Gerate credentials for studio terraform

Altinn / altinn-platform

Altinn Platform infrastructure

6 stars 1 forks source link

Gerate credentials for studio terraform #820

Closed mirkoSekulic closed 2 days ago

mirkoSekulic commented 4 days ago

Description

Our terraform pipeline in production fails due to expired credentials.

New credentials should be created and updated in the keyvault.

Additional Information

Credentials used for for studio are stored in altinn-terraform-kv.

Herskis commented 4 days ago

Nok en kandidat for federated credentials!?

bengtfredh commented 4 days ago

@mirkoSekulic What pipeline is this?

Herskis commented 4 days ago

(https://dev.azure.com/brreg/altinn-studio-ops/_build/results?buildId=1079094&view=logs&j=12f1170f-54f2-53f3-20dd-22fc7dff55f9&t=d3d2f9a6-97a6-57cb-4647-4151c25603b5)

mirkoSekulic commented 4 days ago

@bengtfredh https://dev.azure.com/brreg/altinn-studio-ops/_build?definitionId=344

bengtfredh commented 4 days ago

@mirkoSekulic

I can create new token, but we prefer to migrate your serviceconnection to federated credential - for this to work you may need to update pipeline code.

I created new token for now - but please create an issue to upgrade serviceconnection to federated credential.

mirkoSekulic commented 4 days ago

@bengtfredh I tried to run the pipeline now but seems like we still have the problem. https://dev.azure.com/brreg/altinn-studio-ops/_build/results?buildId=1079856&view=logs&j=12f1170f-54f2-53f3-20dd-22fc7dff55f9&t=d3d2f9a6-97a6-57cb-4647-4151c25603b5. Seems like the same creds are used since the error message is "expired". I also created the issue for moving to federated credentials.