diff options
author | Chris Rebert <github@rebertia.com> | 2014-12-10 03:17:01 +0300 |
---|---|---|
committer | Chris Rebert <github@rebertia.com> | 2014-12-10 03:17:01 +0300 |
commit | 81873b8322e0da3ca765f54cf93651a83a393918 (patch) | |
tree | 4f20f694baffc848ec949aaa049fab2d32161c92 | |
parent | 87c3beb48404c8ee7d5b35bd04ada8122b011c0c (diff) |
explain what makes files sensitive in the Sauce use case
-rw-r--r-- | README.md | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -23,7 +23,7 @@ By automating the process of initiating Travis-based Sauce tests and posting the ## How it works (for the Open Sauce use-case) 1. Use GitHub webhooks to listen for new or updated pull requests in a given GitHub repository. 2. If the pull request does not modify any JavaScript files, ignore it. -3. Ensure that no sensitive build files (e.g. `.travis.yml`, `Gruntfile.js`) have been modified. +3. Ensure that no sensitive build files (e.g. `.travis.yml`, `Gruntfile.js`) have been modified, since these files have the potential to cause leakage/exposure of the Sauce login credentials. 4. Clone the pull request's branch and push it to a test repo under an autogenerated name. 5. Travis CI will automatically run a build on the new branch *under the test repo's user*. Thus, this build will have access to Travis secure environment variables; in particular, it will have access to the Sauce Labs credentials. 6. Use webhooks to track the status of the Travis build. |