Needed to ensure the new appuser in the Dockerfile has permissions to write in the container.
If a bad actor tries to set GITHUB_OUTPUT to something like ../../output.json we will get an expected error
Local Testing
Tested Dockerfile change locally by running:
```bash
> source .env
> docker build -t stalerepos .
> docker run -it --rm --name debug -e GH_APP_ID=${GH_APP_ID} \
-e GH_APP_INSTALLATION_ID=${GH_APP_INSTALLATION_ID} \
-e GH_APP_PRIVATE_KEY=${GH_APP_PRIVATE_KEY} \
-e INACTIVE_DAYS=1 -e ORGANIZATION="[ORG]" \
-v ${PWD}:/app stalerepos:latest
Starting stale repo search...
https://github.com/[ORG]/repo1: 2 days inactive
https://github.com/[ORG]/repo2: 2 days inactive
https://github.com/[ORG]/repo3: 2 days inactive
https://github.com/[ORG]/repo4: 52 days inactive
Found 4 stale repos in [ORG]
Wrote stale repos to stale_repos.json
Wrote stale repos to stale_repos.md
```
Tests: 22 passed in 0.16s
Black Linter: All done! ✨ 🍰 ✨. 2 files left unchanged.
Readiness Checklist
Author/Contributor
[x] If documentation is needed for this change, has that been included in this pull request
[x] run make lint and fix any issues that you have introduced
[x] run make test and ensure you have test coverage for the lines you are introducing
Reviewer
[x] Label as either bug, documentation, enhancement, infrastructure, or breaking
Fixes #98
Pull Request
Proposed Changes
Needed to ensure the new appuser in the Dockerfile has permissions to write in the container.
If a bad actor tries to set
GITHUB_OUTPUT
to something like ../../output.json we will get an expected errorLocal Testing
Tested Dockerfile change locally by running:
```bash > source .env > docker build -t stalerepos . > docker run -it --rm --name debug -e GH_APP_ID=${GH_APP_ID} \ -e GH_APP_INSTALLATION_ID=${GH_APP_INSTALLATION_ID} \ -e GH_APP_PRIVATE_KEY=${GH_APP_PRIVATE_KEY} \ -e INACTIVE_DAYS=1 -e ORGANIZATION="[ORG]" \ -v ${PWD}:/app stalerepos:latest Starting stale repo search... https://github.com/[ORG]/repo1: 2 days inactive https://github.com/[ORG]/repo2: 2 days inactive https://github.com/[ORG]/repo3: 2 days inactive https://github.com/[ORG]/repo4: 52 days inactive Found 4 stale repos in [ORG] Wrote stale repos to stale_repos.json Wrote stale repos to stale_repos.md ```Tests: 22 passed in 0.16s
Black Linter: All done! ✨ 🍰 ✨. 2 files left unchanged.
Readiness Checklist
Author/Contributor
make lint
and fix any issues that you have introducedmake test
and ensure you have test coverage for the lines you are introducingReviewer
bug
,documentation
,enhancement
,infrastructure
, orbreaking