Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Environment Lock #693

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Environment Lock #693

wants to merge 4 commits into from

Conversation

nevoodoo
Copy link

@nevoodoo nevoodoo commented Apr 17, 2024

Description

In a bid to introduce better security permissions, we have replaced the use of SA keys to workload identity providers where possible. We will also ensure the workload federated identities are attached to an environment in the repo.

Changes

  • Added environment attribute to the docker workflow

@nevoodoo nevoodoo changed the title added environment attr to the docker workflow Environment Lock Apr 17, 2024
Copy link
Contributor

@illusional illusional left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For this one, and the images repo, we'll need to come up with some way that people can run this workflow and push an unreviewed image to a the images-dev repo. Maybe we need to create a second set of credentials gh-images-dev-deployer that can be activated instead?

What do you think?

@nevoodoo
Copy link
Author

nevoodoo commented Apr 17, 2024

For this one, and the images repo, we'll need to come up with some way that people can run this workflow and push an unreviewed image to a the images-dev repo. Maybe we need to create a second set of credentials gh-images-dev-deployer that can be activated instead?

What do you think?

That sounds appropriate!

Copy link
Contributor

@illusional illusional left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great to me!! FYI @vivbak, @jmarshall, @MattWellie

@MattWellie
Copy link
Contributor

MattWellie commented Apr 17, 2024

Delicious 🍰

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants