team-narwhal-user
commented
1 year ago :tada: This PR is included in version 2.0.5 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
Closed gclapperton closed 1 year ago
team-narwhal-user
commented
1 year ago :tada: This PR is included in version 2.0.5 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
What does this PR do?
The
snyksecGithub service account is being disabled to comply with the ProdSec security standards, so each team must create their own Github service account. The Narwhal service account can be found in theTeam Narwhal1Password vault.Further, as per the standards, secrets and contexts should not be shared across projects where possible to limit the blast radius. So, as part of this work, a
narwhal-policyCircleCI context has been created with a project specificSNYK_TOKENandGITHUB_PRIVATE_TOKEN. This PR updates the context, after which, theSNYK_TOKENenvironment variable will be removed from CircleCI