[FEATURE REQUEST] A way to update git_pillar_password on time interval

[boyadzhievb]

Is your feature request related to a problem? Please describe.
To sync pillars from Github for authentication we need to use HTTPS with Authentication Tokens
generated by GitHub App on let say every 15 minutes. A token is valid for 30 minutes and
must be regenerated after that.

Describe the solution you'd like
Reread git_pillar_password every 10 minutes(parameterized time like git_pillar_update_interval)
to get new value which we updated in master file by using other means
(a script that regenerates the token and replace it in the master file)

Describe alternatives you've considered
keep git credentials in different file but again rereading them on interval

Please Note
If this feature request would be considered a substantial change or addition, this should go through a SEP process here https://github.com/saltstack/salt-enhancement-proposals, instead of a feature request.

[OrangeDog]

Why can you not set up GitHub access normally, with a token that lasts a sensible amount of time (up to infinity)?

[boyadzhievb]

If one set debug mode in the logs rereading of master file is reported every 60 sec. , but password stays the same, I've added little log.info(print(self.credentials)) in gifts.py.

Tokens must be rotated frequently for security reasons.

[OrangeDog]

security reasons

You need to reassess your systems. Forcing Salt to get a new token every half hour is an overall reduction in security.

[boyadzhievb]

Salt didn't get the token , the token Is provided by GitHub app and that is not the point, either way salt-master reports that it rereads master file every 60 sec. And how come rotating the token is reduction in security , it seems you have misunderstanding of the security.