Stop using the github-app-token image #1414
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/retest |
chmeliik
force-pushed
the
no-github-app-image
branch
from
d98e149 to
cc62585
Compare
|
/retest |
chmeliik
force-pushed
the
no-github-app-image
branch
from
cc62585 to
24c794c
Compare
|
/retest |
chmeliik
force-pushed
the
no-github-app-image
branch
from
24c794c to
185c619
Compare
|
/retest |
chmeliik
force-pushed
the
no-github-app-image
branch
from
185c619 to
9efcd72
Compare
|
/retest |
chmeliik
force-pushed
the
no-github-app-image
branch
from
9efcd72 to
da4391c
Compare
|
/retest |
|
/retest |
1 similar comment
|
/retest |
|
/retest |
Replace the python jwcrypto library with the more readily available openssl tools. This is part of an effort to move away from the quay.io/redhat-appstudio/github-app-token image. Signed-off-by: Adam Cmiel <[email protected]>
Replace the python requests library with the python urllib library, which is part of the stdlib. This is part of an effort to move away from the quay.io/redhat-appstudio/github-app-token image. Signed-off-by: Adam Cmiel <[email protected]>
The quay.io/redhat-appstudio/github-app-token image is highly suspect. - It is a copy of quay.io/chmouel/github-app-token - an image in a personal namespace with unclear origins and content. - It has not been updated for 4 years. - It has 175 critical vlunerabilities according to quay.io. The update-infra-deployments task no longer depends on anything this image provides - replace it with a generic python image. Signed-off-by: Adam Cmiel <[email protected]>
chmeliik
force-pushed
the
no-github-app-image
branch
from
da4391c to
73cf32d
Compare
|
/test |
|
/retest |
chmeliik
force-pushed
the
no-github-app-image
branch
from
73cf32d to
6f05ec4
Compare
|
Seems to work
|
|
/test |
tnevrlka
reviewed
Sep 16, 2024
| @@ -301,8 +316,7 @@ spec: | |||
|
|
|||
|
|
|||
| def main(): | |||
| with open(os.environ['GITHUBAPP_KEY_PATH'], 'rb') as key_file: | |||
| key = key_file.read() | |||
| key_path = os.environ['GITHUBAPP_KEY_PATH'] | |||
There was a problem hiding this comment.
What if the GITHUBAPP_KEY_PATH is not set? Should it be handled?
There was a problem hiding this comment.
It will be a KeyError, same as before. But I can improve it
Handle the cases of GITHUB_APP_KEY_PATH not set / set to a non-existent file more gracefully. Signed-off-by: Adam Cmiel <[email protected]>
mmorhun
approved these changes
Sep 17, 2024
|
/retest |
tnevrlka
approved these changes
Sep 17, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
STONEBLD-2718
The quay.io/redhat-appstudio/github-app-token image is highly suspect.
personal namespace with unclear origins and content.
Update the update-infra-deployments task to no longer depend on anything this
image provides and replace it with a generic python image.