mirror of
https://github.com/gravitational/teleport
synced 2024-10-21 01:34:01 +00:00
cce6db2e5f
Part of this change is implementing a "no secrets" policy for CI. Given that
we have to support CI for arbitrary external contributors, and
it is easy to craft a malicious PR that exfiltrates secrets during a CI build
any test that runs under CI must be able to do so without any injected secrets.
This means that several of the test we currently run under Drone will not be run on GCB, at least as part of the regular CI. The plan is to create a separate task that periodically runs tests that require external credentials (e.g. Kube tests, various backend data stores, etc.) in a more secure way and report failures asynchronously. And while these tests will not run under CI, the should still be built under CI so that required changes are caught during review.
|
||
|---|---|---|
| .. | ||
| doc-tests.yaml | ||
| integration-tests.yaml | ||
| lint.yaml | ||
| unit-tests.yaml | ||