Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating an API Key Role for Buildkite results in an access policy that requires Github Actions #5376

Open
yob opened this issue Jan 7, 2025 · 0 comments
Open

Creating an API Key Role for Buildkite results in an access policy that requires Github Actions #5376

yob opened this issue Jan 7, 2025 · 0 comments
Labels
bug

Comments

@yob
Copy link

yob commented Jan 7, 2025

I work for Buildkite, and have been experimenting with using an API Key Role for publishing a personal gem from CI (pdf-reader).

Clicking the link from the gem page (https://rubygems.org/profile/oidc/api_key_roles/new?rubygem=pdf-reader&scopes%5B%5D=push_rubygem), I was able to create an API Key Role from the gem page (starts with rg_oidc_akr_meof, now revoked), however after clicking the Create Api Key Role button and the page reloading, the policy has a principal for Github Actions:

2025-01-07_18-34

To fix it I can edit the token, then make a hidden form element visible and type in the Buildkite issuer:

2025-01-07_18-36

Then, clicking the Update Api Key Role button saves the correct value:

2025-01-07_18-37

Environment

Browser and its version: Firefox 133.0.3, Linux
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yob