Closed BackNot closed 2 weeks ago
In the yaml process workflow - https://github.com/owaspsamm/core/blob/develop/.github/workflows/yaml-process.yml
the third and last step is communication to the SAMM Website repository when a tag is being pushed to this (core) repository. This way, the other repository knows that the yaml model files are updated.
In this pull request - https://github.com/owaspsamm/core/pull/159 I made the job start. However, I don't have access to this repository secrets.
What is needed -
Someone should create fine-grained personal access token with access for https://github.com/owaspsamm/website . This happens from the profile menu -> developer settings.
The token should be configured for the website repository with "Read access to metadata" and "Read and Write access to code".
After that this token should be put in this repository secrets with token name "OWASP_SAMM_WEBSITE_TOKEN"
After that the process should work as designed (by notifying the website repository on pushed tags).
In the yaml process workflow - https://github.com/owaspsamm/core/blob/develop/.github/workflows/yaml-process.yml
the third and last step is communication to the SAMM Website repository when a tag is being pushed to this (core) repository. This way, the other repository knows that the yaml model files are updated.
In this pull request - https://github.com/owaspsamm/core/pull/159 I made the job start. However, I don't have access to this repository secrets.
What is needed -
Someone should create fine-grained personal access token with access for https://github.com/owaspsamm/website . This happens from the profile menu -> developer settings.
The token should be configured for the website repository with "Read access to metadata" and "Read and Write access to code".
After that this token should be put in this repository secrets with token name "OWASP_SAMM_WEBSITE_TOKEN"
After that the process should work as designed (by notifying the website repository on pushed tags).