Putting Docker Login password (base64 encoded) into forge.yaml is NO BUENO #11
Comments
This file shouldn't ever need to be committed to github. It only contains global configuration (all service specific configuration is in service.yaml). I've added a big warning into the generated file that it contains secrets and that it should not be checked into github. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I just committed my Docker Hub password to source control (in
forge.yaml
). Thankfully it's not a public repository and I can delete the source tree but that's really really bad.The text was updated successfully, but these errors were encountered: