When using the Hook MR for projects, the secret token which verifies the webhook call is written directly into the MR itself.
Thus having the Secret not in a kubernetes Secret.
It would be better giving a secret ref to the hook and read the secret from that location.
What happened?
When using the Hook MR for projects, the secret token which verifies the webhook call is written directly into the MR itself. Thus having the Secret not in a kubernetes Secret.
It would be better giving a secret ref to the hook and read the secret from that location.
How can we reproduce it?
Create a Hook with the token field set
What environment did it happen in?
Crossplane version: 1.14.2 Crossplane Provider GitLab version: 0.6.1