admin icon indicating copy to clipboard operation
admin copied to clipboard
verified publisher icon nodejs

doc: request token for wiby

Open bjohansebas opened this issue 6 months ago • 6 comments

Should fix https://github.com/nodejs/package-maintenance/issues/629

This token should have push access to the following repositories:

  • https://github.com/wiby-test/partial
  • https://github.com/wiby-test/fail
  • https://github.com/wiby-test/pass
permissions:
  contents: write
  pull-requests: write
  statuses: read

The bot that has access to this is called @wiby-bot, and the access credentials are in Node.js's 1Password.

imagen imagen

bjohansebas avatar Jul 11 '25 19:07 bjohansebas

cc: @nodejs/tsc

bjohansebas avatar Jul 19 '25 15:07 bjohansebas

@legendecas we don't actually need @nodejs-bot. As I mentioned, the bot that has access to those repositories is @wiby-bot, so that's the one that can generate the tokens I need.

I'm requesting this because someone with access to the @wiby-bot account posted this comment, so I assume the process needs to be handled here.

The reason I need these tokens is because that's how the wiby package currently works, the tokens are used to create branches in those repositories and to read the status of commits. They're essential for getting all the tests in the repo to pass. Right now, I can't test that functionality, so every time I make changes, I have no way to know if I'm breaking the integration or not. Without those tokens, the tests fail, and that has blocked me from continuing to maintain the package.

bjohansebas avatar Jul 25 '25 00:07 bjohansebas

@nodejs/tsc, any way to unblock this?

bjohansebas avatar Jul 30 '25 14:07 bjohansebas

Hey, @nodejs/tsc, could you please review it?

bjohansebas avatar Aug 15 '25 21:08 bjohansebas

I think the questions still remain:

  1. The repo requesting the token is not hosted under https://github.com/nodejs,
  2. The requested token owner is not @nodejs-github-bot,
  3. The permission requested includes write permissions to repos outside of https://github.com/nodejs.

This is out of scope of the management of nodejs admin.

@nodejs/package-maintenance @mhdawson @dominykas I'd appreciate if you could chime in to help moving this forward.

FWIW, the current @wiby-bot account owners are https://github.com/nodejs/email/blob/02aa2cdad44a66c18529fd87dd80ebe7210585c7/iojs.org/aliases.json#L191-L197

legendecas avatar Aug 17 '25 21:08 legendecas

Hey @nodejs/tsc, we can also store the token info in the package-maintenance repository, and have the group manage it, since technically this package is part of pkgjs and therefore under the working group’s direction

bjohansebas avatar Nov 09 '25 14:11 bjohansebas