Skip to content
This repository has been archived by the owner on Jun 21, 2024. It is now read-only.

change(jira-auth): change JIRA auth method to use PAT #56

Merged
merged 1 commit into from
Oct 25, 2023
Merged

change(jira-auth): change JIRA auth method to use PAT #56

merged 1 commit into from
Oct 25, 2023

Conversation

tomassebestik
Copy link
Member

@tomassebestik tomassebestik commented Oct 24, 2023
edited
Loading

This PR adds support for reading a token from the JIRA_PASS variable. This is here due to handle migration process from using username+password to PAT.

  • If the JIRA_PASS variable starts with the token: prefix, token-based authentication will be used (strip token: part first).
  • If the JIRA_PASS variable does not start with a token: prefix, basic authentication (username + password) will be used

The example workflows in the README documents retained the current version containing JIRA_USER. I recommend to keep it also in the template for new projects. It will be ignored anyway, but since there are already so many projects with it, maybe we can keep it as legacy code.

Next steps

  1. After merging this PR, set on org level:
  • JIRA_USER (will be ignored during token authentication, but must be present because we don't want to change a ton of existing yaml workflows)
  • JIRA_URL
  • JIRA_PASS with token value in the format token:<token-value>
  1. update Create project tools (remove uploading Jira Secrets to the GH repo)
  2. remove JIRA_USER, JIRA_PASS and JIRA_URL from all GH repos by script

Final state:

  • all GitHub projects will no longer have JIRA_USER, JIRA_PASS and JIRA_URL secrets, everything will be managed at the org-secrets level

Related

@tomassebestik tomassebestik changed the title change(jira-auth): change JIRA auth method to use PAT DRAFT: change(jira-auth): change JIRA auth method to use PAT Oct 24, 2023
@tomassebestik tomassebestik changed the title DRAFT: change(jira-auth): change JIRA auth method to use PAT change(jira-auth): change JIRA auth method to use PAT Oct 24, 2023
igrr
igrr approved these changes Oct 24, 2023
View reviewed changes
Copy link
Member

@igrr igrr left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM, but I haven't tested if it works — I'm assuming you will try this branch in a test repo before merging.

@tomassebestik
Copy link
Member Author

Code LGTM, but I haven't tested if it works — I'm assuming you will try this branch in a test repo before merging.

Thank you @igrr - tested here

  • first run with JIRA_PASS in the project -> authenticated by username+password, that was expected, test PASSED
  • second run JIRA_PASS removed from the project, org var used -> authenticated with token, expected, test PASSED
  • third run, no secrets in the repo (all goes from org variables) -> authenticated with token, expected, didn't fail due to missing secrets for the workflow, test PASSED

Seems like our approach is working fine .... I will fix docs as @tom-borcin suggest and merge it.

@tomassebestik tomassebestik merged commit f4f92b3 into master Oct 25, 2023
1 check passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tom-borcin tom-borcin tom-borcin left review comments

@igrr igrr igrr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tomassebestik @igrr @tom-borcin