Image Controller

 

Deployment of image-controller

Image Controller secrets

List of secrets:

Name Source Description
quaytoken appsre vault Secret containing ‘organization’ and ‘quaytoken’ with permissions to create repositories

Rotation rule: Secrets must be rotated within 7 days after someone with access leaves the organization. Secrets older than one year should be rotated.

Instructions for rotation of quaytoken

Prerequisite:

Process for production instance:

  1. Reset Client Secret on Application Oauth page
  2. Generate new Token on Application generate token page, with permissions:
    • Administer Organization
    • Administer Repositories
    • Create Repositories
  3. Put token from step 2. to app-sre vault to stonesoup/production/build/image-controller

Process for stage instance:

  1. Reset Client Secret on Application Oauth page
  2. Generate new Token on Application generate token page, with permissions:
    • Administer Organization
    • Administer Repositories
    • Create Repositories
  3. Put token from step 2. to app-sre vault to stonesoup/staging/build/image-controller