I have a release workflow that does a promotion to heroku from Staging to Prod, but only certain people can run that in the Main branch, but the thing is that if somebody does a checkout on the main branch and they create their branch they will be able to modify the release.yaml workflow and run that workflow from their branch at the Action section in Github, and technically do a release, because the branch has access to Secret Vars? - Did any of you resolve this problem, other than creating specific repos just for this activity.
Securing Release Pipelines in Github Actions? How?
20 Views Asked by nesp At
0
There are 0 best solutions below
Related Questions in GITHUB
- How to update to the latest external Git in Azure Web App?
- Github Pages Deployment deploys a blank page
- Git Not In Sync with Local Branch
- How do I create a test passing badge for my yaml below
- Cant connect to any github repository from my netbeans 20
- How can i redirect pull request from main branch to another branch
- Trying to update the version.go file with the release tag from GitHub actions but its failing
- Encountering Errors Running GitHub Project: Wavelet-pixel domain progressive fusion network for underwater image enhancement - Seeking Assistance
- How can I reintroduce username an password on git using fedora?
- How do I find Github File_ID?
- Forking vs Cloning in GitHub
- I can't find ~/.profile or ~/.bashrc in C:/Users/<user>/.ssh folder
- how to build nextjs app unable to build and deploy
- Plugin with id 'com.android.application' not found in Github Winlator Project
- Git commit asks for passphrase which I don't remember
Related Questions in DEPLOYMENT
- Github Pages Deployment deploys a blank page
- Django Admin Panel and Sub URLs Returning 404 Error on Deployment
- Next 14 App Router pages from dynamic routes not generating when deployed on vercel but only work on localhost
- Deployment through app engine, cloud sql database, problem connecting with server code, doesn't connect
- How to Deploy and Manage a Python Application with Systemd
- Elasticbeanstalk FastAPI application is intermittently not responding to https requests
- Duplicate GET requests - Rails & Heroku
- How to use a proxy to obtain a static IP for my Node.js application?
- Next js app throwing 404 error when deployed to vercel, even though it works fine on local
- How to deploy my shiny application (with multiple files) via Docker
- Deploying telegram bot
- How to deploy angular 17 SSR into IIS
- Route not working on refreshing the page in react deployed application
- Vercel wildcard route's src results in 404 error in Hapi.js backend
- Django deployment with GTK3
Related Questions in DEVOPS
- Elasticbeanstalk FastAPI application is intermittently not responding to https requests
- Get current Timestamp in CET format and concatenate with string in yml file
- AWS EKS Fargate pod scheduling issue with Prometheus deployment
- Jenkins Docker Agent Configuration Issue: Connection Refused on Local Ubuntu Install
- Unable to use env variable from prd environment context
- Search to know the best way to do a " Database on demand " for a personal project
- Can I know the namespace of my k8s Pod only by looking at its IP?
- Struggling with Route53 public hosted zones in a multi-account environment
- "Backend call failure" error in Nextjs App deployed on Azure static web app
- Terraform: Error: Provider configuration not present. Module gets created, but when I remove or comment it throws an error
- Azure Dev Ops - Project - Mentions - Restrictions on Users and Groups
- How to Generate a Migration Script in the Azure DevOps
- Disable Azure DevOps Pull Request being completed when Using Copado
- How to add bulk users ( using a csv file ) to an AzureDevops Group using Powershell
- How to add .env file while deploying app using Jenkins Pipeline script from SCM?
Related Questions in RELEASE-MANAGEMENT
- Spring Boot Multi Module Maven/Gradle Single Git Repository Release Process
- How to choose and download specific release version of Azure Bicep?
- Error "was named in package.xml, but was not found in zipped directory" on salesforce deployment
- Why do I see divergent branches git errors when merging code?
- How to manage a system release containing multiple packages?
- Need to have 2 active release branches in git-flow
- Maximum number of canary releases per sprint in scrum
- Triggering a release with build completion in Azure DevOps Server not working or only happens after hours long delay
- Gitlab: How to generate release assets using Gitlab's CI/CD
- Publishing app concurrently to production and open testing in one step on Google Play console
- Ensure a GitHub/Gitea release includes only its milestone's PRs
- Can I select files and restructure directories for release source file?
- When open-sourcing only part of a codebase, how can I keep specific files always private while merging from a private repo branch to a public one?
- SPA AWS Future Release Management
- Securing Release Pipelines in Github Actions? How?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?