alunduil
commented
6 years ago This has been handled by using substitutions in the trigger definitions.
Closed alunduil closed 6 years ago
alunduil
commented
6 years ago This has been handled by using substitutions in the trigger definitions.
Currently, the Heroku API token is directly injected into the cloudbuild configurations. This should be stored securely and some mechanism (e.g. Google KMS) should be used to ensure it remains hidden. This must be done before publicizing this repository.