sign icon indicating copy to clipboard operation
sign copied to clipboard
verified publisher icon dotnet

Pass secrets more secure way

Open erdembayar opened this issue 2 years ago • 2 comments

I assume signing happens on the CI pipeline, but many CI pipelines log CLI arguments and output for investigating issues. As a result, secrets may get logged into some storage without the user's knowledge by accident. I'm wondering could we have another way of passing secrets other than CLI argument. image

erdembayar avatar Mar 21 '23 18:03 erdembayar

Most of the CI pipelines support concept of secrets. To securely pass the secret, you will define it as env variable for the command. Its value won't be logged.

jozefizso avatar Feb 10 '24 16:02 jozefizso

@jozefizso is correct and we also support managed identities.

clairernovotny avatar Feb 28 '24 18:02 clairernovotny