-
Notifications
You must be signed in to change notification settings - Fork 714
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
implemented create from manifest action #1647
Conversation
Currently I have tested the given implementation manually. Before the implementation of automatic tests I would like to clarify two questions with respect to the implementation of the test cases:
Best, Daniel |
Yes, we have some tests that are recorded and never get run against live site for this same reason. Record your data, modify it as needed then add snapshotNotAllowed() to your test method to make it clear.
Do what you think is best, just include comments to the code explaining the choice. I'm not that picky about how the testing gets done. Thanks for contributing. |
Hi, I have implemented the Tests and stored the API snapshots and removed the draft flag from the PR. Since the manifest flow test validates the client secret and the pem of the GitHub App, they expose the secrets and the pem to the public internet. I have therefore rotated those secrets in the App itself, however, external scanners will still detect those secrets and flag the contents as insecure. We can either accept this as it poses no threat (secrets are rotated, app has no installations), or we modify the stored snapshots to some random string that is no longer detected by the secret scanners. Best, Daniel |
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #1647 +/- ##
============================================
+ Coverage 79.89% 79.92% +0.02%
- Complexity 2197 2204 +7
============================================
Files 210 211 +1
Lines 6671 6680 +9
Branches 364 364
============================================
+ Hits 5330 5339 +9
Misses 1127 1127
Partials 214 214
☔ View full report in Codecov by Sentry. |
Description
This pull requests implements the following API methods:
GET /apps/{app_slug}: https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-app
POST /app-manifests/{code}/conversions: https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#create-a-github-app-from-a-manifest
Fixes #1641
Before submitting a PR:
mvn -D enable-ci clean install site
locally. If this command doesn't succeed, your change will not pass CI.main
. You will create your PR from that branch.When creating a PR: