[11:52:47] <wikibugs>	 10Huggle: Fix queue icon for users who get blocked - it remains same after blocking user. - https://phabricator.wikimedia.org/T286151 (10Petrb)
[11:53:06] <wm-bot>	 Change on 12en.wikipedia.org a page Wikipedia:Huggle/Feedback was modified, changed by Petrb link https://en.wikipedia.org/w/index.php?diff=1031910132 edit summary: /* Blocked user icon */ r
[11:53:36] <wikibugs>	 10Huggle: Fix queue icon for users who get blocked - it remains same after blocking user. - https://phabricator.wikimedia.org/T286151 (10Petrb) p:05Triage→03Medium
[19:59:15] <phuzion>	 petan: Question for ya about Appveyor. How does Appveyor upload the nightlies to your server? I can almost certainly set up the exact same thing using GHA and that should get us the ability to drop Appveyor entirely.
[20:05:22] <petan>	 it's using ssh
[20:05:30] <petan>	 scp with user / password I think
[20:06:00] <phuzion>	 Alright. I suspect we could automate this with a SSH key
[20:06:01] <petan>	 but you first need to be able to fully compile huggle and make that .zip with all dependencies, that's the hardest part
[20:06:18] <petan>	 yeah authentication is probably simplest part
[20:06:20] <phuzion>	 Is that not happening in the current gha workflow?
[20:06:37] <petan>	 I don't know, are you executing veyor.ps1 ?
[20:06:46] <phuzion>	 Yeah
[20:06:52] <petan>	 aha, in that case it does
[20:06:55] <phuzion>	 https://github.com/huggle/huggle3-qt-lx/blob/master/.github/workflows/huggle.yml#L72
[20:07:46] <petan>	 ok in veyor there is concept of artifacts that's files that were created as part of the build process
[20:08:21] <phuzion>	 GHA has artifacts too
[20:08:31] <petan>	 there is config option that allows upload of artifacts using certain protocols, and definition of credentials it's all done in project config so it's not publicly visible
[20:09:10] <petan>	 you can't exactly put authentication in any publicly visible config, even if using ssh keys
[20:09:15] <phuzion>	 GHA has a secrets vault
[20:09:18] <petan>	 because you would have to put the private key in there
[20:09:27] <petan>	 ok
[20:09:35] <phuzion>	 So people would see that you're using a secret, but the secret itself is never exposed to the end user.
[20:09:53] <petan>	 and who can define / change / see the secret?
[20:10:09] <phuzion>	 " Secrets are environment variables that are encrypted. Anyone with collaborator access to this repository can use these secrets for Actions. "
[20:10:47] <phuzion>	 I don't think you can see the secrets once they're entered though, let me check something
[20:12:51] <phuzion>	 Yeah the secrets can be updated, but they cannot be viewed.,
[20:14:15] <phuzion>	 So contributors could hypothetically change where the nightlies go, but they wouldn't be able to intercept your key and access your system.