search

ministryofjustice / operations-engineering

This repository is home to the Operations Engineering's tools and utilities for managing, monitoring, and optimising software development processes at the Ministry of Justice. • This repository is defined and managed in Terraform
https://user-guide.operations-engineering.service.justice.gov.uk/
MIT License
12 stars 5 forks source link

POC of Github App Github authorisation model #4594

Open levgorbunov1 opened 2 months ago

levgorbunov1 commented 2 months ago

User Need

As a Developer I want To test if we can replace bot user with github app for authenticating to Github so that We don't need to manage PAT tokens and an insecure bot user.

Description At the moment we use PAT tokens associated with a bot user to authenticate to Github and perform Github operations, this is insecure and unwieldy. This ticket's purpose is to investigate reconfiguring our Github authentication model to use a Github app for authentication.

Acceptance Criteria:

AntonyBishop commented 1 month ago

Cloud Platform have a similar need. Perhaps when we know the answer we can share our findings - https://github.com/ministryofjustice/cloud-platform/issues/5748