Feat: Private tasks list #24
Conversation
|
I added it to devpool-directory-private |
|
Before addressing the tag comment make sure it displays the issues first
|
It can't show issues right now, it'd have to fetch from my account as the main private in ubiquity isn't setup yet.. the APP_ID and APP PRIVATE KEY isn't visible on the private repo, it needs it on the repository level |
|
Once that's done, it'd begin to fetch the private repos |
|
Oops, this commit also contains the toggle in progress. and I do not know why the Cloudlfare deploy is failing No logs @pavlovcik |
|
I think just display the issues without a switch or anything for testing? |
It displays by default, the ubiquity/devpool-directory-private has no issues yet, or should I use my repo for test and we'd change the variables before merge |
|
The ubiquity private devpool isn't working yet because of the secrets issue. The app I'd and private key would need to be copied to the repo level |
|
@pavlovcik can we move the secrets to |
|
For the TWITTER secrets, I'd use placeholders.. I cannot use mine as a test here because you don't have access to my private org |
|
https://stackoverflow.com/questions/63567888/using-secrets-in-github-workflows-for-private-repositories Even though app_id is on org, it cannot see it: https://github.com/ubiquity/devpool-directory-private/actions/runs/8131360278/job/22220594249 Mine on the same code: https://github.com/devpanther/devpool-directory-private/issues (invited you) , the keys should be moved to the repo-level |
|
View when I use my personal repo in the variable for test |
I can take a look in a little bit. |
Its done Nothing in the UI suggests that the org secrets won't work here, but give it a shot. |
devpanther
force-pushed
the
private-tasks-list
branch
from
d7913f6
to
0c0ee91
Compare
|
@pavlovcik its ready for test, I tried to log in on the test URL provided by Cloudflare.. the GitHub callback redirected me to the main work URL |
It doesn't work. You need to intercept the auth hash in the URL. Copy it then paste it into the continuous deploy link. 
|
Okay, I'm working on deleting the cached tasks when you log in.. because the previous tasks are cached that is why you can't see privates |
|
@devpanther How can I QA this PR?
Correct? |
I'm quite fit for the position |
We have somethings that needs to be done so we can QA. The 0Auth Bot used for signin on work.ubq.fi needs to be added to the |
|
And then the bot needs to be given the permissions i listed above, it needs members access on org-level and issues permission on repo-level.. that was it can check if a user is part of an org and get issues even when its private |
Once we get that done, then the QA is pretty much straightforward like this |
|
I have my 0Auth bot installed on https://github.com/ubiquity/devpool-directory-private right now, the official 0Auth should be installed there too after adding the permissions |
You sure that OAuth apps can be added directly to repositories? I can't find such option in the settings: |
Oh, i see now, unfortunately, that won't work for this feature. its hit its limit with this one, why don't we make use of the official ubiquity bot for sign-ins too. Or we can just change this OAuth Bot to a normal bot and install it on the devpool-private and that's it |
|
@rndquu If it's going to be too tasking. I can create the bot, request for it to be added to the private repo and then transfer ownership. The bot would be need to be added to supabase to replace the OAuth after that |
|
I don't understand why we need to add additional github apps to read issues from private repos. From what I understand, if you are authenticated via github and your PAT has access for any private repo issues then you can use that PAT to read issues, right? Right now when I'm authenticated via github I'm getting this error: I guess we should check that authenticated user is either a collaborator in a private repo either a member of an organization. |
You are getting that error because the OAuth can't even check if the user is part of the org because it does not have the scope to do that. The error is from the octokit function |
OAuth only have right to sign you in and read your profile, in this case we'd need a scope to specifically read repos and private repos.. supabase won't allow you set scopes so we have to use an app, not OAuth app |
|
I'v tried to create an OAuth app too and trust me, it doesn't work |
Did you try https://supabase.com/docs/reference/javascript/auth-signinwithoauth?example=sign-in-with-scopes ? |
@rndquu That worked, this is what it showed afterwards.. i think the repo owners would have to approve the OAuth bot to access their private repos Can you accept mine so i can test? |
|
It should work now, you'd have to send a request with the OAuth app too and it should be able to access with this scope Totally missed that doc, thank you |
|
Btw, I see there is a PR to remove this Cypress run failing.. when'd it be merged, i don't like to see fails |
|
@pavlovcik I think this is done, except the failing test |
Resolves #2