Closed ecurrencyhodler closed 8 months ago
@ecurrencyhodler I'll like to work on this when it is posted
@Ekep-Obasi go ahead. This is yours. Provide your research below on this issue. Lets get a response sometime today. Tomorrow at the latest.
@Ekep-Obasi I also updated the acceptance criteria. Added 2 more. Please take a look before submitting your response.
@ecurrencyhodler This is what I compiled regarding the implementation of automated issue closure tied to bounties upon payment.
Approach | Pros | Cons | Costs |
---|---|---|---|
1. GitHub API Keys | -Simpler to implement | - Requires handling sensitive information (API keys). | Generally, there are no direct costs associated with using GitHub API keys. |
- Straightforward authentication process. | - Not scalable, managing keys for multiple users can be cumbersome | ||
- Easy to manage access and permissions. | - Limited to the capabilities of the GitHub REST | ||
- Well-documented API with extensive support. | |||
2. Authorizing GitHub Apps | - Better control over permissions and access with GitHub Apps. | - More complex setup and configuration compared to API keys. | While there might not be direct costs for basic usage, depending on the scale and features required, there could be costs associated with hosting the GitHub App, particularly if additional infrastructure or services are needed. |
- More scalable - easier to manage access for multiple users. | - Requires understanding of OAuth and GitHub Apps infrastructure. | ||
- Allows for granular permissions, enhancing security. |
Solution | Documentation |
---|---|
GitHub API Keys | GitHub REST API Documentation |
Authorizing GitHub Apps | GitHub Apps Documentation |
Solution | Project |
---|---|
GitHub API Keys | Auto-Close GitHub Action (GitHub) |
GitHub Apps | Expensify |
Based on the trade-offs, I recommend using Github Apps. While it requires more upfront effort and is potentially more costly, it offers better security, scalability, and control in the long run. With GitHub Apps, we could also automate things like welcoming first-time users and a lot more capabilities. There are a couple of free open-source GitHub Apps that automate project management tasks on GitHub Marketplace. If we decide to build our own GithubApp we could use Probot which is a framework for building GitHub apps with Node.js. Here is a tutorial to build a deploy your GitHub app and host on Platform.sh
@Ekep-Obasi are you suggesting we create our own github app? Is there a free and open-source one we could use and simply integrate?
@ecurrencyhodler, I searched through the GitHub marketplace, I couldn't lay hands on an app that matches our specific requirements in terms of functionality, pricing, documentation, or webhook support.
Paid!
I found a competitor that we can emulate. Their bot can automatically sync an issue to the bounty platform when it is raised, and after the pull request is merged, it automatically closes the issue. Unfortunately, it is not open source.
see here: https://github.com/dittofeed/dittofeed/issues/641 Their platform : https://console.algora.io/
Context
Let's close an issue that a bounty is tied to if it gets paid.
Here is the API doc's: https://docs.github.com/en/rest/issues/issues?apiVersion=2022-11-28#update-an-issue
This will free up reviewers and the PM from manually closing issues after a PR gets merged and tested on staging.
We need to include this call in the 2 ways a bounty can get paid:
This is a feature that we will enable just for bounties platform, sphinx chat, and Secondbrain as v1. But we should architect this in such a way that any org can use it by enabling it from the org admin page:
Two ways we've considered implementing this is:
Acceptance Criteria
In the issue below: