Details
-
Story
-
Resolution: Done
-
Normal
Description
When performing an OKD release using skhoury@redhat.com's account via a Personal Access Token, we received an HTTP 403 using the GitHub CLI tool. This poses two problems:
- We don't know what permissions are actually required.
- It binds the permissions and credentials to an individual or gives a group of individuals a lot of unnecessarily elevated permissions. Thus, it may better to have them bound to a robot account.
Done When:
- We understand what permissions are required to create a GitHub release in both the okd-project/okd and okd-project/okd-scos repositories.
- Either a robot GitHub account is created or another authentication mechanism (such as an OAuth application) is used.
- The credentials needed to do that are created in both the OperateFirst Vault instance and the okd-team namespace on the Smaug cluster.
Attachments
Issue Links
1.
|
GitHub apps setup and tekton dev changes | Closed | Alex Guidi | ||
2.
|
PROW changes | Closed | Alex Guidi |