How should build secrets be handled? To be more specific I use a private npm repository for which I need to provide an auth token. I don’t see a way thats not involving pushing the token to the underlying git repo.
Does anyone have experience regarding this?
There are 2 options, but both are not available yet:
- secret-store in PANTARIS
- pre-build docker-images and push them to your registry. Reference those images on PANTARIS
In the meanwhile, there might be a work-around, depending on your setup and where you use them (e.g. just in a frontend):
- build the js code in your pipeline (gh actions, jenkins, etc)
- let the pipline push the already built artifacts (e.g. html/css/js dist for a nginx) to the PANTARIS git-repo