Secret scanning alerts only come once the secrets UI has been loaded #59
Comments
|
Hi @baztian, you are right the secrets send alerts only when you open /#/secrets page on UI.
Due to above reasons, GitActionBoard fetch only required data when user open certain page on the UI. |
|
Hi @baztian, you mentioned, you don't use UI, just curious how are you fetching the workflow failures? Are you using gitActionBorad APIs? If yes, you can use /v1/alerts/secrets API to fetch secrets. It'll also send the alerts to MS Teams |
|
Thanks @sumanmaity1234. A few of our team mates are actually using the UI. I'm using https://anaynayak.github.io/buildnotify/ which relies on the cctray.xml. How gitactionboard gets to know about build failures? Doesn't it need to do polling for it as well? |
|
Also if I start polling secrets endpoint this would also result in rate limiting issues. Especially when all of our team members are doing it it actually gets worse. |
|
Hi @baztian,
GitActionBoard UI does the polling. So, if you are using UI, depends on configuration it figures out for how long it should continuously do the polling. Currently, in your case https://anaynayak.github.io/buildnotify/ is doing the polling from gitactionboard server.
Yes and No, it depends on your server side cache configuration. Server side cache can be configured by CACHE_EXPIRES_AFTER environment variable. You can find all the server side configuration here and UI configuration here. |
|
Closing this issue due to inactivity. Feel free open this ticket if you encounter similar issue |
I've tried pushing a secret to one of our repos. The Teams alert will only come once I've opened the /#/secrets endpoint in my browser. Any chance to make this come without UI interaction? We don't use the UI.
The text was updated successfully, but these errors were encountered: