Skip to content

Commit 98225c5

Browse files
GDYendellGDYendell
committed
Update dev-portal GitHub/GitLab API tokens
1 parent 8e2ba0a commit 98225c5

File tree

2 files changed

+14
-9
lines changed

2 files changed

+14
-9
lines changed

README.md

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,7 @@ each print an encrypted token that is safe to commit and push to GitHub.
8383

8484
### GitLab API Token
8585

86-
The GitLab API token is maintaine under a machine user account and can be rotated via a
86+
The GitLab API token is maintain under a machine user account and can be rotated via a
8787
POST request with the existing token. There are separate tokens for dev-portal and
8888
dev-portal-dev. The script works for both depending on which cluster is currently
8989
active. To rotate the dev-portal token, run
@@ -104,18 +104,22 @@ New encrypted gitlab-token for developer-portal-dev-backend:
104104
<encrypted-token>
105105
```
106106

107+
If the token has already expired, you will need to request a new one from a GitLab
108+
admin. With this you can use the following process for GitHub API tokens to manually
109+
create the encrypted version for the sealed secret.
110+
107111
### GitHub API Token
108112

109113
The GitHub API token is slightly more complicated. Currently it is linked to a user
110114
account and needs to be manually rotated and copied in the user GitHub developer tools
111115
settings. The same token is used for both dev-portal and dev-portal-dev, but the
112116
SealedSecret needs to be encrypted by the specific cluster it will be applied to.
113117
Again the script will handle this if the correct cluster is active. To update the
114-
dev-portal token, run
118+
dev-portal token, copy it to your clipboard and run
115119

116120
```bash
117121
$ module load argus
118-
$ util/encrypt-github-token.sh <unencrypted-token>
122+
$ util/encrypt-github-token.sh $(xclip -o -selection clipboard)
119123
New encrypted github-token for developer-portal-backend:
120124
<encrypted-token>
121125
```
@@ -124,11 +128,12 @@ or for the dev-portal-dev token
124128

125129
```bash
126130
$ module load pollux
127-
$ util/encrypt-github-token.sh <unencrypted-token>
131+
$ util/encrypt-github-token.sh $(xclip -o -selection clipboard)
128132
New encrypted github-token for developer-portal-backend:
129133
<encrypted-token>
130134
```
131135

132-
Note the whitespace before the command can prevent the unencrypted token being stored in
133-
your shell history (requires `HIST_IGNORE_SPACE` for zsh or `HISTCONTROL=ignorespace`
134-
for bash).
136+
You can also pass the literal token into the command, but doing it this way means then
137+
token can't be saved to your shell history. A space before the command can also prevent the
138+
unencrypted token being in your shell history (requires `HIST_IGNORE_SPACE` for zsh or
139+
`HISTCONTROL=ignorespace` for bash), but then you can't recall the command.

charts/backend/values.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ serviceAccount:
4343
secrets:
4444
githubAppClientId: AgBGJChwcZVcnz5Zrs/BGVCu6PgGdga8Vg/w6Nv5ZUbN04/tkT+uz98as3TSJH9/A7cK3ebzmcrHATeNT/zzmaZjkz6qieCmHgKrTraHrGN7gOxd7zDyeD15iQY8tUdZx+iGKKyvpvuyHlRv6TfypgnOwf3Jif8wXZnNDpz7e+aJSORvlSxqftJFCaU9VaK0ahKeWWC+FxoON9AHLddQwp/rAele8xJLvWNudyFkv4p4lPSbmFOX19IagkMtw9YbZ6Aa16xrGrDJxgNhJHAluQ+ncPDPiH3BnSxzwwAnHSLgCE82pEnpF9cgpHVDyeImb9a1IiZIW6ftjgEpnkS7v7YhIq3Lovr/NMkOwSWGQP2dznn2ZF8tDREW3JZFJOrYKTnErqyP3zFZUVuJbpXANMcm6bD2hOTK0qXj1dHZXwXOnOKO0aRhEtNa05umSST55RkVOdRAC6D08VguOvSvSEDxHzas8GbMyBfdAt8Porqie2qJ5fzf0Y22rmrZW00gJes0XsdTe9N74nH0y3kZANn61LRlS2dMQ33lqU6KFG0dp754GDuA3FQ3ZgR8ZvbQPi+dArHjgmfqPtOHTQNxMG1vfrlFUyI+zNqmysO1PZBc4jXNZ7pOVlJX4n/d/kjF/pbRNdNgHgXA2e3WU217AOUhMOUbOfYn3NV0OVJ2mjrpWgecWgPMEF9kfBSy9kp9en9MZzUM/MeTgQyKCIC6ABNqCZEQew==
4545
githubAppSecret: AgAHXs6tAywlS5DpcPVx54GQlLzwSoioFt2meRBxfm4MBFIcJTQcgaZuSYTTctbqJP04jIY3KVfGAzNKF7YLC7+RULVbA1SHtFJt8R9Um1CHOT+Z1n1nkDVUEvy3MA0vKyhjDfHNG/2AAE/kW58PKcFSXyKFBxsWUDRHuRLg9kXZ3kOGfuF8VAY/5pQJt0EB+4bBLt8h5/vVXl66p5QBci6m1pMBqlFTAI+rnHDMCCM4NJQrZOFblQGBc1U5/nc+0sUO31/wltu3EvZ6oAc0S215G+6UkRclXxD8UNKrXV0+wXvQsaAQBsraXTA6RokKWEapSZStw47tQxihZPdnt5xdFmKMd0kbgqt+bWcTNku6kvHxLyggKKGuvJlRAvu4sxDntbeyffN5oUw9SKkaTVHnCtzYk/9ewaA9oaZYQ6DPSarF0cAkSayBvhNd8NxBXj+NOkY9Za/if3Pb7MMkudg9D5YS28Ib5GoXz21BXEoYOMdzgde9fwsTfan0YD2/JPHEe1FI+/QrLCdHCAfZhzKpm+9dnMxGktueVkpfiGitB0T0SYkN4lz9hA/G/5UadXlZ5hZmOSVXUMfGhmzyjcaQWgsUn9rTFqmDpF9RwI8JCUrvBF5vKM9JsWNnoV/CXKIwhNX08UF39GeUax7cEnJjxyuRkg2IFQH7emkv8XwTEPDz2/PsSjcUEwlkE0P4xpRoAPNuOCAw1WVB/86Ms6Cs+/nCa4E8lGNIRWQs4h5sBpzbLvfaUy+a
46-
githubToken: AgAn7psY+sEixsmAZNabvTQI/UMDPj5xrKhrSM1vrH8DeY0yQmSNbyOrzp+QsCdNfeCYsiUGvprG8wjjL8vtyu9vMJUVbqAB00zUY6aBK2fRr+0t1W7cO4x3aLFucuYhaDzu8SWYg7xZipJ33tCF4uiY6c+MN6fGzQ2NjiGn8dBoBNgAVBExTPGMNdn64/yiTtREuhQCVmVMtSnv1fFFcRMNOOiZIXdG9cXL0+igUN8TSylzZoo0rNbUoeRuB0onTJLT7nQze5K/QQIiCNHZ7pWfzEmZ4HsFnibfZLnVifO90E7ohaF0t5nNUwhlqvz6odTF9ptIwuT5DpZEyX89yDzrqA+79RuIwQxWND9aNg3OhUZ0bAGlTqkzFusyWWXa2yAjIpMWWxigaRcQT9zyiVN5ANBb8RzBlEZDTmisG/wjOKd8SYJPs8/2SEF8TDoet0n2UvRmfCTqpdXunpg+w+SZubvRYayHG5EE6q9BsyMXuf4k4CUzkHJ8OlG1b3OSRWCxHD2JmZAIVp1dCzAXswYkN6Q0pN63kJU5pa/yHgJ03mE11hHX8Ey8UcRf5JM7EK/OWe6RQ6+9DAQWbEHkCPhJ1clBl1hxedwnHdvogCDx7YFX81CxP8lcFK922Y9hVNYUzbCFjSxwYm5PprpzK3RFnvdR2ivW/D5iVRMidbre+vTAl9AjSSmDnhDA4tb6NSHwfCNJzw7k6XSiGehteEJDQE6r+yiOKLJ1WB3jykGTtvKTeJ2vKDlZ
47-
gitlabToken: AgChjuPsJxMP91E2wFdzdKht+sgdXgeSaAzh+nh/NqJVkktoZyob1RTaYHul2D29rUjMGn3Tj5Dwr0+wS87Ka+3cfwfXvrQPATpQDSO9LmOyVuUI8fCK7fZLWvixcPPmS8jcreqTHRedCh/6bOrymyVCuh+OEUawXmNpA9c8cduuBAat4VpsN1N6hoGqR/yiR+6PGj4rcfXosmbepunuiw04kzLY6/vH8vzoeO2RRdVf/ctfEscAbKl56EblQpyH9TTT6rVUdjSMoxI2juqeePaDrAAtoYxBf04UKfrxWMJsUW74mPtKdNdL8s1eQW9qGUNU7Nk1j4G+N3OULcwEd0ECp0w1Cc9u7iYaMC4SXdR7eCdTdAYJAUU4HgUdDNEYMS3ya1dzWvXxCAMkPegv5mEljod3+Qr1UmwrKz37aJrtTlz6XcyNXxCqeRbH/tuNzk8GwBLxMqT534zAHFgLljn5CclMQmy8KvJgoGo3jT8fBlRFGL0tDiiQZiK4MztQM2SxnGfkLrx938dSBjqB9RTWjOkqkl6Rn43PyRjOpWYZ6Lua7kYpCUvikTXNRoOcYyjF49XCF8NpszsyPDWbdqeBC1T92JRYIbWj4oEHj8nDWzLvtLBt2N9FA7i5xXSYUSTDREZizkpaEXk0m+iJmdbCBCrmznlDRmVrISz+DPpeMtF+AZ/bJztnUbSapFmys2f6rOqQ4LfMacyLH4WLFZbbnTPX49hJQ77OQw==
46+
githubToken: AgDPo+JJ+7q4u3AYEJaJaWqocyrShSAwdSbQg3aM2FKnOvZeDRS1mmbaoaUQdM9NmBFhsjflNWvENAS1ZGkN6WHuwWK0XMKbU4CzdbDPt8ijxBamBiflXVGheM1NoDfynpe5b2cU2TAWr2qFyPRGgbj0tH8KNoytzhYeeXDJUryQs7oTOxXA4+4u99Hp6n5uF1NVtB3WThejQ2uKKRmrw/ZszS2ciY6z0VgFmg1SPFbrSEnQtZyLEO2DpMC8FhI6strSIBuEUfB/ElKdnAaCjW0W4fnbJZGvJUnpUCITvzjTueyOd1FoMA1CfSLXDWm9hK525CHoedzPIotWtxdYDYw9ck5oV/Sk24nRRr0MyTmaPc0qfv1mFabo0BDp83MFDA1llUEA64sguaqGcXfmMTkeBGwal31fGTGXPatWl/yy/kIMYU+QLRVWzDg5RA6ZEeFRgD97MiYWwxek7vEbe4+IwyLCitylGGC6dB8gx/9DAX99yDuOySYu5YyEArZMJHmsy7X2pIAPKE/EU2Vd94THkguVtgvF/7Am9woMRoF6BKr14WFsNRkQiJstPZ0w09bUsMkgQQ3JiSzSa0PgMs20MWxm1IYeHg+ZaYGDe0IrXRE8j7LWvv7qJkW7h681Y2LNLqOIzGx+PgcwY41IuTz08KJaAItJBdvF2Uk/C1v5gOjqxBmlgpF9Vc9ur8qJPIVkGbp7SiHj21VXoXaCFNZqOnRQJ/cOB4/LMAILdkToDU02Hp4PFmZ5
47+
gitlabToken: AgBLhuc5GonGmPSdbnkS4nvEs958x13lqquIK7hhlWqfnC7FLbpyvUiUhojuLc/DoG8Di5yMUR3F3ILN41iHqVrhkmZ7d9dwNtwWCuyeRQxVsPBIRAcgGHZGXTlsJaNYfZ4f5tl5Jw/0AFPmykew6SzylvP5H7b8syrn7iOYsfZoWKtuJ3C4THEiuudl/gJR0TzvVubWJalt1uLC7qwvnqayQaYaSCyn+q4EQ1ktiptFE+pWlDxWkQj74Trp66yeTWD9rxlzsjZxVywcvawbajsWU/sdVHumPIC8HkWUO7/2eIOxr2YtX9tfd2Dv0bnbFSUTPmM5TyNlz7teBy8Spb25IqJOCbOzhmgKj5FvvD/SzTiLL9MMzIrJhipWAq5svwlpR4hXa2a+XO32nvzjsER5tNb8gvMGb6fXoqStdquodKuucUCj83oNanEh1bVGTP7XK833kVzObYSRS+zNrJ2I8EGipQDR8E1B3Xe/pNqjFnbb7zQeBfL6if8jSUMq+0DUdza7nriZ67kngmoZl9Bu05CEpOzb/b8n/ZBt4wXikM4LDB+HnAwIvFYlTJWayUp3+xpVjeK6wZcJE+
4848
s3AccessKeyId: AgCkGhsZpj7RCX3/mDHpa38PyU1OfWKjdClYhFt5YaolEzvSazv5btvW+nL1vJ7ZxDdx6CPbaU8Ihg070EZ5ROfm6X1Ic0VY0QkRZg0gW2OfEMi/BPZwesCh3RWkwLTb4oO1ZiRFWWLbupf2Iv5CVEbGEhyLJGRBOvF2DVOsp5ZvJC+iyJ6U0vyIHxtlVqhI7yHVHfFtBgisqMdEbtJRDY10KHx+8iqrYpP1oNJONrF4gSM7uXpLFkDD+27neycs+2wSNIHqmDa4XCbHuUFkztElp2/CiazBK+0URAK5F8KuUktyz91/BnYtEjD/+3LwhETdZAk0vQZtSrMGyhG8ZiD0+yiuylztWxk8vYNEVfB+zeDJf+Wa6BnKtDDAmKjwWUSGqxGjrys3RDur3gjQpqhPetdE5U2kkKIsu06ijYEhPgKIjPAJVDJRVrZTJg8xHgh1XXVirBRYhUgLLIxr+y/AsCTiekvsG8NwiE80VgpmlsFZBz62Vx3esmsYQsJo2SQqMk1gsgwXt4DZw8rvJzWmMNw0Xa/9Wl/CZQHCIdrmkn8P/A6hwo2yDS8AmIUp77/KEBrqDLmz2bBcOrKlcEbw2bKusn1fScmoOEKvgE/Ew7JfPp74YxoOfLdpqjh74F3Pav+AEIBolRbDOc/t7eTbppiwESaBfLytUMV3C77C0FTvfd50t1I8YZQPTnBPw2tGP7I6iJn/udr7vmrX4tkM8LCz5Q==
4949
s3AccessKeySecret: AgAVE6KEEy1Vh97M/rHz9LRCzJ4do9GFRtQYO7o3tD6jpOQAbLHRHptBESSSJDBRWZia2wBjGL+rIwg/UW/EHDklHwq98wlF45ARCc38fGCJtYUlBWkE9bR1ERvA5eICmv5AduH7RxBPdhDTTwxASYH52xn0gq7tBlRg9a+Z7a7axKbfPd1ILCRWZKIm86aKoOiEryIc/9p8wP/il/JS8SmcOThyVarIEeaIVORKobdbFSXsuYmANNCN/say5rZQ7CB6+YoBk6jyWE9BRLMd33BTP3vY/bxywLdas6mgzCpEkjKtd1AQgtPiu68i8CJzS+XBN/QqWtcYzf7B7R5yvYmk4WL0X010EdkB1vxCu3tzMmk6Y6wzQ6IU1573ZnjL+8dro3keqBcZSM/qxGyfu/VrUiUkoKFu9gzKeUI+EmCFuJh0sx06PJiR8+kxaIOVHPy+XH6Xzw3NkztTDkhfbqj4mWbbuCgySmkLTJU4SjYI2gpqfqAUuHgosnYhl8mNiOYQ0e8yMTJNALgo1g+uTzjey5Aui93MpADmPkVOpZe/I9Wwn88v6hdpZrwbQrcU/JI7lo5YHDx7DRONT6boYAhRsgwKOZNlm//OhcXBjvs5CtVzlWEXHwj3jsJnQCYdu86a1hEGAMnDRY117f87kAEIY03CZuuUoAj2xsz2M5syl+54rIJ2Ps4kpJEB+VFBJ42ynYVAZddeXJYh6VZX+Ba8uHkX/05KkkCa79XizRyoh3cuEcBa9K/t

0 commit comments

Comments
 (0)