CLAassistant
commented
1 year ago
All committers have signed the CLA.
Closed jdbaldry closed 1 year ago
CLAassistant
commented
1 year ago
All committers have signed the CLA.
The GH_BOT_ACCESS_TOKEN has permissions beyond those required for addToProject and other API commands that the issue_commands workflow uses.
The new token is set at an organization level so it does not require repository administrators to rotate the token. It also has the minimal classic PAT permissions to facilitate the workflow.
It has expiry but that expiry is reported via email to the engineering organization and the IT Helpdesk have permissions to regenerate the token when expiration is imminent.
Signed-off-by: Jack Baldry jack.baldry@grafana.com