Closed tamsinforbes closed 21 hours ago
MOJAS_COLLABORATORS_GENERAL_ADMIN FG-PAT as GitHub Secret MOJAS_COLLABORATORS_GENERAL_ADMIN_BOT_PAT
Permissions scope - all repos Repo perms: Admin RW; PR RW; Issue RW; Contents RW; Webhooks RW; Org perms; Admin RW; Member R
User Need
As a member of the operations engineering team, I want to organise and secure the GitHub personal access tokens in the
moj-operations-engineering-bot
account, so that we can reduce risks, improve clarity, and align with best practices in token management.Value
Properly managing these tokens will significantly reduce security risks by limiting their scope and improving their traceability. It will also streamline our processes by creating a clear and efficient method for future token creation and management.
The
NEW_TOKEN
Classic token is currently used inmoj-analytical-services/github-outside-collaborators
as OPS_BOT_TOKEN in GitHub secrets for this repository.Functional Requirements:
moj-operations-engineering-bot
account for use inmoj-analytical-services/github-outside-collaborators
.Non-Functional Requirements:
Acceptance Criteria:
moj-operations-engineering-bot
account.moj-analytical-services/github-outside-collaborators
is renamed and updated to use the new token.Notes:
Should be same permissions required as for this ticket