How should a pipeline handle secrets like API keys or tokens?

Problem Statement

Explanation

Never hard code secrets in scripts or in the repo. Store them in a secret manager or the CI vault and inject at runtime only. Scope access with least privilege and rotate keys regularly to reduce blast radius.

Code Solution

SolutionRead Only

env:
 DB_PASSWORD: ${{ secrets.DB_PASSWORD }}

Practice Sets

This question appears in the following practice sets:

Fundamentals of CI/CD

Next Question

Master Interviews
Anywhere, Anytime

How should a pipeline handle secrets like API keys or tokens?

Problem Statement

Explanation

Code Solution

Practice Sets

Related Questions

What is the main goal of a CI/CD pipeline?

Which statement best separates Continuous Integration from Continuous Delivery?

Choose the common order of stages in a basic pipeline.

What usually triggers a CI run in modern platforms?

What is a build artifact in CI/CD?

More from CI/CD Pipelines

Master Interviews Anywhere, Anytime

How should a pipeline handle secrets like API keys or tokens?

Problem Statement

Explanation

Code Solution

Practice Sets

Related Questions

What is the main goal of a CI/CD pipeline?

Which statement best separates Continuous Integration from Continuous Delivery?

Choose the common order of stages in a basic pipeline.

What usually triggers a CI run in modern platforms?

What is a build artifact in CI/CD?

More from CI/CD Pipelines

Master Interviews
Anywhere, Anytime