The repo's two GH Actions workflows that touch the live cluster (`push-templates.yml` and `sprint-ticket.yml`) need these two secrets. Without them they fail at the `coder login` step. Currently failing on every push (visible in the Actions tab).
Depends on: the cluster install issue landing first.
Steps
- Get the Coder URL from TF output:
```bash
cd terraform
CODER_URL=$(terraform output -raw coder_url)
echo "$CODER_URL" # https://coder.apps.cluster.rhsummit.coderdemo.io
```
- Open Coder in a browser → log in with kubeadmin password (`terraform output -raw kubeadmin_password_path`, then `cat $(...)`):
- Set up the first admin user (real email, doesn't matter what for the demo).
- Create a session token: `Account → Tokens → New token` (or `coder tokens create --lifetime 720h` from CLI).
- Push to GH:
```bash
gh secret set CODER_URL --body "$CODER_URL"
gh secret set CODER_SESSION_TOKEN --body ""
```
Acceptance criteria
Don't forget
- The session token has an expiry. Default 30 days. Set `--lifetime 720h` (30d) at minimum, longer if you'd rather not rotate.
- Document who created the token in the team's 1Password / shared notes so we know who to ping when it nears expiry.
The repo's two GH Actions workflows that touch the live cluster (`push-templates.yml` and `sprint-ticket.yml`) need these two secrets. Without them they fail at the `coder login` step. Currently failing on every push (visible in the Actions tab).
Depends on: the cluster install issue landing first.
Steps
```bash
cd terraform
CODER_URL=$(terraform output -raw coder_url)
echo "$CODER_URL" # https://coder.apps.cluster.rhsummit.coderdemo.io
```
```bash
gh secret set CODER_URL --body "$CODER_URL"
gh secret set CODER_SESSION_TOKEN --body ""
```
Acceptance criteria
Don't forget