-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: remove any directory that may hold secrets (if any) #2892
base: master
Are you sure you want to change the base?
Conversation
0b76f38
to
f0b1f8b
Compare
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/cc @rawlingsj |
/hold |
Signed-off-by: ankitm123 <ankitmohapatra123@gmail.com>
f0b1f8b
to
fa2ce21
Compare
/hold cancel |
@@ -5,6 +5,9 @@ KUBEAPPLY ?= kubectl-apply | |||
HELM_TMP_GENERATE ?= /tmp/generate | |||
HELM_TMP_SECRETS ?= /tmp/secrets/jx-helm | |||
|
|||
# Prevent accidental git commit of secrets | |||
HELM_TMP_SECRETS_WORKSPACE ?= /workspace/source/tmp/secrets/jx-helm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only reason not to do HELM_TMP_SECRETS_WORKSPACE ?= /workspace/source/$(HELM_TMP_SECRETS)
is that if someone sets HELM_TMP_SECRETS
to /
, then this can wipe out the git repo.
@ankitm123: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the jenkins-x/lighthouse repository. I understand the commands that are listed here. |
@@ -13,6 +13,7 @@ approvers: | |||
- warrenbailey | |||
- jenkins-x-labs-bot | |||
- cloudbees-ci-cd[bot] | |||
- ankitm123 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's keep this as they are for the time being as this is the final quality gate. I was planning on reducing the number of approvers later this week while doing a review of all permissions in the org
Signed-off-by: ankitm123 ankitmohapatra123@gmail.com
Tested on my local k3s set up.