From 24ea8bde6ffa706d8f42694872242050f2c574e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20OLIVIER?= <cedric3.olivier@orange.com>
Date: Mon, 24 Feb 2025 16:28:06 +0000
Subject: [PATCH] fix(security): remove generated-deployment.yml from artifact

On kustomize with secret CI/CD variables  used for substitution for example with a pre-apply script, secrets was leaked in artifacts.

You need to :
* delete k8s-<env>-deploy artifacts
* renew all leaked secrets
---
 templates/gitlab-ci-k8s.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/templates/gitlab-ci-k8s.yml b/templates/gitlab-ci-k8s.yml
index 0a38b16..477eaa8 100644
--- a/templates/gitlab-ci-k8s.yml
+++ b/templates/gitlab-ci-k8s.yml
@@ -936,7 +936,6 @@ k8s-score:
     name: "$ENV_TYPE env url for $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
     when: always
     paths:
-      - generated-deployment.yml
       - environment_url.txt
     reports:
       dotenv: kubernetes.env
-- 
GitLab