Introduce new pattern of Github PAT usage for #2641 #22177
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As per #2641 updating GH workflows in cloud repo to reflect changes in PAT usage
The following naming pattern is introduced -
GH_PAT_<role>_<repo>
Proposed changes:
Comments:
GH_PAT_*
tokens are already created on org level and ready for use, all their repository access is preserved.SUPERTOPHER_PAT
was chosen to be a backup PAT for start/stop aws instances both in OSS and Cloud repo.OCTAVIA_4_ROOT_ACCESS
pat is too permission excessive (x-oauth-scopes: admin:enterprise, admin:org, admin:org_hook, admin:repo_hook, delete:packages, gist, notifications, project, repo, user, workflow, write:discussion, write:packages) that's why it is proposed not to use this token in our workflows and use it only aslast resport
and in exceptional cases.OCTAVIA_PAT
has broader permissions comparing toAIRBYTEIO_PAT/DAVINCHIA_PAT
that's why it can be used to work with labeling & slash commands workflows.