Deeman 21f99767bf Use GitLab project access token instead of SSH deploy key ...

More secure approach:
- Uses HTTPS with token instead of SSH keys
- Token can be rotated without touching infrastructure
- Scoped to read_repository only
- Token stored in Pulumi ESC (beanflows/prod)

Setup:
1. Create project access token in GitLab with read_repository scope
2. Add GITLAB_READ_TOKEN to Pulumi ESC
3. Bootstrap script will use it for git clone/pull

2025-10-13 20:37:28 +02:00

3.7 KiB

Executable File

Raw Blame History

View Raw