Conversation
🤖 Augment PR SummarySummary: Adds optional GitLab CI pipeline generation to the helper update tooling. Changes:
Technical Notes: The generated pipeline bootstraps tooling via Coursier and runs 🤖 Was this summary useful? React with 👍 or 👎 |
![augmentcode[bot]](https://avatars.githubusercontent.com/in/1027498?s=60&v=4){kind=small}
| | HTTP_PROXY: $$ALL_PROXY | ||
| | HTTPS_PROXY: $$ALL_PROXY | ||
| | SCALA_IMAGE: ${pipelineConfig.baseImage} | ||
| | ${pipelineConfig.companyMVNUser}: $$CI_REGISTRY_USER |
There was a problem hiding this comment.
pipelineConfig.companyMVNUser / companyMVNPassword are interpolated as YAML variable keys; given the names, it’s easy for callers to accidentally pass actual credentials and end up writing them into .gitlab-ci.yml (or generating invalid YAML). Consider ensuring these values are clearly/strictly treated as env-var names (validated/sanitized) before generating the file.
Severity: medium
Other Locations
04-helper/src/main/scala/orchescala/helper/util/PipelineConfig.scala:704-helper/src/main/scala/orchescala/helper/util/PipelineConfig.scala:8
🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.
| | variables: | ||
| | CI_DEBUG_SERVICES: false | ||
| | script: | ||
| | - echo $$CI_REGISTRY_USER |
There was a problem hiding this comment.
This echo $$CI_REGISTRY_USER will print the registry username into CI logs; consider whether that’s intended for all pipelines (especially if logs are shared externally).
Severity: low
🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.
1 participant
No description provided.