Make CLAHub compatible with other Commit Status tools #27
Comments
|
If there was an API for querying the list of signatures, that should be enough to tie into any other tool that is setting the commit status, assuming the developers have the ability to control the other tool. For jQuery, we're using mergeatron and we can just add the CLA check there. |
|
|
Curious about any precedents https://twitter.com/jayunit/status/295714857611821056 |
|
@jamesarosen we chatted last night about this, so ping ping :) |
|
Also ping @calebthompson from our Twitter conversation - looks like it's totally possible to build a status aggregation service that subscribes to the "status" repo webhook, reads all the existing statuses for a commit, and re-emits an aggregated status: http://developer.github.com/v3/repos/hooks/ |
|
FWIW, asked joshk on |
|
I think an aggregator would be a pretty good thing. |
|
Proof of concept is done: http://statusrollup.herokuapp.com/ - please don't lean on it too heavily, it might break sometimes, and I really need to background job some things. |
|
Currently, GitHub offers only very coarse-grained OAuth access. This means that any app that needs to post status messages to a pull-request needs write access to my full GitHub account, which is pretty worrying. GitHub should definitely offer OAuth access just for writing status messages and commenting on things. In the meantime, something like StatusRollup could reduce the surface area by being the one thing that gets write access. Of course, that makes it an even better target for attack. |
|
I haven't looked at the code, but I do know that based on Jason and my conversation the plan was to grab the annotations on the commits from GitHub and post a new aggregate annotation. That means that, for example, Travis, Code Climate, Jenkins, etc. all get access to the repo as well as status rollup, not rather than. Caleb Thompson On Tuesday, February 19, 2013 at 10:39 AM, James Rosen wrote:
|
|
In that case, we're purely expanding the list of things that have write access to people's accounts, which many will balk at :/ I'd really like to hear someone from @github chime in about their work in this area. |
Yes, that's what it does: commit_status.rb, status_roller_upper.rb. I agree on reducing the OAuth surface area. See related: #17. A |
Yup, that's how it works - status_roller_upper.rb and commit_status.rb I agree on reducing the OAuth surface - see related #17. I think
Rightly so. It bears mentioning that could run all of these tools on your own infrastructure if you so choose, but of course that's super less-than-ideal. |
Instead of having a status rollup service which looks at the other statuses, the service could instead provide hooks into other services that are currently setting the status. For example, it could hook directly into a CLAHub service to find out if there is a CLA on file, it could hook directly into Travis to find out if the commit passed tests, etc. Then the rollup would be the only thing that has access to the repo. This would require a lot more work for the service, but there are definitely other solutions than trying to set multiple statuses when the status API isn't designed for it. Also, for jQuery we actually would run the tools on our own infrastructure and would want to prevent CLAHub from setting the commit status directly. |
This would likely be much simpler, for GH integration. CLAHub itself could also offer webhooks for status, so people could hook it into their own systems. |
|
++ |
|
Looks like Combined Status API as referenced in #62 is what we want: https://developer.github.com/changes/2014-03-27-combined-status-api/ |
|
@jasonm Boom! Thanks. |
|
+1, this would be great. Currently, CLAHub stomps on my other build status notifications. |
|
Any progress on this? |
|
I've made what I think is the right change and done a PR. See what you think. |
|
I've merged @Floppy 's PR #71 and verified here: https://api.github.com/repos/jasonm/clahub-test/commits/468e33b/statuses |
|
Nice! Looks like it's working! |
|
I'm not sure the GitHub UI will show status per-context, even if the |
|
So given a commit with two successful statuses, we won't necessarily see "The Travis CI build passed, and all contributors signed the CLA", but rather the description for one of the successful statuses, likely last-writer-wins. |
|
But when one fail, then it is always shown? So it is not that last-writer-wins also for failed statuses and that a successful status could override the failed one? |
|
I'm assuming there will be some update to the github UI at some point to display this stuff properly, but that's just a guess. |
|
I wrote to GitHub and this is their answer:
|
|
This is where I wish github was open source :( |
|
Does GitLab has such API and hooks? |
Oh so much. 😕 |
|
OMG it's finally here people, and it's great. See openpolitics/manifesto#245 for an example :) |
|
!!!!!!! |
If e.g. travis-ci and clahub both update the status for a commit, only the last one is displayed.
A few options:
CC @scottgonzalez re https://twitter.com/scott_gonzalez/status/294643971655884803
The text was updated successfully, but these errors were encountered: