ci: stop using personal access token for deployment api #1303
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
our approach to reporting deployment status changed so we no longer need the personal access token workaround. In the past, it was needed because the deploy-template.yml workflow was called by the parent deploy-vue-storefront-cloud workflow, which is prevented by: https://github.com/chrnorm/deployment-action/tree/3afecce166a0a2f92d3a9e7351a9908a72121c24#notes using a personal access token is also not secure since if stolen it could be used to push to the deployment status of every repo I have access to (including vsf org).
Contributor
Author
|
The PAT also expires so this is just one less maintenance job to do. The deployment failed because I cancelled it after a few s onec i saw that the Create deployment step is working |
sethidden
force-pushed
the
stop-using-pat-for-deployments
branch
from
0b8bcec to
a82fc9f
Compare
bartoszherba
approved these changes
Jul 25, 2022
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
our approach to reporting deployment status changed so we no longer need
the personal access token workaround. In the past, it was needed because
the deploy-template.yml workflow was called by the parent
deploy-vue-storefront-cloud workflow, which is prevented by:
https://github.com/chrnorm/deployment-action/tree/3afecce166a0a2f92d3a9e7351a9908a72121c24#notes
using a personal access token is also not secure since if stolen it
could be used to push to the deployment status of every repo I have
access to (including vsf org).