![]() There must be a better way to use authenticated Google APIs from Gitlab. Using manually generated keys not invites risk, it violates one of the core implied, least-talked about principles of service account best practices: don’t use manually generated keys if you don’t have to! This is such a frustrating and obvious problem. If you’re doing this now, all it takes is one Gitlab permission misconfiguration for your keys to be at risk of exposure.Then you’re in real trouble. ![]() ![]() Time to come clean: do you feel the pangs of guilt whenever you generate keys for your Google Cloud Platform Service Accounts and upload them to Gitlab for your Gitlab CI pipelines? Do you lose sleep at night over your all the service account keys laying around in plain text, stuffed into CI variables? Do you joke to yourself that a hacker will inevitably compromise your keys and perhaps waste thousands of dollars mining cryptocurrency on your employer’s dime? Secure Deployments from Gitlab to Google Cloud Platform ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |