Closed ddgenome closed 5 years ago
I'd bet the issue is the assignees: "assignees":["dependabot-preview[bot]"]
Indeed, here is the body of the response from the GitHub.com API:
{
"message": "Validation Failed",
"errors": [
{
"value": "dependabot-preview[bot]",
"resource": "Issue",
"field": "assignees",
"code": "invalid"
}
],
"documentation_url": "https://developer.github.com/v3/issues/#create-an-issue"
}
I guess we need to check if the assignee is a contributor of the project. Or not assign the issue at all.
In the case the issue is that we are trying to assign the issue to a non-user, I'm guessing an app in this case, https://github.com/marketplace/dependabot-preview . So at the very least we need to make sure the assignee is a user.
@cdupuis how would you determine if a user was a contributor? See if any of their email address appear in any of the commits as an author? Test for membership in the org? Push access to the repo?
Would this api call help? https://developer.github.com/v3/repos/#list-contributors
That API endpoint actually returns "dependabot-preview[bot]" as one of the contributors, so that won't work.
And querying the user endpoint for that user also works:
$ curl -H 'Accept: application/vnd.github.v3+json' -X GET 'https://api.github.com/users/dependabot-preview%5Bbot%5D'
{
"login": "dependabot-preview[bot]",
"id": 27856297,
"node_id": "MDM6Qm90Mjc4NTYyOTc=",
"avatar_url": "https://avatars3.githubusercontent.com/in/2141?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/dependabot-preview%5Bbot%5D",
"html_url": "https://github.com/apps/dependabot-preview",
"followers_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/followers",
"following_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/following{/other_user}",
"gists_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/gists{/gist_id}",
"starred_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/subscriptions",
"organizations_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/orgs",
"repos_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/repos",
"events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/events{/privacy}",
"received_events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/received_events",
"type": "Bot",
"site_admin": false,
"name": null,
"company": null,
"blog": "",
"location": null,
"email": null,
"hireable": null,
"bio": null,
"public_repos": 0,
"public_gists": 0,
"followers": 0,
"following": 0,
"created_at": "2017-04-21T12:03:36Z",
"updated_at": "2019-05-23T08:20:18Z"
}
Trying to create the issue with assignees set to ["dependabot-preview%5Bbot%5D"]
also fails validation.
I guess the options are to not assign the issue or to try to assign and then not assign if trying to assign returns 422 with a body indicating an assignee is invalid. Thoughts?
We talked about this and decided to create issues without any assignees. If that fails, report the error. If it succeeds, try to assign the issue to the committer, ignoring any failure.
Here is a sample from the logs for an atomist-sdm build: