GitHub bot conflicts for the same repo during dev/testing

Bioinformatics-Research-Network / Bioinformed-Skill-App

Repository for the Bioinformed Skill Assessment App

https://skill.bioinformed.app

MIT License

4 stars 2 forks source link

GitHub bot conflicts for the same repo during dev/testing #22

Closed millerh1 closed 2 years ago

millerh1 commented 2 years ago

Currently, the production github bot is acting on the same repos during local testing of all services

It is always acting on repos in this org: https://github.com/brn-test-assessment

We need a way of randomly creating repos which are distinct whenever the bot is acting on repos in that org (but not any others).

One way to accomplish this would be to introduce a random string into the repo names, but only if the ghbot is acting on that org. This may introduce other complications and will need significant testing.

millerh1 commented 2 years ago

Another idea would be to make sure the bot only interacts with repos that are valid in the database it has access to.

If combined with the idea of introducing random characters/numbers into the repo name, this should prevent conflicts from cases where dev env and prod env respond to payloads from the same repo.

This would mean the bot needs read access to the DB, so we should also develop a custom db user for the bot which only has read access.

millerh1 commented 2 years ago

The steps will now be:

[x] Modify the bot function to add 6 random numbers/letters to the repo name (needs to be stored in assessment tracker entry)
[x] Modify bot to check the db upon receiving a new payload to ensure payload comes from a db it is supposed to respond to.