-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate alternative jenkins access for backups #3939
Comments
So to kickstart the discussion:
These were set up before I joined the WG so I'm a little fuzzy as to the distinction between the three accounts. What I do know:
(FYI @nodejs/security-wg who are currently threat modelling access across the project)
This is build/backup/backup_scripts/remove_old.sh Lines 25 to 26 in ba10835
|
The backup server relies on an individual contributors token to access jenkins, which is brittle if that contributor becomes emeritus.
Lets investigate a service account token for that purpose.
The text was updated successfully, but these errors were encountered: