Updates of secrets information (#332)

* Updated commiter kosli-github and kosli-jira tokens

* Updated fury gitbucket and gitlab token info

* Removed GHCR_TOKEN that was not used

* Removed use of GHCR_TOKEN

* Updated date for ghcr which can be leleted when we have tested it

* Added more info about GPC secretes

.github/workflows/docker.yml

@@ -26,10 +26,6 @@ on:
         required: true
       slack_webhook:
         required: true
-      ghcr_user:
-        required: true
-      ghcr_token: 
-        required: true         
       kosli_api_token:
         required: true
       snyk_token:

.github/workflows/main.yml

@@ -87,7 +87,5 @@ jobs:
     secrets:
       slack_webhook: ${{ secrets.MERKELY_SLACK_CI_FAILURES_WEBHOOK }}
       slack_channel: ci-failures
-      ghcr_user: ${{ secrets.GHCR_USER }}
-      ghcr_token: ${{ secrets.GHCR_TOKEN }}
       kosli_api_token: ${{ secrets.KOSLI_PUBLIC_API_TOKEN }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}

.github/workflows/release.yml

@@ -96,15 +96,14 @@ jobs:
     secrets:
       slack_webhook: ${{ secrets.MERKELY_SLACK_CI_FAILURES_WEBHOOK }}
       slack_channel: ci-failures
-      ghcr_user: ${{ secrets.GHCR_USER }}
-      ghcr_token: ${{ secrets.GHCR_TOKEN }}
       kosli_api_token: ${{ secrets.KOSLI_PUBLIC_API_TOKEN }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}
 
   goreleaser:
     needs: [test]
     runs-on: ubuntu-latest
     permissions:
+      contents: write
       id-token: write
       attestations: write
     outputs:
@@ -129,7 +128,7 @@ jobs:
           version: latest
           args: release --clean
         env:
-          GITHUB_TOKEN: ${{ secrets.GHCR_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           FURY_TOKEN: ${{ secrets.FURY_TOKEN }}
 
       - uses: actions/upload-artifact@v4

secrets/gh-repo-azure-client-id.txt

@@ -3,7 +3,7 @@ secret-expire: 2024-09-01
 secret-updated:
 secret-updated-by:
 secret-type: gh-repo
-is-secret: true
+is-secret: false
 secret-usage:
 
 update-instructions:

secrets/gh-repo-committer-token.txt

@@ -1,19 +1,20 @@
 secret-name: COMMITTER_TOKEN
-secret-expire: 2024-09-01
-secret-updated:
-secret-updated-by:
+secret-expire: 2025-09-27
+secret-updated: 2024-09-27
+secret-updated-by: tore
 secret-type: gh-repo
 is-secret: true
 secret-usage: Used both to create a pull-request to helm-chart and home-brew
 
 update-instructions:
+https://github.com/settings/tokens
 Go to the Developer's Github profile
   -> Settings
   -> Developer settings
   -> Personal access tokens
   -> Tokens (classic)
   -> Generate new token
-Token name: gh-cli-committer-token
+Note: gh-cli-committer-token
 Expiration: one year
 Selected scopes: repo and workflow
 

secrets/gh-repo-fury-token.txt

@@ -1,9 +1,17 @@
 secret-name: FURY_TOKEN
-secret-expire: 2024-09-01
-secret-updated:
-secret-updated-by:
+secret-expire: 2025-09-27
+secret-updated: 2024-09-27
+secret-updated-by: tore
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Token used to publish our Linux pagages (.deb .rpm) to Gemfury
+https://manage.fury.io/dashboard/kosli
 
 update-instructions:
+Go to https://manage.fury.io/manage/kosli/tokens/push
+Press <Create new push token>
+Press <Generate token>
+Copy the token
+
+Go to https://github.com/kosli-dev/cli/settings/secrets/actions
+under <Repository secrets>

secrets/gh-repo-ghcr-token.txt

@@ -1,9 +1,11 @@
 secret-name: GHCR_TOKEN
-secret-expire: 2024-09-01
+secret-expire: 2024-12-01
 secret-updated:
 secret-updated-by:
 secret-type: gh-repo
 is-secret: true
 secret-usage:
 
+This is no longer used and can be deleted. Tore 2024-09-27
+
 update-instructions:

secrets/gh-repo-ghcr-user.txt

@@ -1,9 +1,11 @@
 secret-name: GHCR_USER
-secret-expire: 2024-09-01
+secret-expire: 2024-12-01
 secret-updated:
 secret-updated-by:
 secret-type: gh-repo
 is-secret: true
 secret-usage:
 
+This is no longer used and can be deleted. Tore 2024-09-27
+
 update-instructions:

secrets/gh-repo-gpg-passphrase.txt

@@ -4,6 +4,15 @@ secret-updated:
 secret-updated-by:
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Used to have a signe git commit for helm chart.
+Used together with GPG_PRIVATE_KEY and 
+commiter in Create Pull Request in helm-chart.yml 
 
 update-instructions:
+Instructions here: https://github.com/crazy-max/ghaction-import-gpg?tab=readme-ov-file#prerequisites
+
+# macOS (not tested)
+gpg --armor --export-secret-key $(git config user.email) | pbcopy
+
+# Ubuntu (assuming GNU base64)
+gpg --armor --export-secret-key $(git config user.email) -w0 | xclip -sel clip

secrets/gh-repo-gpg-private-key.txt

@@ -4,6 +4,23 @@ secret-updated:
 secret-updated-by:
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Used to have a signe git commit for helm chart.
+Used together with GPG_PRIVATE_KEY and 
+commiter in Create Pull Request in helm-chart.yml 
 
 update-instructions:
+Instructions taken from here, bu
+https://github.com/crazy-max/ghaction-import-gpg?tab=readme-ov-file#prerequisites
+
+# macOS
+gpg --armor --export-secret-key $(git config user.email) | pbcopy
+
+# Ubuntu
+# Run this command and give a passphrase when asked. Rember the passphrase
+gpg --armor --export-secret-key $(git config user.email) -w0 | xclip -sel clip
+
+Go to https://github.com/kosli-dev/cli/settings/secrets/actions
+under <Repository secrets>
+And set both the GPG_PRIVATE_KEY and GPG_PASSPHRASE
+
+OBS. Also update commiter in .github/workflows/helm-chart.yml

secrets/gh-repo-kosli-bitbucket-password.txt

@@ -4,6 +4,8 @@ secret-updated:
 secret-updated-by:
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Used to test Bitbucket integration.
+The tests are currently setup to work for the
+bitbucket-org ewelinawilkosz 
 
 update-instructions:

secrets/gh-repo-kosli-github-token.txt

@@ -1,9 +1,23 @@
 secret-name: KOSLI_GITHUB_TOKEN
-secret-expire: 2024-09-01
-secret-updated:
-secret-updated-by:
+secret-expire: 2025-09-27
+secret-updated: 2024-09-27
+secret-updated-by: tore
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Used to run integration tests towards GitHub
 
 update-instructions:
+You can use the same secret as COMMITTER_TOKEN
+https://github.com/settings/tokens
+Go to the Developer's Github profile
+  -> Settings
+  -> Developer settings
+  -> Personal access tokens
+  -> Tokens (classic)
+  -> Generate new token
+Note: gh-cli-committer-token
+Expiration: one year
+Selected scopes: repo and workflow
+
+Go to https://github.com/kosli-dev/cli/settings/secrets/actions
+under <Repository secrets>

secrets/gh-repo-kosli-gitlab-token.txt

@@ -4,6 +4,20 @@ secret-updated:
 secret-updated-by:
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Used to test Gitlab integration.
+The tests are currently setup to work for the
+gitlab-org ewelinawilkosz 
 
 update-instructions:
+Go to https://gitlab.com/
+On the left sidebar, select your avatar.
+Select Edit profile.
+On the left sidebar, select Access tokens.
+Select Add new token.
+Token name: CLI-integration-testing-YYYY-MM-DD
+Expiration date: One year
+Select scopes: api
+Select Create personal access token.
+
+Go to https://github.com/kosli-dev/cli/settings/secrets/actions
+under <Repository secrets>

secrets/gh-repo-kosli-jira-api-token.txt

@@ -1,9 +1,17 @@
 secret-name: KOSLI_JIRA_API_TOKEN
-secret-expire: 2024-09-01
-secret-updated:
-secret-updated-by:
+secret-expire: 2025-09-27
+secret-updated: 2024-09-27
+secret-updated-by: tore
 secret-type: gh-repo
 is-secret: true
-secret-usage:
+secret-usage: Used to test Jira integration
 
 update-instructions:
+Go to
+https://id.atlassian.com/manage-profile/security/api-tokens
+Press <Create API token>
+Label: CLI-integration-testing-YYYY-MM-DD
+Create secret
+
+Go to https://github.com/kosli-dev/cli/settings/secrets/actions
+under <Repository secrets>