Comments (1)
When you use the above command, the secrets are exposed through the commandline for the process. So if your runner is compromised, your docker credentials are compromised.
The major use of this action is to avoid the above security issue.
We avoid it by creating the file which the same command eventually generates without logging your secrets anywhere; we create that file in a temp directory instead of the home of the runner. This triggers a clean up as soon as the workflow context ends.
The alternative for this action is using the command like this cat ~/my_password.txt | docker login --username foo --password-stdin
also additionally cleaning up the my_password.txt
file after your workflow is done.
from docker-login.
Related Issues (20)
- Always getting denied for push to docker hub HOT 1
- Use same secret AZURE_CREDENTIALS as Azure/login and Azure/aks-set-context HOT 2
- docker: command not found HOT 1
- How to deal with registries that can't be opened to public internet HOT 1
- AZURE_WEBAPP_PUBLISH_PROFILE
- Remove the admin account requirement for Docker login action
- GITHUB_TOKEN permissions used by this action HOT 1
- --build-arg vanishing during build? HOT 1
- Compose build and push to container registry causes crashing of Azure container apps HOT 1
- Node 12 is deprecated, move to node 16 HOT 4
- Invalid clientid or client secret HOT 2
- Can not use the new docker/login version v1.0.1 HOT 19
- Upgrade deprecated node.js from 12 to 16 broke docker-login/v1 HOT 5
- 到底什么是嵌入式?什么是单片机?究竟有何区别?
- Login to ACR apparently successful but subsequent dotnet publish fails HOT 2
- Allow login using service credentials dirctly HOT 1
- Multiple login with GCR and ACR HOT 2
- Add support to authenticate using "Azure federated credentials" HOT 3
- Reporting a vulnerability HOT 1
- Node 16 is deprecated, move to node 20 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-login.