Update dev-portal GitHub/GitLab API tokens

README.md

@@ -83,7 +83,7 @@ each print an encrypted token that is safe to commit and push to GitHub.
 
 ### GitLab API Token
 
-The GitLab API token is maintaine under a machine user account and can be rotated via a
+The GitLab API token is maintain under a machine user account and can be rotated via a
 POST request with the existing token. There are separate tokens for dev-portal and
 dev-portal-dev. The script works for both depending on which cluster is currently
 active. To rotate the dev-portal token, run
@@ -104,18 +104,22 @@ New encrypted gitlab-token for developer-portal-dev-backend:
 <encrypted-token>
 ```
 
+If the token has already expired, you will need to request a new one from a GitLab
+admin. With this you can use the following process for GitHub API tokens to manually
+create the encrypted version for the sealed secret.
+
 ### GitHub API Token
 
 The GitHub API token is slightly more complicated. Currently it is linked to a user
 account and needs to be manually rotated and copied in the user GitHub developer tools
 settings. The same token is used for both dev-portal and dev-portal-dev, but the
 SealedSecret needs to be encrypted by the specific cluster it will be applied to.
 Again the script will handle this if the correct cluster is active. To update the
-dev-portal token, run
+dev-portal token, copy it to your clipboard and run
 
 ```bash
 $ module load argus
-$  util/encrypt-github-token.sh <unencrypted-token>
+$ util/encrypt-github-token.sh $(xclip -o -selection clipboard)
 New encrypted github-token for developer-portal-backend:
 <encrypted-token>
 ```
@@ -124,11 +128,12 @@ or for the dev-portal-dev token
 
 ```bash
 $ module load pollux
-$  util/encrypt-github-token.sh <unencrypted-token>
+$ util/encrypt-github-token.sh $(xclip -o -selection clipboard)
 New encrypted github-token for developer-portal-backend:
 <encrypted-token>
 ```
 
-Note the whitespace before the command can prevent the unencrypted token being stored in
-your shell history (requires `HIST_IGNORE_SPACE` for zsh or `HISTCONTROL=ignorespace`
-for bash).
+You can also pass the literal token into the command, but doing it this way means then
+token can't be saved to your shell history. A space before the command can also prevent the
+unencrypted token being in your shell history (requires `HIST_IGNORE_SPACE` for zsh or
+`HISTCONTROL=ignorespace` for bash), but then you can't recall the command.

charts/backend/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: developer-portal-backend
 description: A Helm chart for deploying the Diamond developer portal backend
 type: application
-version: 0.2.0
+version: 0.2.1
 appVersion: 0.0.28
 dependencies:
   - name: common

charts/backend/values.yaml

@@ -43,7 +43,7 @@ serviceAccount:
 secrets:
   githubAppClientId: AgBGJChwcZVcnz5Zrs/BGVCu6PgGdga8Vg/w6Nv5ZUbN04/tkT+uz98as3TSJH9/A7cK3ebzmcrHATeNT/zzmaZjkz6qieCmHgKrTraHrGN7gOxd7zDyeD15iQY8tUdZx+iGKKyvpvuyHlRv6TfypgnOwf3Jif8wXZnNDpz7e+aJSORvlSxqftJFCaU9VaK0ahKeWWC+FxoON9AHLddQwp/rAele8xJLvWNudyFkv4p4lPSbmFOX19IagkMtw9YbZ6Aa16xrGrDJxgNhJHAluQ+ncPDPiH3BnSxzwwAnHSLgCE82pEnpF9cgpHVDyeImb9a1IiZIW6ftjgEpnkS7v7YhIq3Lovr/NMkOwSWGQP2dznn2ZF8tDREW3JZFJOrYKTnErqyP3zFZUVuJbpXANMcm6bD2hOTK0qXj1dHZXwXOnOKO0aRhEtNa05umSST55RkVOdRAC6D08VguOvSvSEDxHzas8GbMyBfdAt8Porqie2qJ5fzf0Y22rmrZW00gJes0XsdTe9N74nH0y3kZANn61LRlS2dMQ33lqU6KFG0dp754GDuA3FQ3ZgR8ZvbQPi+dArHjgmfqPtOHTQNxMG1vfrlFUyI+zNqmysO1PZBc4jXNZ7pOVlJX4n/d/kjF/pbRNdNgHgXA2e3WU217AOUhMOUbOfYn3NV0OVJ2mjrpWgecWgPMEF9kfBSy9kp9en9MZzUM/MeTgQyKCIC6ABNqCZEQew==
   githubAppSecret: AgAHXs6tAywlS5DpcPVx54GQlLzwSoioFt2meRBxfm4MBFIcJTQcgaZuSYTTctbqJP04jIY3KVfGAzNKF7YLC7+RULVbA1SHtFJt8R9Um1CHOT+Z1n1nkDVUEvy3MA0vKyhjDfHNG/2AAE/kW58PKcFSXyKFBxsWUDRHuRLg9kXZ3kOGfuF8VAY/5pQJt0EB+4bBLt8h5/vVXl66p5QBci6m1pMBqlFTAI+rnHDMCCM4NJQrZOFblQGBc1U5/nc+0sUO31/wltu3EvZ6oAc0S215G+6UkRclXxD8UNKrXV0+wXvQsaAQBsraXTA6RokKWEapSZStw47tQxihZPdnt5xdFmKMd0kbgqt+bWcTNku6kvHxLyggKKGuvJlRAvu4sxDntbeyffN5oUw9SKkaTVHnCtzYk/9ewaA9oaZYQ6DPSarF0cAkSayBvhNd8NxBXj+NOkY9Za/if3Pb7MMkudg9D5YS28Ib5GoXz21BXEoYOMdzgde9fwsTfan0YD2/JPHEe1FI+/QrLCdHCAfZhzKpm+9dnMxGktueVkpfiGitB0T0SYkN4lz9hA/G/5UadXlZ5hZmOSVXUMfGhmzyjcaQWgsUn9rTFqmDpF9RwI8JCUrvBF5vKM9JsWNnoV/CXKIwhNX08UF39GeUax7cEnJjxyuRkg2IFQH7emkv8XwTEPDz2/PsSjcUEwlkE0P4xpRoAPNuOCAw1WVB/86Ms6Cs+/nCa4E8lGNIRWQs4h5sBpzbLvfaUy+a
-  githubToken: AgAn7psY+sEixsmAZNabvTQI/UMDPj5xrKhrSM1vrH8DeY0yQmSNbyOrzp+QsCdNfeCYsiUGvprG8wjjL8vtyu9vMJUVbqAB00zUY6aBK2fRr+0t1W7cO4x3aLFucuYhaDzu8SWYg7xZipJ33tCF4uiY6c+MN6fGzQ2NjiGn8dBoBNgAVBExTPGMNdn64/yiTtREuhQCVmVMtSnv1fFFcRMNOOiZIXdG9cXL0+igUN8TSylzZoo0rNbUoeRuB0onTJLT7nQze5K/QQIiCNHZ7pWfzEmZ4HsFnibfZLnVifO90E7ohaF0t5nNUwhlqvz6odTF9ptIwuT5DpZEyX89yDzrqA+79RuIwQxWND9aNg3OhUZ0bAGlTqkzFusyWWXa2yAjIpMWWxigaRcQT9zyiVN5ANBb8RzBlEZDTmisG/wjOKd8SYJPs8/2SEF8TDoet0n2UvRmfCTqpdXunpg+w+SZubvRYayHG5EE6q9BsyMXuf4k4CUzkHJ8OlG1b3OSRWCxHD2JmZAIVp1dCzAXswYkN6Q0pN63kJU5pa/yHgJ03mE11hHX8Ey8UcRf5JM7EK/OWe6RQ6+9DAQWbEHkCPhJ1clBl1hxedwnHdvogCDx7YFX81CxP8lcFK922Y9hVNYUzbCFjSxwYm5PprpzK3RFnvdR2ivW/D5iVRMidbre+vTAl9AjSSmDnhDA4tb6NSHwfCNJzw7k6XSiGehteEJDQE6r+yiOKLJ1WB3jykGTtvKTeJ2vKDlZ
-  gitlabToken: AgChjuPsJxMP91E2wFdzdKht+sgdXgeSaAzh+nh/NqJVkktoZyob1RTaYHul2D29rUjMGn3Tj5Dwr0+wS87Ka+3cfwfXvrQPATpQDSO9LmOyVuUI8fCK7fZLWvixcPPmS8jcreqTHRedCh/6bOrymyVCuh+OEUawXmNpA9c8cduuBAat4VpsN1N6hoGqR/yiR+6PGj4rcfXosmbepunuiw04kzLY6/vH8vzoeO2RRdVf/ctfEscAbKl56EblQpyH9TTT6rVUdjSMoxI2juqeePaDrAAtoYxBf04UKfrxWMJsUW74mPtKdNdL8s1eQW9qGUNU7Nk1j4G+N3OULcwEd0ECp0w1Cc9u7iYaMC4SXdR7eCdTdAYJAUU4HgUdDNEYMS3ya1dzWvXxCAMkPegv5mEljod3+Qr1UmwrKz37aJrtTlz6XcyNXxCqeRbH/tuNzk8GwBLxMqT534zAHFgLljn5CclMQmy8KvJgoGo3jT8fBlRFGL0tDiiQZiK4MztQM2SxnGfkLrx938dSBjqB9RTWjOkqkl6Rn43PyRjOpWYZ6Lua7kYpCUvikTXNRoOcYyjF49XCF8NpszsyPDWbdqeBC1T92JRYIbWj4oEHj8nDWzLvtLBt2N9FA7i5xXSYUSTDREZizkpaEXk0m+iJmdbCBCrmznlDRmVrISz+DPpeMtF+AZ/bJztnUbSapFmys2f6rOqQ4LfMacyLH4WLFZbbnTPX49hJQ77OQw==
+  githubToken: AgDPo+JJ+7q4u3AYEJaJaWqocyrShSAwdSbQg3aM2FKnOvZeDRS1mmbaoaUQdM9NmBFhsjflNWvENAS1ZGkN6WHuwWK0XMKbU4CzdbDPt8ijxBamBiflXVGheM1NoDfynpe5b2cU2TAWr2qFyPRGgbj0tH8KNoytzhYeeXDJUryQs7oTOxXA4+4u99Hp6n5uF1NVtB3WThejQ2uKKRmrw/ZszS2ciY6z0VgFmg1SPFbrSEnQtZyLEO2DpMC8FhI6strSIBuEUfB/ElKdnAaCjW0W4fnbJZGvJUnpUCITvzjTueyOd1FoMA1CfSLXDWm9hK525CHoedzPIotWtxdYDYw9ck5oV/Sk24nRRr0MyTmaPc0qfv1mFabo0BDp83MFDA1llUEA64sguaqGcXfmMTkeBGwal31fGTGXPatWl/yy/kIMYU+QLRVWzDg5RA6ZEeFRgD97MiYWwxek7vEbe4+IwyLCitylGGC6dB8gx/9DAX99yDuOySYu5YyEArZMJHmsy7X2pIAPKE/EU2Vd94THkguVtgvF/7Am9woMRoF6BKr14WFsNRkQiJstPZ0w09bUsMkgQQ3JiSzSa0PgMs20MWxm1IYeHg+ZaYGDe0IrXRE8j7LWvv7qJkW7h681Y2LNLqOIzGx+PgcwY41IuTz08KJaAItJBdvF2Uk/C1v5gOjqxBmlgpF9Vc9ur8qJPIVkGbp7SiHj21VXoXaCFNZqOnRQJ/cOB4/LMAILdkToDU02Hp4PFmZ5
+  gitlabToken: AgBLhuc5GonGmPSdbnkS4nvEs958x13lqquIK7hhlWqfnC7FLbpyvUiUhojuLc/DoG8Di5yMUR3F3ILN41iHqVrhkmZ7d9dwNtwWCuyeRQxVsPBIRAcgGHZGXTlsJaNYfZ4f5tl5Jw/0AFPmykew6SzylvP5H7b8syrn7iOYsfZoWKtuJ3C4THEiuudl/gJR0TzvVubWJalt1uLC7qwvnqayQaYaSCyn+q4EQ1ktiptFE+pWlDxWkQj74Trp66yeTWD9rxlzsjZxVywcvawbajsWU/sdVHumPIC8HkWUO7/2eIOxr2YtX9tfd2Dv0bnbFSUTPmM5TyNlz7teBy8Spb25IqJOCbOzhmgKj5FvvD/SzTiLL9MMzIrJhipWAq5svwlpR4hXa2a+XO32nvzjsER5tNb8gvMGb6fXoqStdquodKuucUCj83oNanEh1bVGTP7XK833kVzObYSRS+zNrJ2I8EGipQDR8E1B3Xe/pNqjFnbb7zQeBfL6if8jSUMq+0DUdza7nriZ67kngmoZl9Bu05CEpOzb/b8n/ZBt4wXikM4LDB+HnAwIvFYlTJWayUp3+xpVjeK6wZcJE+
   s3AccessKeyId: AgCkGhsZpj7RCX3/mDHpa38PyU1OfWKjdClYhFt5YaolEzvSazv5btvW+nL1vJ7ZxDdx6CPbaU8Ihg070EZ5ROfm6X1Ic0VY0QkRZg0gW2OfEMi/BPZwesCh3RWkwLTb4oO1ZiRFWWLbupf2Iv5CVEbGEhyLJGRBOvF2DVOsp5ZvJC+iyJ6U0vyIHxtlVqhI7yHVHfFtBgisqMdEbtJRDY10KHx+8iqrYpP1oNJONrF4gSM7uXpLFkDD+27neycs+2wSNIHqmDa4XCbHuUFkztElp2/CiazBK+0URAK5F8KuUktyz91/BnYtEjD/+3LwhETdZAk0vQZtSrMGyhG8ZiD0+yiuylztWxk8vYNEVfB+zeDJf+Wa6BnKtDDAmKjwWUSGqxGjrys3RDur3gjQpqhPetdE5U2kkKIsu06ijYEhPgKIjPAJVDJRVrZTJg8xHgh1XXVirBRYhUgLLIxr+y/AsCTiekvsG8NwiE80VgpmlsFZBz62Vx3esmsYQsJo2SQqMk1gsgwXt4DZw8rvJzWmMNw0Xa/9Wl/CZQHCIdrmkn8P/A6hwo2yDS8AmIUp77/KEBrqDLmz2bBcOrKlcEbw2bKusn1fScmoOEKvgE/Ew7JfPp74YxoOfLdpqjh74F3Pav+AEIBolRbDOc/t7eTbppiwESaBfLytUMV3C77C0FTvfd50t1I8YZQPTnBPw2tGP7I6iJn/udr7vmrX4tkM8LCz5Q==
   s3AccessKeySecret: AgAVE6KEEy1Vh97M/rHz9LRCzJ4do9GFRtQYO7o3tD6jpOQAbLHRHptBESSSJDBRWZia2wBjGL+rIwg/UW/EHDklHwq98wlF45ARCc38fGCJtYUlBWkE9bR1ERvA5eICmv5AduH7RxBPdhDTTwxASYH52xn0gq7tBlRg9a+Z7a7axKbfPd1ILCRWZKIm86aKoOiEryIc/9p8wP/il/JS8SmcOThyVarIEeaIVORKobdbFSXsuYmANNCN/say5rZQ7CB6+YoBk6jyWE9BRLMd33BTP3vY/bxywLdas6mgzCpEkjKtd1AQgtPiu68i8CJzS+XBN/QqWtcYzf7B7R5yvYmk4WL0X010EdkB1vxCu3tzMmk6Y6wzQ6IU1573ZnjL+8dro3keqBcZSM/qxGyfu/VrUiUkoKFu9gzKeUI+EmCFuJh0sx06PJiR8+kxaIOVHPy+XH6Xzw3NkztTDkhfbqj4mWbbuCgySmkLTJU4SjYI2gpqfqAUuHgosnYhl8mNiOYQ0e8yMTJNALgo1g+uTzjey5Aui93MpADmPkVOpZe/I9Wwn88v6hdpZrwbQrcU/JI7lo5YHDx7DRONT6boYAhRsgwKOZNlm//OhcXBjvs5CtVzlWEXHwj3jsJnQCYdu86a1hEGAMnDRY117f87kAEIY03CZuuUoAj2xsz2M5syl+54rIJ2Ps4kpJEB+VFBJ42ynYVAZddeXJYh6VZX+Ba8uHkX/05KkkCa79XizRyoh3cuEcBa9K/t