[deleted]
My main complaint about the deployment of this, is from a security standpoint. The password is hardcoded as “changeme” for the GitLab Runner container. which when run from an automated script like this the script itself doesn’t make the user aware of that. Like the script itself mentions that you should move credentials.txt but it never makes you aware of the hardcoded password.
it would be nice if it prompted for a password, or used a randomly generated one instead of that hardcode
atzanteol@sh.itjust.works 2 months ago
Please do not normalize running scripts directly from websites.
joegarciar3a3294@lemmy.world 2 months ago
atzanteol@sh.itjust.works 2 months ago
No - you shouldn’t be putting
bash $(curl …)into a post and telling people to run it at all. It’s bad and shouldn’t be normalized in any way. Take. It. Down.BlueBockser@programming.dev 2 months ago
As much as I agree, I think we’re past the point of preventing normalization.
Fuzzypyro@lemmy.world 2 months ago
Agreed. Just point them to the repository. Cloning the repo and running the script is the barrier to entry here. If they can’t do that then reading it would do them no good.