Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

github:update-repository-secret missing parameter to receive the new value #32

Open
ecairol opened this issue May 2, 2024 · 0 comments
Open

github:update-repository-secret missing parameter to receive the new value #32

ecairol opened this issue May 2, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@ecairol
Copy link
Contributor

ecairol commented May 2, 2024

The command team51 github:update-repository-secret never asks the user for the new value to be updated.

One of the reasons is that, for security reasons, it actually sets the name of a constant that exists on OpsOasis, however, it should also support inputting the secret directly in plaintext.

In the code, the only place where $secret_value is set is on line 92:

$this->secret_value = 'GH_BOT_TOKEN' === $this->secret_name ? 'WPCOMSP_GITHUB_API_TOKEN' : $this->secret_name; // Legacy support.

We might want to make the secret_name argument an --option that receives a value. But there are security concerns that need to be understood first.

Slack conversation.
@ecairol ecairol added the enhancement New feature or request label May 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ecairol