|
|
|
|
|
|
by woodruffw
80 days ago
|
|
|
I’m a fan of this, although I’m concerned about the security/trust model: using a third-party CI orchestrator on top of GHA means trusting them with all of your secrets, potentially sensitive logs, etc. Those concerns are somewhat lessened in the context of public repos, but even public repos contain nontrivial workflows that use configured secrets. |
|
|