Actions
action #91250
closedhandle codecov Bash Uploader Security Update
Description
Motivation¶
https://about.codecov.io/security-update/
Suggestions¶
As far as I can see we only have OSCLOGIN and OSCPASS as secrets within both os-autoinst and openQA.
I don't see where we use these variables if at all. Is this for the OBS check? or not needed anymore?
tinita stated that we likely only used them in the experiment for automatic builds on PRs over GHA.
Updated by okurz over 3 years ago
I will delete these in github in both os-autoinst and openQA and then we see what happens.
The according tokens should also be deleted in OBS. It is not yet clear to which user these belong.
Updated by okurz over 3 years ago
- Due date set to 2021-04-29
- Status changed from In Progress to Feedback
- Priority changed from Urgent to Normal
Actually these were credentials for the complete environment, so not only os-autoinst or openQA. Which repo within the os-autoinst repo uses OSCLOGIN/OSCPASS?
Updated by okurz over 3 years ago
- Status changed from Feedback to Resolved
Seems like it's all good now
Actions