Ensure that the secrets are injected at runtime
tip
This check is currently under development and not yet implemented. Click here to learn how you can help.
Use Case
- Incubating: expected
- Active: expected
- Retiring: expected
Description
Secrets are injected at runtime, such as environment variables or as a file (eg: use Github Secrets)
Details
- C-SCRM: true
- Priority Group: P2
- Mitre: CWE-538
- Sources: CNCF CNSWP 2.0 #195
- How To: Github Docs