Open ben851 opened 4 months ago
As a developer of Notify, I would like my github actions to be secure and following best practices so that I can minimize security threats.
Increased security, better alignment with best practices
CDS SRE has created a Github Action that injects JIT tokens, so that we don't have static, long-lived tokens in our pipelines. https://github.com/cds-snc/gcds-components/blob/424b138d6ebf8e3df77b2e265ff386bf1e39d7cf/.github/workflows/release-generator.yml#L15-L19
We will need to go through all github actions for Notify and migrate to this new method.
Increased security, reliability, and aligns with best practices.
Description
As a developer of Notify, I would like my github actions to be secure and following best practices so that I can minimize security threats.
WHY are we building?
Increased security, better alignment with best practices
WHAT are we building?
CDS SRE has created a Github Action that injects JIT tokens, so that we don't have static, long-lived tokens in our pipelines. https://github.com/cds-snc/gcds-components/blob/424b138d6ebf8e3df77b2e265ff386bf1e39d7cf/.github/workflows/release-generator.yml#L15-L19
We will need to go through all github actions for Notify and migrate to this new method.
VALUE created by our solution
Increased security, reliability, and aligns with best practices.
Acceptance Criteria
QA Steps