Project

General

Profile

Actions
Copy link

action #91250

closed

handle codecov Bash Uploader Security Update

Added by okurz about 3 years ago. Updated about 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
okurz
Category:
Organisational
Target version:
Ready
Start date:
2021-04-15
Due date:
2021-04-29
% Done:

0%

Estimated time:

Description

Motivation

https://about.codecov.io/security-update/

Suggestions

As far as I can see we only have OSCLOGIN and OSCPASS as secrets within both os-autoinst and openQA.
I don't see where we use these variables if at all. Is this for the OBS check? or not needed anymore?
tinita stated that we likely only used them in the experiment for automatic builds on PRs over GHA.

Actions
Copy link
 #1

Updated by okurz about 3 years ago

I will delete these in github in both os-autoinst and openQA and then we see what happens.
The according tokens should also be deleted in OBS. It is not yet clear to which user these belong.

Actions
Copy link
 #2

Updated by okurz about 3 years ago

  • Due date set to 2021-04-29
  • Status changed from In Progress to Feedback
  • Priority changed from Urgent to Normal

Actually these were credentials for the complete environment, so not only os-autoinst or openQA. Which repo within the os-autoinst repo uses OSCLOGIN/OSCPASS?

Actions
Copy link
 #3

Updated by okurz about 3 years ago

  • Status changed from Feedback to Resolved

Seems like it's all good now

Actions
Copy link

Also available in: Atom PDF