Skip to content

FAILED: Repository Linter Issue: rl-secret_rotation #1785

Description

@sap-repository-linter

A violation against the SAP Open Source standards have been detected.

Rule: rl-secret_rotation

Message: The following GitHub Actions secrets have not been rotated within the last 12 months:

  • HEUREKA_APP_PROPS_BASE64
  • HUSKY
  • JIRA_EPIC_KEY

Recommended actions:

  1. Replace long-lived secrets with OIDC (OpenID Connect) tokens where possible
  2. For required static credentials (API keys, tokens), rotate them at least annually
  3. Review and remove any unused secrets

Description: Checks if all GitHub Actions secrets have been rotated within the last 12 months. Long-lived secrets should be replaced with OIDC tokens where possible, and required static credentials must be rotated annually.

Documentation

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    New

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions