Secrets should not be given on command line
When using the authorization feature of gitlab pages, gitlab-pages requires secrets to be given on the command line
-auth-client-id string
GitLab application Client ID
-auth-client-secret string
GitLab application Client Secret
-auth-secret string
Cookie store hash key, should be at least 32 bytes long.
This is securitywise very bad resp. a total no-go. There should be used files (like for -admin-secret-path
) to store such variables.
Edited by Sean Carroll