New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 Bug: Some GitHub Actions workflows are using vars instead of secrets, can cause potential security risks #686

Open

3 tasks

aialok opened this issue Apr 1, 2024 · 1 comment

Labels

🐛 Bug Status: On Hold

Collaborator

aialok commented Apr 1, 2024 •

edited

GitHub Discussion: # / NA

Summary:

We're currently using variables in some GitHub Actions workflows for the Slack webhook URL, which raises the risk of its exposure. To prevent this, we should replace variables with secrets.

Do you think resolving this issue might require an Architectural Decision Record (ADR)? (significant or noteworthy)

Yes/No

No

Details:
Required to resolve
These are the workflows that need to be fixed:

Any further requirements to resolve this issue

Collaborator Author

aialok commented Apr 1, 2024

I would love to work on this issue : )
Please assign this to me.

benjagm added 🐛 Bug Status: On Hold labels

aialok linked a pull request

that will close this issue

Bug: Fixes failed ocwm-issue-collector.yml workflow #720

Merged

aialok removed a link to a pull request

Bug: Fixes failed ocwm-issue-collector.yml workflow #720

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment