated when the story is started.
@bruce-ricard That sounds reasonable. Do you have tasks that do the right thing that you would be willing to PR?
cc: @davewalter
Closing due to inactivity. Please feel free to re-open if desired.
It is my understanding that we should try to have our concourse credentials in credhub and not Git/github. This task.yml and its task commiting of yours suggest we should be putting the resource after this task.
In our pipeline, we regenerate the 3 files before each rats, cats etc. run by pulling the creds from credhub, this prevents us from pushing creds to git.
Removing the "put" related comment from the
task.yml
and removing allgit commit
related things in the script should prevent users from pushing sensitive information to git.