New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ Enhancement: Api keys and other secrets should be loaded in env #514
Comments
Welcome to the JSON Schema Community. We are so excited you are here! Thanks a lot for reporting your first issue!! 🎉🎉 Please make sure to take a look to our contributors guide if you plan on opening a pull request. For more details check out README.md file. |
Arey you suggesting i change my issue and make it less specific? |
No, but you exposed where to find it. |
I have removed those specifics from my message, and also informed him. Can you please guide me as to what i should do now? |
Thanks @maverox ! As you said it will be great to avoid this practice. In order to fix this we need to find a way of:
|
Your PR looks great but we need to fix and implement the 3 steps at the same time. Open to do some research for point 3? |
Also Can you please make assign this to me and make this the mandatory task, |
Yes I will gladly do, i hope there's no hard deadline as it might take a while. |
@benjagm any advise on further steps that i might take, i am stuck at this moment. |
I know you are stuck Uzair. But unfortunately we can proceed with merging this until we have the cloudflare worked. You have done great. This count as qualification task in this current state so dont worry. As soon as we have time for work the cloudflare part will complete this. |
Please assign this issue to me as I am currently working on it. |
Thanks Alok. All yours. @maverox Huge thanks for the work done with this. Now finally are actively working on this again. |
I thought I had mentioned this before, but it doesn't appear so: Creating and setting secrets can only be done by an admin. Updating the GH action YAML can be done by anyone, but this particular task will need to be performed by one of us. |
Yes, most of the work has been done already. We don't really need to update anything in YAML or GitHub Action secrets. Setting up .env can be done by the admin who has access to the Cloudflare website project. |
Great ! I checkout the PR in my local everything working fine. We also need to dump the exposed api key so that others will not be able exploit it. Thank you : ) |
Have I been unassigned because of inactivity? |
@maverox My apologies you are not unassigned!! As part of GSoC Alok is working in the CI CD project and finally we can integrate the great work you did. You are completing the final step together! |
That is really exciting, happy to be of any use. |
Thank you @maverox for amazing work you have done : ) |
Is your feature request related to a problem? Please describe
Not necessarily but i think it can result into a problem as it's not a good practice i presume for apiKeys or any keys to remain out int the open.
Describe the solution you'd like
to use dotenv package to load them from an env file
Describe alternatives you've considered
using env files to store such variables
and use dotenv to load them
Additional context
Yes, I would like to get assigned and assisted!
The text was updated successfully, but these errors were encountered: