finos / bot-github-chatops Goto Github PK
View Code? Open in Web Editor NEWA Symphony bot that uses ChatOps techniques to allow a firm employee to interact in a compliant manner with GitHub issues and PRs
License: Apache License 2.0
A Symphony bot that uses ChatOps techniques to allow a firm employee to interact in a compliant manner with GitHub issues and PRs
License: Apache License 2.0
RawGit - used in README.md - is sunsetting in October 2019; should be replaced with something else, ie jsdelivr; use https://www.jsdelivr.com/rawgit for an easy migration.
The bot should use a dedicated GitHub account, so that:
It has been reported that after the bot accepts a connection request, the email the requestor receives contains blanks:
"" "" (via Symphony) [email protected] has accepted your connection request.
A green build
Build fails with message iv undefined
Travis CI
Check travis-ci/travis.rb#607
To effectively discuss changes proposed by pull requests we need ability to add comments to specific lines of changed code, or as replies to existing comments. This might be implemented as new optional parameters for existing "add-comment" command which will allow specifying either file and line number, or parent comment id.
The JDK8 job on Travis CI deploys the updated JARs to OpenShift, running against the foundation-dev
pod.
The JDK8 job fails with the message: error: error processing the template "bot-github-chatops-template": processedtemplates is forbidden: User "maoo-1" cannot create processedtemplates in the namespace "ssf-dev": User "maoo-1" cannot create processedtemplates in project "ssf-dev"
Today I updated my local clone of dev, upgraded some dependencies, fixed the erroneous addition of a derived asset, and then noticed that master
contained some commits that weren't in dev
. So I fixed that too.
This is contrary to the workflow defined for this project (since clarified in the readme), where all commits must come through the dev
branch first, and are then "released" as a batch into the master
branch.
It would be desirable to find out who is subverting this workflow, and then ensure that they follow it in future (and potentially also have their commit access to master
removed).
Since many firms can't access the hyperlinks listed in the various commands' output, it would be ideal to include the equivalent bot command in an easily-copyable format (e.g. a <dev> or <pre> tag) as part of the output of the command.
So for example in the table of issues that the various list-*-issues
commands emit, each row could include (as plain text) something like id <name-of-repo> <issue-id>
. Effectively this would allow the human who is interacting with the bot to easily have a conversation with the bot, manually "following links" as appropriate.
Avatars are a powerful visual cue for Symphony users to clearly identify the bot from amongst a set of other Symphony users. The bot should, therefore, set a visually distinctive avatar image for itself.
Ability to merge a single identified pull request.
It appears that token.txt.enc is no longer used, and if so, in the interests of project hygiene it should be deleted.
@maoo can you confirm that it is unused?
Commands (e.g. "HELP") are case sensitive, but should not be.
Ability to create a new issue via the bot, providing details such as:
Ability to close a single identified issue.
NOTE! This issue was automatically generated by a FINOS GitHub Action.
We have found some repository configurations that should be changed in order to comply with FINOS Governance and bylaws, see the details below.
List of fixes:
has-user
- One or more user collaborators were found in this GitHub repository. FINOS Governance only allows GitHub users to be added via Teams. Please remove it, therefore it must be removed.has-admin
- One or more admin collaborators were found in this GitHub repository.. FINOS Governance doesn't allow GitHub users to have Admin rights on repositories, therefore it must be removed.This is a message generated by the FINOS project compliance scanning action.
For any question, do not hesitate to contact @maoo and @mcleo-d or email [email protected]. Thank you!
Ability to list issues via the bot. Should provide ways of listing:
Currently, the way that a command and its associated shortcut is displayed is confusing. They should appear on the same row to make it more obvious that they're one and the same thing.
Building new commands with bot-github-chatops implies adding items to the commands.clj
file, which currently parses bot input manually.
https://github.com/clojure/tools.cli delivers a similar functionality but for command-line inputs, which isn't a particularly appropriate format for chat-style interactions.
If there's no library that helps parsing the argument input, a simple library could already help keeping the code leaner and easier to extend.
Ability to list projects & repository via the bot. Should provide ways of listing:
With the recent release of the next Long Term Support (LTS) version of Java (version 11), the Foundation's OpenShift images should be upgraded to use it. With this release, Java 8 (which the OpenShift images currently use) is no longer supported.
This issue is for testing the solution for issue #6.
Every time the bot posts content on behalf of a Symphony user, that comment should include that user's configured disclaimer from Symphony (if there is one - not all Symphony users have disclaimers, and the disclaimer is not repeated in all messages either).
Prioritised requirements:
Ability to list pull requests via the bot. Should provide ways of listing:
Ability to view all details of identified pull requests via the bot.
Ability to view all details of identified issue(s) via the bot.
Task to create the two OpenShift environments required by the bot:
Needs to support:
The bot needs to be updated to properly handle more than one GitHub org, seeing as FINOS uses an org per program.
In a recent PR, the Whitesource plug-in was configured to run on every branch. This is problematic because Whitesource only supports one analysis / report per GitHub repository, so configuring it on every branch means that that analysis will be for a non-deterministic branch (i.e. whichever branch was last committed to). Worse, the analysis could be run on temporary or experimental branches that get rejected and are never merged into the final codebase.
This is highly problematic as potential consumers of the project who choose to review the Whitesource report to help determine the project's quality may come away with a grossly inaccurate understanding based on in-progress or experimental development work.
Until such time as Whitesource supports per-branch reports, the only viable workaround is to pick a single, well-defined branch for the Whitesource analysis to run against, and in the case of bot-github-chatops, the only branch that makes sense is master (since it’s the branch that represents the current production version of the code).
Note: this was originally how Whitesource had been deliberately and consciously configured for this project. It’s not at all clear to me why this regression was introduced in the recent PR.
When I am interacting with the bot, I want to be able to provide my GitHub identity to it, so that when the bot is performing GitHub actions on my behalf that identity can be included (e.g. via an @mention) in the bot's commentary.
This would require storage of a Symphony identity (potentially email address & pod id) ↔︎ GitHub id mapping, which is the kind of thing the ssf-metadata repository supports.
Ability to update any of the following attributes of a single identified issue via the bot:
The (encrypted) OC_TOKEN setting was removed from .travis.yml
in commit 19bb498. Whether this was by accident or intentional, it needs to be reinstated in .travis.yml
(and removed from the Travis UI settings, if it has been configured there), as it's best practice to explicitly store and manage CI settings in the git repository itself (i.e. in the .travis.yml
file), rather than as "magic" settings buried in the Travis UI that some of the project's developers may not have access to.
Task to create the two Symphony service accounts for the bot, one on each of the:
As per TravisCI's instructions, the sudo:false
setting in the TravisCI configuration needs to be removed.
Ability to add a new comment to a single identified:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.