github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/github/actions/AVD-GIT-0002/Terraform.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/github/actions/AVD-GIT-0002/Terraform.md (about)

     1  
     2  Do not store plaintext values in your code but rather populate the encrypted_value using fields from a resource, data source or variable.
     3  
     4  ```hcl
     5  resource "github_actions_environment_secret" "good_example" {
     6  	repository       = "my repository name"
     7  	environment       = "my environment"
     8  	secret_name       = "my secret name"
     9  	encrypted_value   = var.some_encrypted_secret_string
    10  }
    11  
    12  ```
    13  
    14  #### Remediation Links
    15   - https://registry.terraform.io/providers/integrations/github/latest/docs/resources/actions_environment_secret
    16  
    17   - https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
    18