microsoft
/
component-detection
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
component-detection/docs/renewing-secrets.md

1.0 KiB
Исходник Постоянная ссылка Ответственный История

Renewing secrets

Almost all of our workflows require secrets and those secrets can be invalidated, deleted or expired so we need to know how to renew them.

The secrets in use today in the Component Detection repo can be found here:

  • GH_PRIVATE_REPO_PAT

Renewing GH_PRIVATE_REPO_PAT

  1. Click this link: https://github.com/settings/tokens/new
  2. (Optional) Name the token COMPONENT_DETECTION_GH_PRIVATE_REPO_PAT. This will make things easier to track in the future
  3. Check the following permissions:
    • Full repo scope
    • read:packages scope
  4. Click Generate token
  5. Copy and paste that token into notepad once you see it because it will disappear as soon as you leave the page
  6. Enable SSO for Microsoft organizations for the token
  7. In the Component Detection secrets page click update on GH_PRIVATE_REPO_PAT
  8. Paste in your new token
  9. Click Update Secret