#11951 [staging] Expired API token for toddlers bugzilla
Closed: Fixed 24 days ago by zlopez. Opened a month ago by zlopez.

Describe what you would like us to do:


There is an expired API token for bugzilla user for toddlers toddlers_stg_bz_api_key. I already regenerated it for production, but for staging I wasn't able to login with the password in ansible-private for the user. I tried to reset the password, but didn't noticed any password reset e-mail.

@kevin Could you help me with that?

When do you need this to be done by? (YYYY/MM/DD)


Not urgent as it's a staging.


Metadata Update from @kevin:
- Issue assigned to kevin

a month ago

Issue status updated to: Open (was: Closed)

a month ago

ok, I got the password reset, set a new password (it's in vars in ansible-private) and got a new api key and pushed it out.

Please let me know if there's still anything here.

Metadata Update from @kevin:
- Issue close_status updated to: Fixed with Explanation
- Issue status updated to: Closed (was: Open)

a month ago

Thanks @kevin. Where the mail was actually going?

Metadata Update from @zlopez:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

24 days ago

ok, I got the password reset, set a new password (it's in vars in ansible-private) and got a new api key and pushed it out.

Just a note that while it's good to rotate password every now and then, you can
also just update the expiration date of an existing token using:
pagure-admin admin-token

It simplify things since you don't have to deploy the new token. It may also be
interesting to do to increase the lifetime of the token (I forgot what's the
default value).

Hm, I always do this through web UI, I didn't know there is a command for it in pagure-admin.

There's some confusion here. ;)

bugzilla -> you have to use the web interface and get your api token

pagure -> you can use the ui, but thats a normal user token, to get an admin token you have to use pagure-admin cli

In this case, bugzilla.stage was repaved by them completely. They expired/dropped all api keys and synced the prod data to it. So, we would have had to get a new api key anyhow, the old one was gone forever. ;)

bugzilla -> you have to use the web interface and get your api token

Oh sorry, I had not realized we were talking about bugzilla here (from the title
I thought it was the pagure token of toddler interacting with bugzilla).

Sorry for introducing the confusion :(

No no, this was the src.fedoraproject.org pagure token... it needed to be a admin token tho, the user made one didn't have the permissions.

It's confusing because that toddler has bugzilla, src.fedoraproject.org and pagure.io tokens all used by the same toddler and named (I think) a bit confusingly.

Anyhow, it should be sorted now.

Log in to comment on this ticket.

Metadata
Boards 1
ops Status: Backlog