You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"context": "policy-bot: master",
"description": "All rules are approved",
policy-bot then doesn't recognize the context as matching and triggers off it's own event, creating an infinite loop of processing and causing a failure
"context": "policy-bot: master",
"description": "'policy-bot[bot]' overwrote status to 'failure'",
Swapping the context to policy-bot: master unfortunately isn't a workaround:
"context": "policy-bot: master: master",
"description": "'policy-bot[bot]' overwrote status to 'failure'",
I am using the latest Dockerhub image of policy-bot and Github Enterprise 2.17
Checking the payload, it looks like it's more appropriate to check the installation section of the payload:
"installation": {
"id": 5,
"node_id": "MDI..."
}
The text was updated successfully, but these errors were encountered:
I'm sorry that you've run into just about every issue with getting policy-bot configured! Thanks for working through it while we get the docs into a better place.
In this case, what is the value of the options.app_name option in your server configuration? I believe you are hitting this audit check, which should ignore the bot's own statuses, provided the app_name is set correctly (it should be policy-bot in your case.) The exact value of the context doesn't matter, since the bot only checks the prefix.
That said, validating by something less error-prone like the installation ID sounds like a good idea, so I'll look into if that is possible.
For background, the target branch name is included in the status context to prevent a security flaw where you could open a PR to a non-protected branch with a bad policy, get a fake approval on your commit, and then update the PR to point at a protected branch while retaining the fake approval.
No worries! I appreciate that you are providing a useful tool to the community and supporting those who need help getting it running. You've saved me a bunch of time trying to write this myself.
My app_name was previously set to Policy Bot which is how it is configured in Github:
I'm guessing your code actually reads the url value instead, where it is policy-bot
After updating to policy-bot as my appname, I finally am getting checks on my PR's:
Thanks again for all the help! Do you guys have a tipjar?
When using
status_check_context: "policy-bot"
,Github ends up sending a webhook with the payload
policy-bot then doesn't recognize the context as matching and triggers off it's own event, creating an infinite loop of processing and causing a failure
Swapping the context to
policy-bot: master
unfortunately isn't a workaround:I am using the latest Dockerhub image of policy-bot and Github Enterprise 2.17
Checking the payload, it looks like it's more appropriate to check the
installation
section of the payload:The text was updated successfully, but these errors were encountered: