Closed sj-williams closed 1 month ago
github_token
: cloud-platform-concourse-bot
cloud_platform_infrastructure_pr_git_access_token
: Machine user for the MoJ Cloud Platform team
how_out_of_date_are_we_github_token
: Machine user for the MoJ Cloud Platform team
authorized_keys_github_token
: Machine user for the MoJ Cloud Platform team
github_actions_secrets_token
: Sablu M
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer ****" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/user
1) Checked the tokens for GH user cloud-platform-concourse-bot:- hammer-bot cloud-platform-concourse-bot
2) Checked the tokens for GH user cloud-platform-moj (username for Machine user for the MoJ Cloud Platform team):- cloud-platform-review-docs cloud-platform-infrastructure-plan-pipeline cloud-platform-runbooks PUBLISHING_GIT_TOKEN https://how-out-of-date-are-we.apps.live-1.cloud-platform.service.justice.gov.uk authorized-keys-provider
3) Need to check the token github_actions_secrets_token which was generated by GH user Sablu M
@sablumiah please can you check this when you get some time
Background
We have several unique github tokens (some PAT) that are in use by Concourse pipelines
We need to review all of these, ensure that they belong to / are created by the appropriate user. ie if they are concourse-bot GH user PATs, we should look at renaming the var to reflect this.
Alternatively, we could look at possibility of managing them all via GH Concourse App?
relates to #5748