This repository is home to the Operations Engineering's tools and utilities for managing, monitoring, and optimising software development processes at the Ministry of Justice. • This repository is defined and managed in Terraform
As a member of the operations engineering team,
I want to organise and secure the GitHub personal access tokens in the moj-operations-engineering-bot account,
so that we can reduce risks, improve clarity, and align with best practices in token management.
Value
Properly managing these tokens will significantly reduce security risks by limiting their scope and improving their traceability. It will also streamline our processes by creating a clear and efficient method for future token creation and management.
MoJ Bot Classic token is currently used in ministryofjustice/operations-engineering-runbooks as GitHub secret GH_BOT_PAT_TOKEN.
Functional Requirements:
[x] Create new token for use in ministryofjustice/operations-engineering-runbooks as per standards agreed in ADR 020
User Need
As a member of the operations engineering team, I want to organise and secure the GitHub personal access tokens in the moj-operations-engineering-bot account, so that we can reduce risks, improve clarity, and align with best practices in token management.
Value
Properly managing these tokens will significantly reduce security risks by limiting their scope and improving their traceability. It will also streamline our processes by creating a clear and efficient method for future token creation and management.
MoJ Bot
Classic token is currently used inministryofjustice/operations-engineering-runbooks
as GitHub secretGH_BOT_PAT_TOKEN
.Functional Requirements:
ministryofjustice/operations-engineering-runbooks
as per standards agreed in ADR 020Acceptance Criteria:
GH_BOT_PAT_TOKEN
GitHub secret inministryofjustice/operations-engineering-runbooks
is updated to use the new token.GH_BOT_PAT_TOKEN
is renamed and the code references to it updated.