Github repo creation not using GITHUB_PAT? #106

stephlocke · 2019-01-08T13:37:31Z

maelle · 2019-01-08T13:41:01Z

Does the branch have access to the environment variable?

maelle · 2019-01-08T13:42:53Z

We use gh functions directly so use the GITHUB_PAT when it's available so the best thing I could imagine is skipping this test when the environment variable is not available (which will always happen in PRs). What do you think?

stephlocke · 2019-01-08T14:34:52Z

I would expect the env var to be found as the environment variables are at the repo level in travis 🤔

maelle · 2019-01-08T16:54:23Z

I think someone once told me it'd be bad if the environment variables were accessible from external branches because mean people could output them to the log.

maelle · 2019-01-16T07:37:47Z

@stephlocke so should we skip tests involving the environment variable when it's not present i.e. external PRs?

maelle · 2019-01-16T07:40:20Z

In codemetar what we have is testthat::skip_if_not(nzchar(Sys.getenv("GITHUB_PAT")))

stephlocke · 2019-01-16T11:27:32Z

I'm not comfortable accepting code that hasn't done the full set of tests. Can you give some thought as to how we could achieve it? Perhaps we could use a pre-provided pat and make the variable if it doesn't exist at the beginning of tests for instnce?

maelle · 2019-01-16T11:31:05Z

the problem is that we need a pat that can create a repo for my account chibimaelle.

The only solution I can imagine is not hard-coding "chibimaelle" i.e. the tests would need a GITHUB_PAT with scope to create a project and we'd have

login <- gh::gh_whoami()$login
createBasicProject(
    name = "test",
    packagedeps = "none",
    external_setup = list(
      git_service = "GitHub",
      login = login,
      private = FALSE,
      protocol = "ssh",
      ci_activation = NULL
    ),
    folder = tmp
  )

  expect_true(repo_exists(login, "test"))
  gh::gh("DELETE /repos/:owner/:repo",
    owner = login, repo = "test"
  )

But the users submitting an external PR would need to set the GITHUB_PAT in their fork themselves. what do you think?

maelle · 2019-01-16T11:34:03Z

I'm not even sure one can create a GITHUB_PAT for a fork 🤔

stephlocke · 2019-01-16T11:40:28Z

Here's one solution

https://blog.algolia.com/travis-encrypted-variables-external-contributions/
https://github.com/algolia/api-key-dealer

Essentially, have an API that you hit up with some info about the travis job. if master branch, do nothing, if from a legit travis job, return a value. Add value to env if returned.

maelle · 2019-01-25T09:37:59Z

Other points of view https://discuss.ropensci.org/t/github-pat-needed-in-tests-and-pull-requests-on-travis/1550/7 (no other solutions, the efficient but complicated solution you posted is the only one I've seen).

stephlocke added the bug 🐛 label Jan 8, 2019

maelle closed this as completed in 494551c Jan 16, 2019

stephlocke reopened this Jan 16, 2019

maelle added a commit that referenced this issue Jan 16, 2019

fix #106 by skipping GitHub test in the absence of a GITHUB_PAT

74DC ab9d864

maelle added enhancement ✨ and removed bug 🐛 labels Jan 6, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Github repo creation not using GITHUB_PAT? #106

Github repo creation not using GITHUB_PAT? #106

Github repo creation not using GITHUB_PAT? #106

Github repo creation not using GITHUB_PAT? #106

Comments