mirror of
https://github.com/cisagov/manage.get.gov.git
synced 2025-07-31 06:56:33 +02:00
0f5f6e24a8
* add script for rotating secrets and runbook for description of script * add a note about why we rotate * fix gh auth login if statement * Update scripts/rotate_cloud_secrets.sh Co-authored-by: Seamus Johnston <seamus.johnston@gsa.gov> * add some comments about cf versions Co-authored-by: Seamus Johnston <seamus.johnston@gsa.gov>
17 lines
771 B
Markdown
17 lines
771 B
Markdown
# Cloud.gov Continuous Delivery
|
|
|
|
We use a [cloud.gov service account](https://cloud.gov/docs/services/cloud-gov-service-account/) to deploy from this repository to cloud.gov with a SpaceDeveloper user.
|
|
|
|
## Rotating Cloud.gov Secrets
|
|
|
|
Make sure that you have cf v7 and not cf v8 as it will not work with this script.
|
|
|
|
Secrets are set and rotated using the [cloud.gov secret rotation script](./scripts/rotate_cloud_secrets.sh).
|
|
|
|
Prerequistes for running the script are installations of `jq`, `gh`, and the `cf` CLI tool.
|
|
|
|
NOTE: Secrets must be rotated every 90 days. This script can be used for that routine rotation or it can be used to revoke and re-create tokens if they are compromised.
|
|
|
|
## Github Action
|
|
|
|
TBD info about how we are using the github action to deploy.
|