Dmytro Biryukov
--- a/app/views/projects/triggers/_index.html.haml

+ 4

− 3
+++ b/app/views/projects/triggers/_index.html.haml

+ 4

− 3
 @@ -21,11 +21,12 @@
 @@ -21,11 +21,12 @@
        .gl-new-card-add-form.gl-m-3.js-toggle-content{ class: add_form_class }
          %h4.gl-mt-0
            = _('Add new pipeline trigger token')
-          = render Pajamas::AlertComponent.new(variant: :danger, alert_options: { class: 'gl-mb-5 gl-pb-2' }, dismissible: false) do |c|
+          = render Pajamas::AlertComponent.new(variant: :danger, alert_options: { class:  'gl-mb-5 gl-pb-2' }, dismissible: false) do |c|
+            - keep_tokens_secure_link = link_to(s_('PipelineTriggerTokens|How can I keep my tokens secure?'), 'https://docs.gitlab.com/ee/security/token_overview.html#security-considerations', target: '_blank', rel: 'noopener noreferrer')
            - c.with_body do
              %p
-                = _('It is a security risk to save tokens in plain text in public projects. Potential attackers could use a trigger token exposed in the .gitlab-ci.yml file to impersonate the user that created that token. Use masked CI/CD variables to improve the security of trigger tokens.')
+                = s_('PipelineTriggerTokens|It is a security risk to save tokens in plain text in your project, or store them in a way that malicious users could access them. A leaked trigger token could be used to force an unscheduled deployment, attempt to access CI/CD variables, or other malicious uses. %{keep_tokens_secure_link}').html_safe % { keep_tokens_secure_link: keep_tokens_secure_link }
-          = render 'projects/triggers/form', btn_text: _('Create pipeline trigger token'), show_cancel_button: true
+          = render 'projects/triggers/form', btn_text: s_('PipelineTriggerTokens|Create pipeline trigger token'), show_cancel_button: true
        #js-ci-pipeline-triggers-list.triggers-list{ data: { triggers: @triggers_json } }