CircleCI and I believe GHA support injecting signed JWTs you can use to bootstra... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nijave 3 days ago \| parent \| context \| favorite \| on: GitHub Actions has a package manager, and it might... CircleCI and I believe GHA support injecting signed JWTs you can use to bootstrap identity be it an IAM role or some other platform where you can trust an OIDC issuer

hinkley 3 days ago [–]

> injecting signed JWTs

How is that not secrets management?

nijave 2 days ago | [–]

It is. Just wanted to point out these flows are also possible on CI. In my other comment, I think it's more fair to differentiate long lived vs short lived secrets

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact