Removed use of KOSLI_API_TOKEN, use org level KOSLI_API_TOKEN_PROD in…

…stead, added secrets info files
kosli-dev · Sep 25, 2024 · e5ebe0f · e5ebe0f
1 parent eeb407b
commit e5ebe0f
Show file tree

Hide file tree

Showing 15 changed files with 137 additions and 8 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -49,7 +49,7 @@ jobs:
       FLOW_TEMPLATE_FILE: ${{ needs.pre-build.outputs.trail_template_file }}
       KOSLI_ORG: kosli-public
     secrets:
-      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
       pr_github_token: ${{ secrets.GITHUB_TOKEN }}
 
 
@@ -73,7 +73,7 @@ jobs:
       slack_webhook: ${{ secrets.MERKELY_SLACK_CI_FAILURES_WEBHOOK }}
       slack_channel: ${{ secrets.MERKELY_SLACK_CI_FAILURES_CHANNEL }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}
-      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
 
   docker:
     needs: [pre-build, test, init-kosli]
@@ -89,5 +89,5 @@ jobs:
       slack_channel: ${{ secrets.MERKELY_SLACK_CI_FAILURES_CHANNEL }} 
       ghcr_user: ${{ secrets.GHCR_USER }}
       ghcr_token: ${{ secrets.GHCR_TOKEN }}
-      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -44,7 +44,7 @@ jobs:
         FLOW_TEMPLATE_FILE: ${{ needs.pre-build.outputs.trail_template_file }}
         KOSLI_ORG: kosli-public
       secrets:
-        kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+        kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
         pr_github_token: ${{ secrets.GITHUB_TOKEN }}
 
   never-alone-trail:
@@ -59,7 +59,7 @@ jobs:
         PARENT_TRAIL_NAME: ${{ needs.pre-build.outputs.trail_name }}
         KOSLI_ORG: kosli-public
       secrets:
-        kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+        kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
         pr_github_token: ${{ secrets.GITHUB_TOKEN }}        
 
   test:
@@ -82,7 +82,7 @@ jobs:
       slack_channel: ${{ secrets.MERKELY_SLACK_CI_FAILURES_CHANNEL }}
       jira_api_token: ${{ secrets.KOSLI_JIRA_API_TOKEN }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}
-      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
 
   docker:
     needs: [pre-build, init-kosli, test, never-alone-trail]
@@ -98,7 +98,7 @@ jobs:
       slack_channel: ${{ secrets.MERKELY_SLACK_CI_FAILURES_CHANNEL }} 
       ghcr_user: ${{ secrets.GHCR_USER }}
       ghcr_token: ${{ secrets.GHCR_TOKEN }}
-      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}
 
   goreleaser:
@@ -168,7 +168,7 @@ jobs:
       trail_name: ${{ needs.pre-build.outputs.trail_name }}
       kosli_org: kosli-public
     secrets:
-      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_API_TOKEN_PROD }}
 
   homebrew-pr:
     needs: [goreleaser, pre-build]

diff --git a/secrets/gh-repo-azure-client-id.txt b/secrets/gh-repo-azure-client-id.txt
@@ -0,0 +1,9 @@
+secret-name: AZURE_CLIENT_ID
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-azure-client-secret.txt b/secrets/gh-repo-azure-client-secret.txt
@@ -0,0 +1,9 @@
+secret-name: AZURE_CLIENT_SECRET
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-committer-token.txt b/secrets/gh-repo-committer-token.txt
@@ -0,0 +1,21 @@
+secret-name: COMMITTER_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage: Used both to create a pull-request to helm-chart and home-brew
+
+update-instructions:
+Go to the Developer's Github profile
+  -> Settings
+  -> Developer settings
+  -> Personal access tokens
+  -> Tokens (classic)
+  -> Generate new token
+Token name: gh-cli-committer-token
+Expiration: one year
+Selected scopes: repo and workflow
+
+Go to https://github.com/kosli-dev/cli/settings/secrets/actions
+under <Repository secrets>
diff --git a/secrets/gh-repo-fury-token.txt b/secrets/gh-repo-fury-token.txt
@@ -0,0 +1,9 @@
+secret-name: FURY_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-ghcr-token.txt b/secrets/gh-repo-ghcr-token.txt
@@ -0,0 +1,9 @@
+secret-name: GHCR_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-ghcr-user.txt b/secrets/gh-repo-ghcr-user.txt
@@ -0,0 +1,9 @@
+secret-name: GHCR_USER
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-gpg-passphrase.txt b/secrets/gh-repo-gpg-passphrase.txt
@@ -0,0 +1,9 @@
+secret-name: GPG_PASSPHRASE
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-gpg-private-key.txt b/secrets/gh-repo-gpg-private-key.txt
@@ -0,0 +1,9 @@
+secret-name: GPG_PRIVATE_KEY
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-kosli-azure-token.txt b/secrets/gh-repo-kosli-azure-token.txt
@@ -0,0 +1,9 @@
+secret-name: KOSLI_AZURE_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-kosli-bitbucket-password.txt b/secrets/gh-repo-kosli-bitbucket-password.txt
@@ -0,0 +1,9 @@
+secret-name: KOSLI_BITBUCKET_PASSWORD
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-kosli-github-token.txt b/secrets/gh-repo-kosli-github-token.txt
@@ -0,0 +1,9 @@
+secret-name: KOSLI_GITHUB_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-kosli-gitlab-token.txt b/secrets/gh-repo-kosli-gitlab-token.txt
@@ -0,0 +1,9 @@
+secret-name: KOSLI_GITLAB_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions:
diff --git a/secrets/gh-repo-kosli-jira-api-token.txt b/secrets/gh-repo-kosli-jira-api-token.txt
@@ -0,0 +1,9 @@
+secret-name: KOSLI_JIRA_API_TOKEN
+secret-expire: 2024-09-01
+secret-updated:
+secret-updated-by:
+secret-type: gh-repo
+is-secret: true
+secret-usage:
+
+update-instructions: