search

miguelfrde / travieso

Travis CI build job status directly on GitHub!
http://miguelfrde.github.io/travieso
MIT License
14 stars 1 forks source link

Multiple webhook notifications per job #12

Open jarekwg opened 8 years ago

jarekwg commented 8 years ago

Steps to reproduce

Expected output: Travieso updates Github statuses as each job completes.

Actual output: Travieso updates Github statuses once enitire build completes.

Suggested fix: I'll give a suggestion as I do not plan to offer a PR for this. It's a little tricky, since Travis only offers webhook notifications pertaining to the status of the overall build. The solution would be for Travieso to offer an after_script.sh file. Travis runs after_script tasks per job, after each job. So sending a custom webhook notification at this point and then listening for it with the Travieso server would enable instant feedback on each job status.

Metadata

Travieso version:: ae3a069f3fb2f3e7fed8839c8dfc17fc4df07e70

Python version:: 3.5.1

Operating system:: Mac

miguelfrde commented 8 years ago

I'm aware of this issue. But thank you for reporting it to track it. As you say, sadly Travis doesn't notify per job status.

The script should be a very simple curl, however there's one thing to consider: the token that Travis sends to the webhook to authenticate. The token is very simple: sha256(repository + TRAVIS_TOKEN).hexdigest() basically.

What worries me there is the TRAVIS_TOKEN constant, which is the CI user (or single user) token. It could be loaded in the build as an encrypted environment variable and accessed from the script.

I'll experiment with that this weekend.

jarekwg commented 8 years ago

Neat, thanks!

ryanhiebert commented 7 years ago

Secure environment variables are only available to pull requests from the same repository, to avoid data leakage from bad actors submitting pull requests. That would make this kind of incremental reporting a feature only available to internal pull requests and branch builds. Perhaps still worthwhile, but a notable downside.

Perhaps it would be possible to do this entirely based on job identification rather than authorization, and use the hooks (with authentication) to open and close the windows of when they are allowed.

ryanhiebert commented 7 years ago

I have no idea how I could unassign someone. I suspect it may just be that I commented and they are not considered a valid assignment anymore.