random-mirrors/cosmos-explorer
1
0
Fork 0
mirror of https://github.com/Azure/cosmos-explorer.git synced 2026-06-12 15:37:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b288ed7374cc4bad9e79528c4b742cdc8f7853bb
cosmos-explorer/.github/workflows
T
History
Sung-Hyun Kang b288ed7374 ci: route Playwright reports through private Azure Storage container 
Replaces the public `/playwright-reports/*` static-website uploads and all GitHub Actions artifact uploads for Playwright traces/videos/blob-reports with uploads to a new private container `playwright-reports` on the same storage account. PR comments now link to an Azure Portal blob-properties deep link (requires AAD sign-in) instead of the previously anonymous static-site URL.

Fixes MSRC finding: Playwright traces captured on test failure embed Authorization: Bearer headers, and the existing publish path made them anonymously downloadable. The new private container is RBAC-gated (Storage Blob Data Reader/Contributor at container scope) and the storage account already has anonymous blob access and shared-key access disabled.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-06-10 14:16:46 -05:00
..
ci.yml
ci: route Playwright reports through private Azure Storage container
2026-06-10 14:16:46 -05:00
cleanup.yml
Fix playwright tests (#2325)
2026-04-03 11:34:10 -07:00