Open gregpawin opened 3 years ago
ExperimentsInHonesty
commented
3 years ago @salice Can you share with us:
gregpawin
commented
3 years ago When I published the Lucky Parking secrets, I got the warning within minutes and fixed it right away, which included killing the old credentials and creating new ones.
ExperimentsInHonesty
commented
3 years ago @gregpawin how long did the clean up take? https://github.com/hackforla/engineering/issues/17#issuecomment-891511226
gregpawin
commented
3 years ago It took less than 30 mins
ExperimentsInHonesty
commented
3 years ago sophias repo with pre commit hooks https://github.com/100Automations/github-actions https://github.com/100Automations/pre-commit-hooks
JasonEb
commented
2 years ago Trying to revive and keep a pulse on this issue. @gregpawin is this issue still active for you? Is there anything we can help you with?
gregpawin
commented
2 years ago Sorry, this issue originated from the engineering COP as a part of the effort to create guides for all the COPs. I have since then stepped down from lead engineering COP and it seems that the issue got moved to ops.
JasonEb
commented
2 years ago Thanks so much for the update! We'll follow-up with Bonnie and see what's to be done with this issue.
On Wed, Jul 20, 2022 at 5:48 PM Greg Pawin @.***> wrote:
Sorry, this issue originated from the engineering COP as a part of the effort to create guides for all the COPs. I have since then stepped down from lead engineering COP and it seems that the issue got moved to ops.
— Reply to this email directly, view it on GitHub https://github.com/hackforla/knowledgebase-content/issues/69, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABQCKQ7PJNTJJWJ4FZGUFLDVVCM45ANCNFSM5HKJ4X7Q . You are receiving this because you were assigned.Message ID: @.***>
Aditya23soni
commented
1 month ago ### Overview We need to create a guide to preventing secrets and credentials from being published on GitHub. ### Action Items - [ ] Gather examples of how other projects have done it, adding each example as a link in the resources section - [ ] Once done, remove the "TG: Gather Examples" label and add the "TG: Draft Template" label - [ ] Create a draft template, either in markdown format in this issue or a google doc in the [Engineering google drive](https://drive.google.com/drive/u/0/folders/1xWllQli2wUSsRF9OaSQBBQ1vaY7kRkAT) - [ ] Once done, remove the "TG: Draft Template" label and add the "TG: Create Guide" label - [ ] Create a guide on how to use the template - [ ] Once done, remove the "TG: Create Guide" label and add the "TG: Review Guide" label - [ ] Review the guide with product management communities of practice - [ ] Once done, remove the "TG: Review Guide" label and add the "TG: Leadership Review" label - [ ] Present to Hack for LA leadership team for sign off - [ ] Once approved, remove the "TG: Leadership Review" label and add the "TG: Place Guide" label - [ ] Possibly create an issue template on .github - [ ] Include link to template under resources if you add it as a template in .github ### Resources Update tracker issue (TBD) with the name of item you are working #### Projects with no mention of "secrets" and/or "credentials" in their Contributing.md or README.md file: - [100 Automations](https://github.com/100automations/website) - [311 Data](https://github.com/hackforla/311-data) - [Access the Data](https://github.com/hackforla/access-the-data) - [BallotNav](https://github.com/hackforla/ballotnav) - Civic Opportunity Project - [Civic Tech Index](https://github.com/civictechindex/CTI-website-frontend) - [Civic Tech Structure](https://github.com/hackforla/civic-tech-structure) - [Engage](https://github.com/hackla-engage) - [Expunge-Assist (formerly known as Record Clearance)](https://github.com/hackforla/expunge-assist) - [Food Oasis](https://github.com/hackforla/food-oasis) #### Projects to check - [Brigade Organizer's Playbook](https://github.com/codeforamerica/brigade-playbook) - [Civic Tech Jobs](https://github.com/hackforla/CivicTechJobs) - [Data Science Projects](https://github.com/hackforla/data-science) - [Design Systems](https://github.com/hackforla/design-systems) - [GreenEarthOS](https://github.com/hackforla/climate-project) - [Guides](https://github.com/hackforla/guides) - [HomeUniteUs](https://github.com/hackforla/homeuniteus) - [Internship project](https://github.com/hackforla/intership) - [Lucky Parking](https://github.com/hackforla/lucky-parking) - [Open Community Survey](https://github.com/hackforla/open-community-survey) - [TDM Calculator](https://github.com/hackforla/tdm-calculator) - [VRMS](https://github.com/hackforla/vrms) - [Hack for LA's Website](https://github.com/hackforla/website) - [Youth Justice Nav](https://github.com/hackforla/YouthJusticeNav/)
Aditya23soni
commented
1 month ago
Aditya23soni
commented
1 month ago @gregpawin This guide issue is moving to the knowledgebase-content repo. If you would like to maintain edit access to the issue and its associated files, please fill out the Google Drive Access Form
Overview
We need to create a guide to preventing secrets and credentials from being published on GitHub.
Action Items
The phases in the guide-making process are listed below. Each phase displayed in blue is linked to a wiki page with instructions on how to complete that phase. Open the wiki page in a new tab, copy the instructions for each part into the section labeled 'Tasks' at the bottom of this issue, and complete each task listed.
Resources
Projects with no mention of "secrets" and/or "credentials" in their Contributing.md or README.md file:
Projects to check
Tasks