verify token is functional when fetching secrets from another github …

…environment
opencrvs · Aug 26, 2024 · e9dbd9d · e9dbd9d
1 parent 0de8f0b
commit e9dbd9d
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/.github/workflows/get-secret-from-environment.yml b/.github/workflows/get-secret-from-environment.yml
@@ -43,6 +43,17 @@ jobs:
             exit 1
           fi
 
+      - name: Verify GitHub token validity
+        id: verify-token
+        run: |
+          RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer ${{ secrets.gh_token }}" \
+                            "https://api.github.com/user")
+          if [ "$RESPONSE" -ne 200 ]; then
+            echo "Invalid or expired GitHub token."
+            exit 1
+          fi
+          echo "GitHub token is valid."
+
       - name: Check if environment exists
         id: check-env
         run: |

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -75,6 +75,7 @@ INSERT CSV ROWS IN ENGLISH ONLY
 
 ### New features
 
+- Environment creator script now requires countries to provide a Github token with no expiry date. This is reduce effort in keeping the token up to date.
 - Certificate handlebar for registration fees `registrationFees` [#6817](https://github.com/opencrvs/opencrvs-core/issues/6817)
 - Logged in user details handlebar `loggedInUser` [#6529](https://github.com/opencrvs/opencrvs-core/issues/6529)
 - Supporting document fields can now be made required