@kid TL;DR: If you have a secret variable in your CI/CD pipeline and it’s written to a file that subsequently gets artifacted, anyone who can access that artifact can also read your secret variable.

Feels like a “no shit” moment but I guess I can see how someone could make this mistake in a more complicated setup than the example in the blog.