Gajira actions have been deprecated #324
Description
We use official Atlassian GitHub Actions workflows such as https://github.com/atlassian/gajira-create for our reusable-create-jira-issue.yml workflow. According to the gajira-create README:
This repository is no longer maintained and all Gajira actions have been deprecated.
Someone opened atlassian/gajira-create#59 two years ago to request an alternative solution, but no one from Atlassian has responded.
Apparently we've been using deprecated actions for two years with no problems, so we're probably fine to keep using them until they break, at which point we would need to decide whether we're getting enough use out of our Jira integration to justify finding a new solution. I would guess we'll need to query to Atlassian/Jira API directly, at which point I'd also recommend we look into using scoped Atlassian API tokens rather than the unscoped token that we're currently using.
- Replace deprecated Gajira actions (query Atlassian/Jira API directly?)
- Use a scoped Atlassian API token if possible
In case anyone is wondering how to refresh a token when it's about to expire, it looks like:
- Login to Jira using the bot account (credentials are stored in the shared team password manager).
- Visit https://id.atlassian.com/manage-profile/security/api-tokens and click "Create API token" (NOT the scoped token option).
- Choose a name like "github-actions" and set the expiration date as far forward as possible (probably 1 year).
- Update the
JIRA_API_TOKENsecret in our password manager and in the GitHub Actions secrets for: - Test that the Jira issue workflow still runs, then revoke the old API token.
There's probably a better place to document the token renewal steps (maybe a wiki article that we link from a calendar event?) but just leaving them here for now.