[FOLIO-3687] configure UI app to publish test results from Dependabot Created: 17/Jan/23  Updated: 24/Apr/23  Resolved: 24/Apr/23

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: TBD
Reporter: Zak Burke Assignee: Ankita Sen
Resolution: Done Votes: 0
Labels: dependency_check
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
blocks UIU-2747 leverage dependabot to update depende... Open
Relates
relates to FOLIO-3669 add SONAR_TOKEN to dependabot secrets... Closed
Sprint: DevOps Sprint 160
Development Team: FOLIO DevOps
RCA Group: TBD

 Description   

Summary: Configure GitHub workflows to support dependabot branches in ui-users. This is a POC; if successful, we will configure all UI apps in this manner.

Details: In ui-users, the GA Action Publish Jest unit test results fails. The associated action lists additional configuration steps beyond those in FOLIO-3669 Closed to allow Dependabot PRs to succeed, but also notes this can be dangerous if not correctly configured.

Can you help get our .github/workflows/* files correctly configured? Given the security concerns, I think it makes more sense for DevOps to drive this process rather than us.

CC: Michal Kuklis



 Comments   
Comment by Zak Burke [ 31/Jan/23 ]

Ping

Comment by Zak Burke [ 23/Mar/23 ]

Additional info about how to do this, and why it's so cumbersome.. IIUC this procedure would also allow PRs from forks to operate the same as any other, a huge win.

Comment by Ankita Sen [ 27/Mar/23 ]

Have started the set up in UI-USERS repo

Comment by John Malconian [ 28/Mar/23 ]

Let me know if I can help Ankita Sen.

Comment by Khalilah Gambrell [ 10/Apr/23 ]

Hey Ankita Sen. Any updates on this issue? 

Comment by Ankita Sen [ 20/Apr/23 ]

Hi Khalilah Gambrell the set-up is done. Will push the changes and update here today !!

Comment by Ankita Sen [ 24/Apr/23 ]

The ui-users repository is now configured to have test results published from Dependabots

Generated at Thu Feb 08 23:29:57 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.