Create long-lived tokens for CI/CD/automation (or tokens for a specific duration) #3692
Comments
|
We can definitely improve on this, but in the short term, the token returned by the cli-auth lasts 7 days. It will be refreshed if it's used at least once in that 7 day time period. So you can get the token from You can use the token in the cli directly, and not use You can also use env vars: Or write straight to the session file in |
|
Thanks for submitting the issue! I edited the description a bit so we can use this to track creating tokens and some docs around using Coder in CI. |
|
Thanks for the quick response! I didn't realize that the token in the browser is actually the access token 😉 Great product by the way 😊 |
|
@ghuntley brought up an interesting point that we should consider before we add long-lived tokens. We may want to consider generating tokens in a searchable format so they can be picked up in security scans: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning |
Also adding the convention into projects such as: |
|
|
We also have this requirement for pushing templates via Github actions. We're actually looking at something that can just keep templates in sync as they're updated. E.g. point coder at a repo revision of templates and it just takes care of it. |
|
@f0ssel thanks for the implementation! Is there any possibility to generate the token from the UI? |
|
Opening up #5409 |
Add a way (likely via the CLI) to generate API tokens:
Original description
I searched the issues with multiple keywords but I could not find any information on how to push template updates from Github Actions for example. Is that actually possible? So far I tried the username/password approach but that fails because it requires the user to enter the token from the browser.
The text was updated successfully, but these errors were encountered: