Migrate infrastructure password management to BitWarden

[sxa]

We are currently using LastPass. Switching to BitWarden will allow us to be in sync with what the Eclipse Foundation uses.

[sxa]

From discussions yesterday Eclipse consider their BitWarden organisation to be purely for internal Eclipse staff use, so (with EF Infra team's support) we intend to persue creating our own organisation which we will manage ourselves, and allow the EF webmaster to be a member of that organisation to ease sharing of credentials.

[sxa]

BitWarden organisation has been approved by the Adoptium Working Group and Eclipse have created the organisation for us. Existing accounts have been migrated across as-is.

[sxa]

Collections as follows with appropriate groups:

• "Internal Services" will be things like AWX etc. that we run ourselves.
• External services will be services we get from elsewhere e.g. Apple accounts, CloudFlare, JFrog etc. (Do we need to tier those for access? Things that releasers or API developers may require vs others)
• "Cloud Providers (restricted)" are cloud providers where each user should be able to use their own account, so should not require the credentials in here to do anything.
• Anything with - has no explicit permissions so is admin only (Currently myself, George, Martijn, and Tim)

(Not Changed collections contain items that have been migrated but not yet updated. Once updated, they will be moved into one of the other collections)

Collection	Read access	Read-write access
ZZ - AdoptOpenJDK (Not Changed)	AdoptOpenJDK	-
ZZ - Infrastructure (Not Changed)	-	infrastructure
Cloud Providers	infrastructure	-
Cloud Providers - Chargeable	infrastructure	-
Cloud Providers (restricted)	-	-
External Services	external-accounts	-
Internal Services	internal-accounts	-
Marketing	Marketing	-

[sxa]

Most passwords updated and categorised. A few outliers remain that I couldn't get into/change or were unused, and there are a few missing that I'll get around to. This list is mostly a "memo to self" so I complete them. I'll check them off as they're added

• Linaro (They started a new system so the old account doesn't work)
• OSUOSL/aarch64
• Marist (Now on self-service)
• MacInCloud (Old account is empty)

[sxa]

Bumping to April to continue this work - GA/MV to progress the next steps for some of the other accounts.

[sxa]

I believe all the steps required here are now complete with the exception of some things we have that are using a gmai.com address with are being unsubscribed as that requires google phone 2FA, so this is essentially complete as far as migrating to BitWarden is concerned.
Since the migration is complete, two additional infrastructure team members were added to the BitWarden account last week. Closing.