Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Figure out the future of the OSPR Bot #289

Open
kdmccormick opened this issue Dec 16, 2021 · 4 comments
Open

Figure out the future of the OSPR Bot #289

kdmccormick opened this issue Dec 16, 2021 · 4 comments
Labels
discovery Pre-work to determine if an idea is feasible

Comments

@kdmccormick
Copy link
Member

kdmccormick commented Dec 16, 2021
edited
Loading

Decoupling questions

In light of the edX-tCRIL decoupling and increasing distribution of code ownership...

Who will depend on the bot, and for what?

  • edX: creating and linking Jira tickets for each OSPR on the Jira project of the owning team.
  • tCRIL: putting OSPRs on our team project board for code we own?
  • others firms: pushing to their preferred issue tracking system when a PR is opened on owned code?
  • tCRIL: automating the CLA flow by hooking into Salesforce.
  • anything else?

Who will maintain the bot?

  • edX Arch-BOM?
  • tCRIL?

Where do bot-related issues go?

  • edX Jira, in the BOM project?
  • this tcril-engineering GitHub repo?

Other issues

Cataloging these here until we have a proper place for issues.

Personal access token vs App

Until recently, the OSPR bot was implemented as an OAuth App in GitHub. Because the openedx GitHub org is configured not to allow arbitrary OAuth Application access, we either needed to
(i) do the legwork to make the OSPR bot an approved OAuth App, or
(ii) change the bot to use a personal access token from the openedx-webhooks account, or
(iii) change the openedx GitHub org to allow arbitrary OAuth application access.

We took approach (ii).

We have some concern that because this is not the "proper" way to integrate with GitHub (they technically have a one-user-account-per-human policy) that this may expose us to being rate-limited more aggressively than if it were a proper OAuth App or GitHub App (which, mind you, are different things). For now, we've decided to proceed with a personal access token, with Ned keeping an eye on the logs to see if we're approaching or hitting a rate limit.

In the future, though, it would probably be prudent to turn the OSPR bot into an approved GitHub App or OAuth App.
@kdmccormick
Copy link
Member Author

@nedbat , @feanil , @Carlos-Muniz

@sarina
Copy link
Contributor

sarina commented Jan 5, 2022

openedx/axim-engineering#37

@sarina sarina closed this as completed Jan 5, 2022
@sarina
Copy link
Contributor

sarina commented Jan 5, 2022

hahaha oh nevermind

@sarina sarina reopened this Jan 5, 2022
@jmakowski1123
Copy link

Target Q1/early Q2 for discovery work. Next step - write acceptance crit re: ?s stated above.

@jmakowski1123 jmakowski1123 added the discovery Pre-work to determine if an idea is feasible label Jan 24, 2022
@kdmccormick kdmccormick transferred this issue from openedx/axim-engineering May 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discovery Pre-work to determine if an idea is feasible
Projects
Axim Roadmap: Backlog and Epics
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sarina @kdmccormick @jmakowski1123