Fix security issue in CI (#17545) - spack - A flexible package manager that supports multiple versions, configurations, platforms, and compilers.

diff options

author	Harmen Stoppels <harmenstoppels@gmail.com>	2020-07-17 02:27:37 +0200
committer	GitHub <noreply@github.com>	2020-07-16 17:27:37 -0700
commit	1fcc00df96325bbe83ad8ed90e1f5783bf26fcfb (patch)
tree	3611a2e26b010168b4d7eb6d3d472dc2eac71a14 /var
parent	697c2183d3b364e05800a9b30c7c92f240e19273 (diff)
download	spack-1fcc00df96325bbe83ad8ed90e1f5783bf26fcfb.tar.gz spack-1fcc00df96325bbe83ad8ed90e1f5783bf26fcfb.tar.bz2 spack-1fcc00df96325bbe83ad8ed90e1f5783bf26fcfb.tar.xz spack-1fcc00df96325bbe83ad8ed90e1f5783bf26fcfb.zip

Fix security issue in CI (#17545)

The `spack-build-env.txt` file may contains many secrets, but the obvious one is the private signing key in `SPACK_SIGNING_KEY`. This file is nonetheless uploaded as a build artifact to gitlab. For anyone running CI on a public version of Gitlab this is a major security problem. Even for private Gitlab instances it can be very problematic. Co-authored-by: Scott Wittenburg <scott.wittenburg@kitware.com>

Diffstat (limited to 'var')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: