Remote service accounts protection in autopkgtest?

To: debian-devel@lists.debian.org
Subject: Remote service accounts protection in autopkgtest?
From: Vasyl Gello <vasek.gello@gmail.com>
Date: Sun, 22 Jan 2023 21:33:17 +0000
Message-id: <[🔎] 526C9137-2A07-41BC-9DDE-192F3B72615C@gmail.com>

Dear colleagues,

Assuming I would like to test the package interacting with some proprietary
third-party service on the web (like Kodi PVR addon), is there any mechanism
protecting of account details so that autopkgtest machines can read them
while outside world can not. Docker / podman / GitHub / GitLab all have
the "secrets" command for exactly that purpose.

I think adding the common GPG key for Debian autopkgtest infrastructure
and exposing only the public key part of it to the public access (so everyone
can encrypt the account details for autopkgtest but not decrypt them) is worth
the efforts.

What do you think?

--
Vasyl Gello

Certified SolidWorks Expert

Mob.:+380 (98) 465 66 77

E-Mail: vasek.gello@gmail.com

호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Remote service accounts protection in autopkgtest?
  - From: Paul Gevers <elbrus@debian.org>

Prev by Date: Bug#1029431: ITP: pyequihash -- python bindings for libequihash: memory-hard Proof-of-Work with fast verification
Next by Date: Bug#1029495: ITP: libdevel-cover-report-clover-perl -- backend for Clover reporting of coverage statistics
Previous by thread: Bug#1029431: ITP: pyequihash -- python bindings for libequihash: memory-hard Proof-of-Work with fast verification
Next by thread: Re: Remote service accounts protection in autopkgtest?
Index(es):
- Date
- Thread