I’m not sure where to post this topic, as it could be a bug, or simply my own misunderstanding.
This CircleCI Blog post: https://circleci.com/blog/triggering-trusted-ci-jobs-on-untrusted-forks/
Ends with this snippet:
Something new to explore is CircleCI’s recent announcement of restricted contexts which includes the possibility of injecting secrets into a portion of the workflow graph, triggered by a manual approval step. That could be the foundation for a more convenient and flexible approach to letting reviewers trigger trusted builds.
Is this currently possible, or is the author alluding to a potential future enhancement?
I have a workflow that has:
- Unrestricted jobs
- Manual approval job
- Job with restricted context
However, my job with a restricted context does not spin up with the context’s environment variables if initially triggered from a fork, even if the approver meet’s the restricted context’s requirements.