New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reset exposed API keys & move to secrets #90

Open

6 tasks

maneesha opened this issue Oct 25, 2024 · 1 comment

Contributor

maneesha commented Oct 25, 2024

For some scripts where we are not exposing private data, we do expose the API key. For example AMY curricula and workshops.

As general practice, we should never expose API keys. Opening this issue to do the following:

Identify each script in this repo that exposes an API key
Identify any other places we may be using those Redash queries
Reset the API key in Redash
Add the API key to this repo's GH secrets
Update the scripts to use the secret instead of the hard coded key
Update the API key in any other places as needed

@froggleston is there anything else you can think of that we should do?

froggleston commented Oct 29, 2024

That list looks good! 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment