finos / bot-github-chatops Goto Github PK

RawGit - used in README.md - is sunsetting in October 2019; should be replaced with something else, ie jsdelivr; use https://www.jsdelivr.com/rawgit for an easy migration.

The bot should use a dedicated GitHub account, so that:

• we can use GitHub's authorisation controls to limit what the bot can do
• it has a separate API rate limit from all other Foundation infrastructure
• the write activity it undertakes on behalf of Symphony users is clearly identified as coming from the bot

It has been reported that after the bot accepts a connection request, the email the requestor receives contains blanks:

"" "" (via Symphony) [email protected] has accepted your connection request.

Bug Report

Steps to Reproduce:

1. See https://travis-ci.com/finos/bot-github-chatops/builds/124391931

Expected Result:

A green build

Actual Result:

Build fails with message iv undefined

Environment:

Travis CI

Additional Context:

Check travis-ci/travis.rb#607

To effectively discuss changes proposed by pull requests we need ability to add comments to specific lines of changed code, or as replies to existing comments. This might be implemented as new optional parameters for existing "add-comment" command which will allow specifying either file and line number, or parent comment id.

Bug Report

Steps to Reproduce:

1. Trigger a Travis CI build (e.g. make a commit)

Expected Result:

The JDK8 job on Travis CI deploys the updated JARs to OpenShift, running against the foundation-dev pod.

Actual Result:

The JDK8 job fails with the message: error: error processing the template "bot-github-chatops-template": processedtemplates is forbidden: User "maoo-1" cannot create processedtemplates in the namespace "ssf-dev": User "maoo-1" cannot create processedtemplates in project "ssf-dev"

Today I updated my local clone of dev, upgraded some dependencies, fixed the erroneous addition of a derived asset, and then noticed that master contained some commits that weren't in dev. So I fixed that too.

This is contrary to the workflow defined for this project (since clarified in the readme), where all commits must come through the dev branch first, and are then "released" as a batch into the master branch.

It would be desirable to find out who is subverting this workflow, and then ensure that they follow it in future (and potentially also have their commit access to master removed).

Since many firms can't access the hyperlinks listed in the various commands' output, it would be ideal to include the equivalent bot command in an easily-copyable format (e.g. a <dev> or <pre> tag) as part of the output of the command.

So for example in the table of issues that the various list-*-issues commands emit, each row could include (as plain text) something like id <name-of-repo> <issue-id>. Effectively this would allow the human who is interacting with the bot to easily have a conversation with the bot, manually "following links" as appropriate.

Avatars are a powerful visual cue for Symphony users to clearly identify the bot from amongst a set of other Symphony users. The bot should, therefore, set a visually distinctive avatar image for itself.

Ability to merge a single identified pull request.

It appears that token.txt.enc is no longer used, and if so, in the interests of project hygiene it should be deleted.

@maoo can you confirm that it is unused?

Commands (e.g. "HELP") are case sensitive, but should not be.

Ability to create a new issue via the bot, providing details such as:

• title (mandatory)
• description (mandatory)
• assignees (optional)
• labels (optional)
• projects (optional)
• milestone (optional)

Ability to close a single identified issue.

NOTE! This issue was automatically generated by a FINOS GitHub Action.

We have found some repository configurations that should be changed in order to comply with FINOS Governance and bylaws, see the details below.

List of fixes:

• has-user - One or more user collaborators were found in this GitHub repository. FINOS Governance only allows GitHub users to be added via Teams. Please remove it, therefore it must be removed.
• has-admin - One or more admin collaborators were found in this GitHub repository.. FINOS Governance doesn't allow GitHub users to have Admin rights on repositories, therefore it must be removed.

This is a message generated by the FINOS project compliance scanning action.

For any question, do not hesitate to contact @maoo and @mcleo-d or email [email protected]. Thank you!

Ability to list issues via the bot. Should provide ways of listing:

• all issues
• all open issues
• all closed issues
• recently updated issues

Currently, the way that a command and its associated shortcut is displayed is confusing. They should appear on the same row to make it more obvious that they're one and the same thing.

Feature Request

Description of Problem:

Building new commands with bot-github-chatops implies adding items to the commands.clj file, which currently parses bot input manually.

Potential Solutions:

https://github.com/clojure/tools.cli delivers a similar functionality but for command-line inputs, which isn't a particularly appropriate format for chat-style interactions.

If there's no library that helps parsing the argument input, a simple library could already help keeping the code leaner and easier to extend.

Ability to list projects & repository via the bot. Should provide ways of listing:

• all projects
• all repositories within a project

Description of Problem:

With the recent release of the next Long Term Support (LTS) version of Java (version 11), the Foundation's OpenShift images should be upgraded to use it. With this release, Java 8 (which the OpenShift images currently use) is no longer supported.

This issue is for testing the solution for issue #6.

Every time the bot posts content on behalf of a Symphony user, that comment should include that user's configured disclaimer from Symphony (if there is one - not all Symphony users have disclaimers, and the disclaimer is not repeated in all messages either).

• Symphony pod: Foundation's production pod
• Hosting vendor: OpenShift Online (Foundation's account)
• CI/CD: TravisCI (Foundation's account)
• Programming language: Clojure

Prioritised requirements:

1. minimise ongoing maintenance cost for Foundation staff (since only Foundation staff will have dedicated time to maintain the bot going forward)
2. minimise initial development cost (since one of the member firms needs this ASAP)
3. facilitate contribution from the community
4. provide an opportunity for the community to tinker with an advanced, modern technology

Ability to list pull requests via the bot. Should provide ways of listing:

• all PRs
• all open PRs
• recently opened PRs
• recently updated PRs
• recently closed PRs

Ability to view all details of identified pull requests via the bot.

Ability to view all details of identified issue(s) via the bot.

Task to create the two OpenShift environments required by the bot:

• Foundation dev pod
• Foundation production pod

Needs to support:

• Symphony credentials
• GitHub credentials
• Ops monitoring configuration
• List of bot admins

The bot needs to be updated to properly handle more than one GitHub org, seeing as FINOS uses an org per program.

In a recent PR, the Whitesource plug-in was configured to run on every branch. This is problematic because Whitesource only supports one analysis / report per GitHub repository, so configuring it on every branch means that that analysis will be for a non-deterministic branch (i.e. whichever branch was last committed to). Worse, the analysis could be run on temporary or experimental branches that get rejected and are never merged into the final codebase.

This is highly problematic as potential consumers of the project who choose to review the Whitesource report to help determine the project's quality may come away with a grossly inaccurate understanding based on in-progress or experimental development work.

Until such time as Whitesource supports per-branch reports, the only viable workaround is to pick a single, well-defined branch for the Whitesource analysis to run against, and in the case of bot-github-chatops, the only branch that makes sense is master (since it’s the branch that represents the current production version of the code).

Note: this was originally how Whitesource had been deliberately and consciously configured for this project. It’s not at all clear to me why this regression was introduced in the recent PR.

When I am interacting with the bot, I want to be able to provide my GitHub identity to it, so that when the bot is performing GitHub actions on my behalf that identity can be included (e.g. via an @mention) in the bot's commentary.

This would require storage of a Symphony identity (potentially email address & pod id) ↔︎ GitHub id mapping, which is the kind of thing the ssf-metadata repository supports.

Ability to update any of the following attributes of a single identified issue via the bot:

• title
• description
• assignees
• labels
• projects
• milestone

The (encrypted) OC_TOKEN setting was removed from .travis.yml in commit 19bb498. Whether this was by accident or intentional, it needs to be reinstated in .travis.yml (and removed from the Travis UI settings, if it has been configured there), as it's best practice to explicitly store and manage CI settings in the git repository itself (i.e. in the .travis.yml file), rather than as "magic" settings buried in the Travis UI that some of the project's developers may not have access to.

Task to create the two Symphony service accounts for the bot, one on each of the:

• Foundation dev pod
• Foundation production pod

As per TravisCI's instructions, the sudo:false setting in the TravisCI configuration needs to be removed.

Ability to add a new comment to a single identified:

• issue
• PR