wait-for-secrets
Publish from GitHub Actions using multi-factor authentication (by step-security)
circleci-audit
By rupert-madden-abbott
SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
wait-for-secrets | circleci-audit | |
---|---|---|
4 | 3 | |
273 | 3 | |
2.2% | - | |
0.0 | 0.0 | |
10 months ago | over 1 year ago | |
TypeScript | Python | |
Apache License 2.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wait-for-secrets
Posts with mentions or reviews of wait-for-secrets.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-01-04.
-
How to publish on npm with `--provenance` using Lerna-Lite
To deal with the OTP (or any other 2FA), we can use wait-for-secrets. Compared to the previous basic usage, we are splitting the Lerna-Lite Version & Publish into 2 separate tasks. The reason is simple, calling the OTP too early would timeout even before reaching the publish phase, so calling the OTP just before the publish is the best way to avoid invalid pin.
-
Rotate any secrets stored in CircleCI
While OIDC is a good option, at StepSecurity, we are building an open-source project that allows using your MFA tokens for deployments in CI/ CD. So far, it is implemented for GitHub Actions - https://github.com/step-security/wait-for-secrets. In this method, you get a link in the build log, click the link, and can enter credentials at run time, which then gets used in the next step in the pipeline for deployment. So there are no persistent secrets stored in the CI/ CD pipeline and no need for managing/ rotating separate deployment credentials.
- A way to publish from GitHub Actions using multi-factor authentication
- Show HN: Publish from GitHub Actions using multi-factor authentication
circleci-audit
Posts with mentions or reviews of circleci-audit.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-01-04.
-
CircleCI security alert - rotate your secrets
I've created a tool to help track down secrets that are stored in CircleCI: circleci-audit
- CircleCI Audit - A tool to help you track down your CircleCI secrets
-
Rotate any secrets stored in CircleCI
I've created a tool due to this incident to help you find your secrets in CircleCi.
https://github.com/rupert-madden-abbott/circleci-audit
It can:
What are some alternatives?
When comparing wait-for-secrets and circleci-audit you can also consider the following projects:
FTP-Deploy-Action - Deploys a GitHub project to a FTP server using GitHub actions
terraform-aws-oidc-github - Terraform module to configure GitHub Actions as an IAM OIDC identity provider in AWS.
pr-compliance-action - Check PR for compliance on title, linked issues, and files changed
CircleCI-Env-Inspector - A NodeJS tool for discovering all your secrets on CircleCI
github-pages-deploy-action - 🚀 Automatically deploy your project to GitHub Pages using GitHub Actions. This action can be configured to push your production-ready code into any branch you'd like.