[TT-17507] Migrate jira-linter auth from JIRA_TOKEN to JIRA_READ_AUTH#141
Conversation
|
This PR migrates the The update replaces the Additionally, the external action checkout reference is updated from Files Changed Analysis
Architecture & Impact AssessmentWhat this PR accomplishes: Key technical changes introduced:
Affected system components:
Visualizing the Authentication Flow Change: Before: graph TD
A[Workflow Secrets] -- "JIRA_USER_EMAIL, JIRA_TOKEN" --> B(Go Linter);
B -- "Concatenates & Base64 Encodes" --> C(Authorization Header);
C --> D[Jira API];
After: graph TD
A[Workflow Secrets] -- JIRA_READ_AUTH --> B(Go Linter);
B -- Uses directly --> C(Authorization Header);
C --> D[Jira API];
Scope Discovery & Context ExpansionThe changes in this PR are confined to the Any repository calling the
Failure to update the secrets in consuming repositories will cause their CI checks that rely on the Jira linter to fail. Metadata
Powered by Visor from Probelabs Last updated: 2026-07-02T10:37:03.351Z | Triggered by: pr_opened | Commit: 77ce5a4 💡 TIP: You can chat with Visor using |
✅ Security Check PassedNo security issues found – changes LGTM. ✅ Security Check PassedNo security issues found – changes LGTM. \n\nArchitecture Issues (1)
✅ Performance Check PassedNo performance issues found – changes LGTM. Powered by Visor from Probelabs Last updated: 2026-07-02T10:36:02.283Z | Triggered by: pr_opened | Commit: 77ce5a4 💡 TIP: You can chat with Visor using |
Migrates
jira-linterfrom the expiring full-accessJIRA_TOKENto the scoped, read-onlyJIRA_READ_AUTHtoken. This is the same auth mechanism thatbranch-suggestionalready uses.JIRA_USER_EMAIL+JIRA_TOKENwith single pre-encodedJIRA_READ_AUTHJIRA_BASE_URLsecret instead of hardcoded https://tyktech.atlassian.netmaintoproduction