Pass secrets to fork PRs after approval

I completely understand why passing secrets to all forked PRs is unwise (an attacker could rewrite your .circleci/config.yml or any myriad of other files and print them). However, this also means our system tests can not effectively run pre-merge, which is also problematic.

Feature request: Make it such that (if we so configure it) secrets can be passed to fork PRs, but only after a GitHub collaborator has approved the PR using the GitHub review system. Thus, anyone using this tooling can have a workflow along the lines of:

  • PR is submitted from external contributor.
  • Unit tests run and pass on CircleCI
  • Someone with commit bit reviews the PR and approves it in GitHub
  • Unit and system tests run and pass on CircleCI
  • Branch is able to be merged

Thank you for your consideration.