updating tokens

terrancedejesus · terrancedejesus · commit 17e4d28bc383 · 2025-01-09T10:21:52.000-05:00
diff --git a/.github/workflows/add-guidelines.yml b/.github/workflows/add-guidelines.yml
@@ -57,5 +57,5 @@ jobs:
         uses: mshick/add-pr-comment@v2
         with:
           message-path: ${{ env.GUIDELINES_FILE }}
-          repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          repo-token: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }}
           message-id: "guidelines-comment"
diff --git a/.github/workflows/attack-coverage-update.yml b/.github/workflows/attack-coverage-update.yml
@@ -39,7 +39,7 @@ jobs:
 
       - name: Update navigator gist files and docs/ATT&CK-coverage.md file.
         env:
-          GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}"
+          GITHUB_TOKEN: "${{ secrets.WRITE_DETECTION_RULES_NAVIGATOR_TOKEN }}"
         run: |
          python -m detection_rules dev update-navigator-gists "${{ github.event.inputs.update-coverage }}"
          git add docs/"ATT\&CK-coverage.md"
diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml
@@ -67,7 +67,7 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@v2
         with:
-          token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          token: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }}
           ref: main
           fetch-depth: 100
 
@@ -161,6 +161,6 @@ jobs:
       - name: "Notify slack on failure"
         uses: craftech-io/slack-action@v1
         with:
-          slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
+          READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }}
           status: failure
         if: failure()
diff --git a/.github/workflows/branch-status-checks.yml b/.github/workflows/branch-status-checks.yml
@@ -22,7 +22,7 @@ jobs:
       with:
         url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}"
         method: 'GET'
-        bearerToken: ${{ secrets.READ_ORG_TOKEN }}
+        bearerToken: ${{ secrets.READ_DETECTION_RULES_ORG_TOKEN }}
 
     - name: Check Backport Status
       uses: actions/github-script@v6
diff --git a/.github/workflows/community.yml b/.github/workflows/community.yml
@@ -15,7 +15,7 @@ jobs:
         uses: actions/github-script@v6
         id: membership
         with:
-          github-token: ${{ secrets.READ_ORG_TOKEN }}
+          github-token: ${{ secrets.READ_DETECTION_RULES_ORG_TOKEN }}
           result-encoding: string
           script: |
 
diff --git a/.github/workflows/kibana-mitre-update.yml b/.github/workflows/kibana-mitre-update.yml
@@ -2,7 +2,7 @@ name: Check MITRE ATT&CK Version Updates Are Synced
 
 on:
   pull_request:
-    types: 
+    types:
       - opened
     paths:
       - 'detection_rules/etc/attack-v*.json.gz'
@@ -18,8 +18,8 @@ jobs:
         id: changed-attack-files
         uses: tj-actions/changed-files@v44
         with:
-          files: detection_rules/etc/attack-v*.json.gz 
- 
+          files: detection_rules/etc/attack-v*.json.gz
+
       - name: Extract version from file name
         id: extract_version
         if: steps.changed-attack-files.outputs.any_changed == 'true'
@@ -33,9 +33,9 @@ jobs:
         run: |
           ISSUE_TITLE="[Security Solution] Update MITRE ATT&CK to ${{ steps.extract_version.outputs.version }}"
           ISSUE_BODY="The detection rules MITRE ATT&CK version has been updated to ${{ steps.extract_version.outputs.version }} Please update the MITRE ATT&CK version in Kibana accordingly."
-          
+
           curl -X POST \
-            -H "Authorization: token ${{ secrets.READ_WRITE_KIBANA_TOKEN }}" \
+            -H "Authorization: token ${{ secrets.WRITE_DETECTION_RULES_KIBANA_TOKEN }}" \
             -H "Accept: application/vnd.github.v3+json" \
             https://api.github.com/repos/elastic/kibana/issues \
             -d '{
@@ -44,4 +44,4 @@ jobs:
             }'
 
         env:
-          GITHUB_TOKEN: ${{ secrets.READ_WRITE_KIBANA_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.WRITE_DETECTION_RULES_KIBANA_TOKEN }}
diff --git a/.github/workflows/manual-backport.yml b/.github/workflows/manual-backport.yml
@@ -21,7 +21,7 @@ jobs:
       - name: Checkout detection-rules
         uses: actions/checkout@v3
         with:
-          token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          token: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }}
           fetch-depth: 0
 
       - name: Set github config
@@ -81,6 +81,6 @@ jobs:
       - name: "Notify slack on failure"
         uses: craftech-io/slack-action@v1
         with:
-          slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
+          READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }}
           status: failure
         if: failure()
diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
@@ -15,11 +15,11 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 1
-    
+
     - name: Fetch main branch
       run: |
         git fetch origin main:refs/remotes/origin/main
- 
+
     - name: Set up Python 3.12
       uses: actions/setup-python@v5
       with:
@@ -64,6 +64,6 @@ jobs:
 
     - name: Update navigator gist files
       env:
-        GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}"
+        GITHUB_TOKEN: "${{ secrets.WRITE_DETECTION_RULES_NAVIGATOR_TOKEN }}"
       if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
       run: python -m detection_rules dev update-navigator-gists
diff --git a/.github/workflows/release-docs.yml b/.github/workflows/release-docs.yml
@@ -31,7 +31,7 @@ jobs:
       - name: Checkout elastic/security-docs
         uses: actions/checkout@v3
         with:
-          token: ${{ secrets.READ_WRITE_RELEASE_FLEET }}
+          token: ${{ secrets.WRITE_DETECTION_RULES_RELEASE_FLEET_TOKEN }}
           repository: "elastic/security-docs"
           path: security-docs
           fetch-depth: 0
@@ -79,7 +79,7 @@ jobs:
 
       - name: Create PR to elastic/security-docs
         env:
-          GITHUB_TOKEN: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }}
           POST_VERSION: "v${{ github.event.inputs.post_version }}"
           TARGET_BRANCH: "${{ github.event.inputs.target_branch }}"
           UPDATE_BRANCH: "update-security-docs-prebuilt-rules-${{github.event.inputs.post_version}}"
diff --git a/.github/workflows/release-fleet.yml b/.github/workflows/release-fleet.yml
@@ -68,7 +68,7 @@ jobs:
         - name: Checkout elastic/integrations
           uses: actions/checkout@v3
           with:
-            token: ${{ secrets.READ_WRITE_RELEASE_FLEET }}
+            token: ${{ secrets.WRITE_DETECTION_RULES_RELEASE_FLEET_TOKEN }}
             repository: ${{github.event.inputs.target_repo}}
             path: integrations
             fetch-depth: 0
@@ -138,7 +138,7 @@ jobs:
             TARGET_REPO: "${{github.event.inputs.target_repo}}"
             TARGET_BRANCH: "${{github.event.inputs.target_branch}}"
             LOCAL_REPO: "../integrations"
-            GITHUB_TOKEN: "${{ secrets.READ_WRITE_RELEASE_FLEET }}"
+            GITHUB_TOKEN: "${{ secrets.WRITE_DETECTION_RULES_RELEASE_FLEET_TOKEN }}"
           run: |
             cd detection-rules
             python -m detection_rules dev integrations-pr \
