New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Until we support private repositories disable them #73
Labels
Comments
bradleyfalzon
added a commit
that referenced
this issue
Apr 24, 2017
This commit sets up a better framework for ignoring certain GitHub events early, before they're sent to the queue. We don't queue them because some organisations have many non-Go repositories and queuing all those jobs to just be immediately discarded was becoming a little wasteful. In the future, I'm happy for this decision to be reversed. This is implemented in a GitHub specific manner, as it ensured the events would be discarded before a clone of the repository occurred. Resolves #80. Related to #73.
bradleyfalzon
added a commit
that referenced
this issue
Apr 24, 2017
This commit sets up a better framework for ignoring certain GitHub events early, before they're sent to the queue. We don't queue them because some organisations have many non-Go repositories and queuing all those jobs to just be immediately discarded was becoming a little wasteful. In the future, I'm happy for this decision to be reversed. This is implemented in a GitHub specific manner, as it ensured the events would be discarded before a clone of the repository occurred. Resolves #80. Related to #73.
#80 introduced an early ignore of PRs/Pushes feature, so although I discussed implementing it in the Analyse function, I'll instead ignore them when we first receive the PR or Push Event. This will ensure no information is ever accidentally leaked by dropping the request immediately. |
bradleyfalzon
added a commit
that referenced
this issue
Aug 8, 2017
We do not currently support private repositories because we do not use tokens to clone the repositories URLs, and the build status pages are not currently authenticated. This results in clone errors failing the build, and if that is fixed could result in information leak on the build summary page. As a stop gap, we'll ignore requests for private repositories. This won't provide any feedback to the user, which is unfortunate, but to do that would require a different way to ignore repositories that provides feedback, the longer term goal is to simply support private repositories correctly. Fixes #73. Relates to #22.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently we do not support private repositories #22, but people are able to cause GopherCI to try and check them.
These clones should fail due to an unauthenticated clone, but that's not a friendly error. Additionally, soon #28 will be available and won't have authentication support (will assume everything is public), so I want to ensure private repositories are skipped.
The text was updated successfully, but these errors were encountered: