|
Summary: Add SONAR_TOKEN to the dependabot secrets for stripes-components and ui-users.
Details: Dependabot should have all necessary permissions to open a PR successfully, but currently lacks permission to publish test results. In
STCOM-1068
Closed
we turned on dependabot as a POC. It started opening PRs (yay!) but they fail due to a permissions problem. This failure is reminiscent of the PR failures that led to the process for merging PRs from forks, yet the situation here is a bit is different: the calls are coming from INSIDE the house!!!11!1! Further research (see comment below) suggests we can resolve this by adding SONAR_TOKEN to dependabot's secrets.
Given
FOLIO-3664
In Code Review
is just a POC, we just want to try this out in a few repositories for now. If successful, we will want to include this setting in all UI repositories.
|