Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encrypted GitHub deploy key in repo? #62

Closed
ScriptAutomate opened this issue Aug 5, 2020 · 3 comments
Closed

Encrypted GitHub deploy key in repo? #62

ScriptAutomate opened this issue Aug 5, 2020 · 3 comments

Comments

@ScriptAutomate
Copy link

It's bad security practice to save any secrets, encrypted or otherwise, within a code repository:

I'm not sure what you are using it for, but it may be a good idea to look into alternative means of whatever it is used for (and potentially recreate whatever the key is meant for). GitHub Actions may have what you are looking for, if it is meant to work with the GitHub API. You can use secrets in CI tooling without needing to save them to a code repository.

@bashtage
Copy link
Owner

bashtage commented Aug 5, 2020

This is standard for doctr. It pushes to gh-pages from Travis.

@bashtage
Copy link
Owner

bashtage commented Aug 5, 2020

xref drdoctr/doctr#351

@bashtage
Copy link
Owner

Going to close since this isn't easy to fix. I am assuming that the deployment key is safe for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants