Vet and update the required tests. #2154
Assignees
Labels
bug
Something isn't working
Comments
|
Ugh, the failures are expected on the dependabot PRs. The e2e tests run with secrets, and shouldn't run at all on PRs. But dependabot somehow triggers PRs that look as if they were pushed to the main fork, but don't have access to the secrets. We need to just stop those from running if it's a dependabot PR. |
|
updated the repo and add the config in the automation |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
We should go through the required tests here:
https://github.com/sigstore/community/blob/main/github-sync/github-data/repositories.yaml#L137
And figure out what are real required tests that must pass before a commit is merged. Right now it looks a bit light :)
I think this is a problem since PRs that have failing tests will merge, especially if folks use 'enable auto-merge' and expect that the PR will not merge if all the tests pass.
And indeed, it seems that for example, here's one that had failures but was merged.
#2150
https://github.com/sigstore/cosign/runs/7791224163?check_suite_focus=true
Or here:
https://github.com/sigstore/cosign/pull/2071/checks
That had bunch of failures.
https://github.com/sigstore/cosign/actions/runs/2671639620
Version
HEAD
The text was updated successfully, but these errors were encountered: