Amazon

New top story on Hacker News: Show HN: Publish from GitHub Actions using multi-factor authentication

Show HN: Publish from GitHub Actions using multi-factor authentication
3 by varunsharma07 | 0 comments on Hacker News.
The backstory about this GitHub Action: I discussed with an open-source maintainer why they publish npm packages from their local machine and do not use CI/CD pipelines. They said publishing should require human intervention and want to continue using multi-factor authentication to publish to the npm registry. This led to building the wait-for-secrets GitHub Action. It prints a URL in the build log and waits for secrets to be entered using a browser. Once entered, the workflow continues, and secrets can be used in future steps. The latest release of "eslint-plugin-react" to the npm registry used a one-time password (OTP) from a GitHub Actions workflow! https://ift.tt/MahYW3D...

Comments

Popular posts from this blog

RFK Jr says he was behind mystery of dead bear dumped in Central Park with bicycle - The Guardian US

Israel orders Gazans out of swathes of Khan Younis - Reuters

Mexico's president says country will break diplomatic ties with Ecuador - NPR