Replace `NEW_TOKEN` use in `moj-analytical-services/github-outside-collaborators`

[tamsinforbes]

User Need

As a member of the operations engineering team, I want to organise and secure the GitHub personal access tokens in the moj-operations-engineering-bot account, so that we can reduce risks, improve clarity, and align with best practices in token management.

Value

Properly managing these tokens will significantly reduce security risks by limiting their scope and improving their traceability. It will also streamline our processes by creating a clear and efficient method for future token creation and management.

The NEW_TOKEN Classic token is currently used in moj-analytical-services/github-outside-collaborators as OPS_BOT_TOKEN in GitHub secrets for this repository.

Functional Requirements:

• [x] Create new token in moj-operations-engineering-bot account for use in moj-analytical-services/github-outside-collaborators.

Non-Functional Requirements:

• [x] Follow standards as per ADR 020.

Acceptance Criteria:

• [x] See here for proposed new token and GitHub Secret name
• [x] New token created in moj-operations-engineering-bot account.
• [x] The OPS_BOT_TOKEN GitHub secret in moj-analytical-services/github-outside-collaborators is renamed and updated to use the new token.
• [x] Checked it works
• [x] Deleted superfluous GH secret
• [x] Checked it still works!

Notes:

Should be same permissions required as for this ticket

• Replace use of MoJ Bot token in ministryofjustice/github-collaborators (OPS_BOT_TOKEN) #4558

[tamsinforbes]

MOJAS_COLLABORATORS_GENERAL_ADMIN FG-PAT as GitHub Secret MOJAS_COLLABORATORS_GENERAL_ADMIN_BOT_PAT

Permissions scope - all repos Repo perms: Admin RW; PR RW; Issue RW; Contents RW; Webhooks RW; Org perms; Admin RW; Member R