Sponsored by: Axcient
Details
Details
Diff Detail
Diff Detail
- Repository
- rS FreeBSD src repository - subversion
- Lint
Lint Passed - Unit
No Test Coverage - Build Status
Buildable 40028 Build 36917: arc lint + arc unit
Event Timeline
| .github/workflows/validate-codeowners.yml | ||
|---|---|---|
| 18 | Is there a reason why a GitHub secret is not used? | |
| .github/workflows/validate-codeowners.yml | ||
|---|---|---|
| 18 | Please explain:what is a "Github secret" and how does one use it? | |
| .github/workflows/validate-codeowners.yml | ||
|---|---|---|
| 18 | Sure! A thorough explanation here: https://docs.github.com/en/actions/reference/encrypted-secrets A tl;dr would be: Since this is a github_access_token (i.e. a password), albeit access-restricted, should be protected nonetheless. For example, it may have read-only access to security/private branches belonging to that account, since the token is exposed to the public, anyone could read the contents of such branches. By creating a GitHub secret —think of an environment variable for GitHub— you will be able to reference it in any workflow using ${{ secrets.DESCRIPTIVE_NAME }}. For this particular case, after deleting the published one and creating a new one under the name of OWNERS_VALIDATOR_GITHUB_SECRET (for example), one can replace the last line with: github_access_token: ${{ secrets.OWNERS_VALIDATOR_GITHUB_SECRET }} | |