search

terraform-google-modules / terraform-example-foundation

Shows how the CFT modules can be composed to build a secure cloud foundation
https://cloud.google.com/architecture/security-foundations
Apache License 2.0
1.22k stars 714 forks source link

Why use personal token vs. GITHUB_TOKEN? #1274

Open lpezet opened 3 months ago

lpezet commented 3 months ago

TL;DR

Current process will store someone's personal token (gh_token) and keep "carrying it"/using it everywhere (including pipeline) ad vitam aeternam. Github Actions provides the (less fine-grained) token GITHUB_TOKEN. Any particular reasons to not use that one instead? The way I see it the personal token can be fine-tuned, re. permissions, as needed and the GITHUB_TOKEN is either permissive or not. Is that the only reason, to have greater control over the permissions of the token?

Terraform Resources

No response

Detailed design

No response

Additional information

No response

github-actions[bot] commented 1 month ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days