Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update GitHub Actions best practices: use OSBotify token as little as possible #31571

Closed
roryabraham opened this issue Nov 20, 2023 · 7 comments
Assignees
Labels

Comments

@roryabraham
Copy link
Contributor

Problem

Using OSBotify token requires repo secrets and extra steps. Sometimes it's necessary, such as when committing or pushing code in our CI.

Solution

Precisely nail down the scenarios when OSBotify is needed. When he's not, use the standard github.token instead.

@roryabraham roryabraham self-assigned this Nov 20, 2023
@roryabraham
Copy link
Contributor Author

Stopped using it for checklists, and that's a start. But there's a lot of usages currently.

Another example when the GitHub Actions token doesn't work is when accessing stuff at the org level like GitHub teams

@melvin-bot melvin-bot bot added the Overdue label Dec 1, 2023
@roryabraham
Copy link
Contributor Author

No update, lower priority item

@roryabraham
Copy link
Contributor Author

Created one PR to help move this in the right direction and eliminate a source of flakiness: #32848

@roryabraham roryabraham removed the Reviewing Has a PR in review label Dec 11, 2023
@melvin-bot melvin-bot bot added the Overdue label Dec 20, 2023
@roryabraham
Copy link
Contributor Author

No update, have been OOO

@melvin-bot melvin-bot bot removed the Overdue label Dec 20, 2023
@melvin-bot melvin-bot bot added the Overdue label Dec 29, 2023
@roryabraham
Copy link
Contributor Author

No update here

@melvin-bot melvin-bot bot removed the Overdue label Dec 29, 2023
@melvin-bot melvin-bot bot added the Overdue label Jan 8, 2024
@roryabraham
Copy link
Contributor Author

No update

@melvin-bot melvin-bot bot removed the Overdue label Jan 9, 2024
@melvin-bot melvin-bot bot added the Overdue label Jan 17, 2024
@roryabraham
Copy link
Contributor Author

Going to close this since we haven't been seeing nearly as many stability issues with the OSBotify bot token

@melvin-bot melvin-bot bot removed the Overdue label Jan 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant