doc: request token for wiby

[bjohansebas]

Should fix nodejs/package-maintenance#629

This token should have push access to the following repositories:

• https://github.com/wiby-test/partial
• https://github.com/wiby-test/fail
• https://github.com/wiby-test/pass

permissions:
  contents: write
  pull-requests: write
  statuses: read

The bot that has access to this is called @wiby-bot, and the access credentials are in Node.js's 1Password.

[bjohansebas]

cc: @nodejs/tsc

[legendecas]

The requirement for requesting token via this method is limited to https://github.com/nodejs repositories.

Would you mind elaborating on why @nodejs-bot is needed in this process?

[bjohansebas]

@legendecas we don't actually need @nodejs-bot. As I mentioned, the bot that has access to those repositories is @wiby-bot, so that's the one that can generate the tokens I need.

I'm requesting this because someone with access to the @wiby-bot account posted this comment, so I assume the process needs to be handled here.

The reason I need these tokens is because that's how the wiby package currently works, the tokens are used to create branches in those repositories and to read the status of commits. They're essential for getting all the tests in the repo to pass. Right now, I can't test that functionality, so every time I make changes, I have no way to know if I'm breaking the integration or not. Without those tokens, the tests fail, and that has blocked me from continuing to maintain the package.

[bjohansebas]

@nodejs/tsc, any way to unblock this?

[bjohansebas]

Hey, @nodejs/tsc, could you please review it?

[legendecas]

I think the questions still remain:

1. The repo requesting the token is not hosted under https://github.com/nodejs,
2. The requested token owner is not @nodejs-github-bot,
3. The permission requested includes write permissions to repos outside of https://github.com/nodejs.

This is out of scope of the management of nodejs admin.

@nodejs/package-maintenance @mhdawson @dominykas I'd appreciate if you could chime in to help moving this forward.

FWIW, the current @wiby-bot account owners are https://github.com/nodejs/email/blob/02aa2cdad44a66c18529fd87dd80ebe7210585c7/iojs.org/aliases.json#L191-L197

[bjohansebas]

Hey @nodejs/tsc, we can also store the token info in the package-maintenance repository, and have the group manage it, since technically this package is part of pkgjs and therefore under the working group’s direction