Refresh GHA Tugboat credentials #16734
Comments
|
@maortiz-27-80 @BerniXiongA6 let's chat about this for the next refinement since one of the credentials has an expiry date. The task is simple but I'll need help from DevOps to figure out ownership. |
|
Hi @JunTaoLuo since we canceled backlog refinement, did you need to chat with @maortiz-27-80 and/me about this ticket? Let us know. Thanks! |
|
Yup we should chat about this! The actual actions needed here are very quick but I just need to figure out who should own these credentials, thanks! |
|
OK @JunTaoLuo will grab time for @maortiz-27-80 you and me next week -- thank you! |
|
@JunTaoLuo you've onboarded with access for @va-cms-bot, right? It should own the credentials used here. If not, onboarding should be fairly painless. See here: #14345 |
|
Ah I don't think I ever onboard with that account. Would it be better for me to onboard with it now or work with someone who already has access? |
|
I can do it 🤷🏻 NBD |
|
This should be done now. |
|
Thanks @ndouglas! I'll keep an eye out and see if everything works as expected when the workflows trigger. |
|
Looks like everything is working thanks! |
User Story or Problem Statement
As a maintainer of the GHA infrastructure, the GHA credentials should not be owned by any one engineer but instead be managed centrally along with other secrets and credentials.
Description or Additional Context
This is a followup to the PRs #16562 and #16279. There are two credentials:
TUGBOAT_API_TOKENandLABEL_API_TOKEN. The current tokens are generated by me as a temporary measure but should be refreshed with a centrally managed account or DevOps like all other credentials.Steps for Implementation
Acceptance Criteria
Team
The text was updated successfully, but these errors were encountered: