Skip to content

⚠️ DEPRECATED: Setup GitOps Personal Access Token (PAT)

This document is DEPRECATED as of 2025-11-21.

Use instead: Setup GitOps GitHub App Authentication

Why This is Deprecated

The CI/CD workflow (ci-cd.yml) now uses GitHub App authentication instead of Personal Access Tokens.

The workflow uses:

  • APP_ID secret (GitHub App ID)
  • APP_PRIVATE_KEY secret (GitHub App private key)

Not:

  • GITOPS_PAT (Personal Access Token) ❌ No longer used

Migration Required

If you previously set up GITOPS_PAT:

  1. Read new guide: setup-gitops-github-app.md
  2. Create GitHub App with appropriate permissions
  3. Add secrets: APP_ID and APP_PRIVATE_KEY to syrf repository
  4. Test: Verify promotion workflow works
  5. Clean up: Delete GITOPS_PAT secret and revoke the PAT

Why GitHub App is Better

Feature GitHub App ✅ PAT
Scoped to specific repos ✅ Yes ❌ No
Organization identity ✅ Yes ❌ No (tied to user)
No expiration ✅ Yes ❌ Requires rotation
Better audit trail ✅ Yes ⚠️ Mixed with user activity
Survives user leaving ✅ Yes ❌ No

For current setup instructions, see: Setup GitOps GitHub App Authentication