use secrets in a dedicated env

We appended a `# zizmor: ignore[secrets-outside-env]` comment to the following lines:

- .github/workflows/py-coverage.yml:42
- .github/workflows/py-publish.yml:44
- .github/workflows/py-publish.yml:51
- .github/workflows/snyk-container.yml:20

To resolve this (and remove the ignore comments), we need to use a dedicated environment for each secret. It will require creating (duplicate) environments in the cpp-linter org repos that call these reusable workflows (with `secrets: inherit`).

ref: [zizmor `secrets-outside-env` audit rule](https://docs.zizmor.sh/audits/#secrets-outside-env)

_Originally posted by @2bndy5 in https://github.com/cpp-linter/.github/issues/71#issuecomment-4066176228_


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

use secrets in a dedicated env #72

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

use secrets in a dedicated env #72

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions