jozefizso
commented
7 months ago Most of the CI pipelines support concept of secrets. To securely pass the secret, you will define it as env variable for the command. Its value won't be logged.
Open erdembayar opened 1 year ago
jozefizso
commented
7 months ago Most of the CI pipelines support concept of secrets. To securely pass the secret, you will define it as env variable for the command. Its value won't be logged.
clairernovotny
commented
7 months ago @jozefizso is correct and we also support managed identities.
I assume signing happens on the CI pipeline, but many CI pipelines log CLI arguments and output for investigating issues. As a result, secrets may get logged into some storage without the user's knowledge by accident. I'm wondering could we have another way of passing secrets other than CLI argument.