Secure Credential Transmission
Codecov has a public GPG key available on our security page and on Keybase
Follow the below instructions for sending your Git Provider credentials to Codecov.
This can be a single file or a zip file. In this example, I have created single file called codecov-credentials.txt the values are the example values from App Integration credentials instructions
Using keybase or the public key from our security site run
curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import
gpg --output codecov-credentials.gpg --encrypt --recipient [email protected] codecov-credentials.txt
example output
Use a private transmission method of your choice to send the file to Codecov.
- Email [email protected]
- Onetime link via password utility such as 1Password
- Other methods discussed with your Codecov representative
Updated over 1 year ago