Technology Radar
Published : Sep 27, 2023
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar.
Understand more
Sep 2023
Trial
推荐实现 CI/CD 的零信任安全的技术之一是通过使用 OpenID Connect (OIDC) 等联合身份机制对流水线进行身份验证,以访问云服务。这一重要的技术仍未被充分利用在 GitHub Actions 中,因此推荐 OIDC for GitHub Actions。通过这种方式,可以避免存储长期的访问令牌来访问云资源,同时确保流水线无法直接访问机密信息。然而,请务必谨慎地限制访问权限,以确保操作以最低权限运行。
