Welcome to the JSON Schema Community. We are so excited you are here! Thanks a lot for reporting your first issue!! 🎉🎉 Please make sure to take a look to our contributors guide if you plan on opening a pull request. For more details check out README.md file.

@maverox We should already be hiding any keys in repo secrets, which are then loaded into env vars.

If you've noticed some keys that we've already exposed, please contact @benjagm in a Slack DM.

DO NOT list exposed secrets in a public forum as that only increases visibility.

Arey you suggesting i change my issue and make it less specific?
because i didn't exposed the secret itself
But i will do as you say

Arey you suggesting i change my issue and make it less specific?
because i didn't exposed the secret itself

No, but you exposed where to find it.

I have removed those specifics from my message, and also informed him.
I was just trying to help.

Can you please guide me as to what i should do now?

Thanks @maverox ! As you said it will be great to avoid this practice. In order to fix this we need to find a way of:

• Use .env file.
• Remove any hardcoded api key.
• Make sure we can upload the production .env during our deployments in cloudflare.

@benjagm
I have attached pr #515 that hopefully covers your first two agenda points.
Please have a look and guide me!

I have attached pr #515 that hopefully covers your first two agenda points.
Please have a look and guide me!

Your PR looks great but we need to fix and implement the 3 steps at the same time. Open to do some research for point 3?

Also Can you please make assign this to me and make this the mandatory task,
Mentioned in contributors guide for gsoc?

I have attached pr #515 that hopefully covers your first two agenda points.
Please have a look and guide me!

Your PR looks great but we need to fix and implement the 3 steps at the same time. Open to do some research for point 3?

Yes I will gladly do, i hope there's no hard deadline as it might take a while.

@benjagm any advise on further steps that i might take, i am stuck at this moment.

I know you are stuck Uzair. But unfortunately we can proceed with merging this until we have the cloudflare worked.

You have done great. This count as qualification task in this current state so dont worry. As soon as we have time for work the cloudflare part will complete this.

Please assign this issue to me as I am currently working on it.
Thank you!

Thanks Alok. All yours.

@maverox Huge thanks for the work done with this. Now finally are actively working on this again.

I thought I had mentioned this before, but it doesn't appear so: Creating and setting secrets can only be done by an admin. Updating the GH action YAML can be done by anyone, but this particular task will need to be performed by one of us.

Yes, most of the work has been done already. We don't really need to update anything in YAML or GitHub Action secrets. Setting up .env can be done by the admin who has access to the Cloudflare website project.
From my side, I need to update documentation of installation regarding the uses of .env while setting up project.

I just created the variables in cloudflare:

Great ! I checkout the PR in my local everything working fine. We also need to dump the exposed api key so that others will not be able exploit it.

Thank you : )

Have I been unassigned because of inactivity?
Nonetheless, thank you @aialok for taking it up and continuing with the work!🙌.

@maverox My apologies you are not unassigned!! As part of GSoC Alok is working in the CI CD project and finally we can integrate the great work you did.

You are completing the final step together!

That is really exciting, happy to be of any use.
Best of luck @aialok.

Thank you @maverox for amazing work you have done : )