spack

History

Harmen Stoppels 1fcc00df96 Fix security issue in CI (#17545 ) The `spack-build-env.txt` file may contains many secrets, but the obvious one is the private signing key in `SPACK_SIGNING_KEY`. This file is nonetheless uploaded as a build artifact to gitlab. For anyone running CI on a public version of Gitlab this is a major security problem. Even for private Gitlab instances it can be very problematic. Co-authored-by: Scott Wittenburg <scott.wittenburg@kitware.com>	2020-07-16 17:27:37 -07:00
..
spack	Fix security issue in CI (#17545 )	2020-07-16 17:27:37 -07:00

Harmen Stoppels 1fcc00df96

The `spack-build-env.txt` file may contains many secrets, but the obvious one is the private signing key in `SPACK_SIGNING_KEY`. This file is nonetheless uploaded as a build artifact to gitlab. For anyone running CI on a public version of Gitlab this is a major security problem. Even for private Gitlab instances it can be very problematic.

Co-authored-by: Scott Wittenburg <scott.wittenburg@kitware.com>

2020-07-16 17:27:37 -07:00

spack

Fix security issue in CI (#17545 )

2020-07-16 17:27:37 -07:00