latest 4 messages by Gandalf84



  
  
    +
    [2019-10-01T00:08:02Z]
    Gandalf84
    secrets are stored in the repo settings, those can be read only from a workflow, but right now we don&#39;t have
    

  
  
  
    +
    [2019-09-30T23:28:20Z]
    Gandalf84
    but it seems if any developer can create workflow, in every branch, then they can easily create other triggers and other deployment workflow
    

  
  
  
    +
    [2019-09-30T23:27:36Z]
    Gandalf84
    jlk: I&#39;m evaluating the possibility to switch from TeamCity to Github Actions, the repo can be accessed by all the developers assigned to the project, but they have no idea about the deployment config
    

  
  
  
    +
    [2019-09-30T23:07:48Z]
    Gandalf84
    Hi, I&#39;m start using github actions, but I have some concerns about security. If anybody with write access to the repo can create a workflow yaml file, in any branch, having the secrets shared among the branches, how can I prevent any developer to create his own workflow yaml file and trigger any deployment (having the secrets already in place)?
irc logs

#jekyll

#octopress

latest 4 messages by Gandalf84
