Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Documentation about secrets for step condition could elaborate on implications of the approach #18955

Open
m-kuhn opened this issue Jul 8, 2022 · 9 comments
Labels
actions This issue or pull request should be reviewed by the docs actions team content Problems or updates in the docs content on docs.github.com. needs SME SME stale waiting for review Issue/PR is waiting for a writer's review

Comments

@m-kuhn
Copy link

m-kuhn commented Jul 8, 2022

I think this would deserve a hint on the implication that the secret is leaked to every step within the job, regardless if it's required for a certain step or not (hence violating the principle of least privilege).

Originally posted by @m-kuhn in #12722 (comment)

@welcome
Copy link

welcome bot commented Jul 8, 2022

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team. label Jul 8, 2022
@cmwilson21
Copy link
Collaborator

cmwilson21 commented Jul 11, 2022

@m-kuhn Thanks for opening a new issue for this. I'll get it triaged for review!

@cmwilson21 cmwilson21 added content Problems or updates in the docs content on docs.github.com. actions This issue or pull request should be reviewed by the docs actions team waiting for review Issue/PR is waiting for a writer's review and removed triage Do not begin working on this issue until triaged by the team. labels Jul 11, 2022
@github-actions
Copy link
Contributor

github-actions bot commented Jul 12, 2022

Thanks for opening an issue! We've triaged this issue for technical review by a subject matter expert 👀

@Benson665

This comment was marked as spam.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 20, 2022

This is a gentle bump for the docs team that this issue is waiting for technical review.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 28, 2022

This is a gentle bump for the docs team that this issue is waiting for technical review.

@github-actions
Copy link
Contributor

github-actions bot commented Aug 5, 2022

This is a gentle bump for the docs team that this issue is waiting for technical review.

@github-actions
Copy link
Contributor

github-actions bot commented Sep 5, 2022

This is a gentle bump for the docs team that this issue is waiting for technical review.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 4, 2022

This is a gentle bump for the docs team that this issue is waiting for technical review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
actions This issue or pull request should be reviewed by the docs actions team content Problems or updates in the docs content on docs.github.com. needs SME SME stale waiting for review Issue/PR is waiting for a writer's review
Projects
None yet
Development

No branches or pull requests

4 participants