|
|
|
|
|
|
by bazookaworkable
1262 days ago
|
|
|
Throwaway for reasons: From experience, be careful and ensure you properly scope your OIDC connection. It’s very easy to allow ANY GitHub repo with proper OIDC connection bits (SA email, connector pool, etc) to get an OIDC token, rather than what you expect, whether that’s any repo in your private org or a specific single repository. As always, RTFM |
|
|