47 搜索结果 "secrets"

protected). Avoid hardcoding secrets in code. Use environment variables, or secret management services like Azure Key Vault, AWS Secrets Manager, or HashiCorp

外，当从分支存储库触发工作流时，机密不会传递给运行器。 机密不会自动传递到可重用工作流。 有关详细信息，请参阅“重新使用工作流”。 要提供以机密作为输入或环境变量的操作，可以使用 secrets 上下文访问你在存储库中创建的密码。 有关详细信息，请参阅 访问有关工作流运行的上下文信息 和 GitHub Actions 的工作流语法。 steps:

Although workflows from forks do not have access to sensitive data such as secrets, they can be an annoyance for maintainers if they are modified for abusive

your secret using LibSodium. For more information, see "Encrypting secrets for the REST API." OAuth app tokens and personal access tokens (classic)

protection for your own personal account, which prevents you from pushing secrets to any public repository on GitHub. For more information, see Push protection

namespace: VAULT-NAMESPACE # HCP Vault and Vault Enterprise only role: ROLE-NAME secrets: SECRET-PATH - name: Use secret from Vault run: | # This step has access

signing.keychain-db # import certificate and provisioning profile from secrets echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH

do the hard work of ensuring that tokens, private keys, and other code secrets are not exposed in your repository. 使用高级机密扫描和推送保护功能 了解如何自定义 secret scanning

pull requests, discussions, and wikis in those repositories, for leaked secrets that have been accidentally committed, such as tokens or private keys. There

secret to the cloud provider every time it runs. However, using hardcoded secrets requires you to create credentials in the cloud provider and then duplicate