Alex Boten

@austinlparker did you mean the collector repo or the demo repo?

Invite to vault sent. I don't have access to the docker credentials, maybe @tigrannajaryan can comment here

> I don't think this can run as a regular github action on a public Collector repo. That would make trivial to expose the certificate Can you say more about...

> I may be wrong, but I think it is trivial to update the github action to print the secret, which will be then publicly visible in the github output....

@tigrannajaryan this does seem trivial. According to the github docs only users w/ write permissions would have read access to the secrets. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-secrets > Consider requiring review for access to...

> I think this is a good enough protection for most of our secrets we use but I am open to rethinking this if we want stronger protection. @tigrannajaryan it...

@jpkrohling my recollection of the conversation is that you had the idea :D i won't be at kubecon EU, but will be happy to take this on if no one...

im 100% interested in hacking on this :D

Should this issue be closed since there's also https://github.com/open-telemetry/community/issues/1971?

I can open a separate issue, but the same will be needed for the collector repositories 😬 * https://github.com/open-telemetry/opentelemetry-collector-contrib * https://github.com/open-telemetry/opentelemetry-collector