Support for cross-repository dependencies #2
Comments
|
Hey @nesl247 , thank you for opening this! Yeah, working with dependencies across repositories sounds cool. Technically, at least for the automatic status update, it's limited to the repositories the bot has gained access once installed! Would you need to include dependencies from "external" repositories? I will take a look to see what I can do ;) |
|
@nesl247 it's not possible for me to support cross-repo deps for all repositories. I may only support repositories allowed per installation e.g. if you installed the app on |
|
Yeah, that’s all I really need. Thanks so much. |
|
@ahmed-taj could you clarify why it's not possible? It seems that the check here can access issues of any public repository. Or am I missing something? |
|
Good question @laughedelic! The app mainly listens to issue events(opened,closed), when an issue is closed we check if it's a dependecy of an open PR and update that PR's state accordingly! The only - official - way to get issue events is through subscribing to GitHub webhooks. But you can't unless the owner of that repository installed the app and authorized access to it. In short, we won't get events when those public repository (who their owners haven't installed our little app - 99.9% of repos) issues updated. And yes, we also run checks on a PR if new commits have been pushed to it, but that is just a double-check in case some webhooks failed to be delivered to the app due the current infrastructure limitations (free heroku plan). I hope it's clear now :) |
|
@ahmed-taj thanks for the explanation, I understand now where the limitation comes from: it's about event updates, not the state checks. But what if look at it from a different angle:
So if you already check PR's status whenever it's updated, you could check any external issue-dependencies. Add a listener for any kind of PR update (comments, reviews, pushes, labels, etc.) and check dependencies states (regardless of whether they are external or not). What do you think about this approach? |
I dont this will work because an event will only be generated when a webhook is subscribed to. |
|
@rsarky you don't need to install the bot on other repos to check their issues (assuming repos are public). Here's a simple example:
What does the bot do:
Notice that it doesn't need to react on events from I agree that it's less efficient, but I'm just showing that it's possible to handle external dependencies. |
|
So what you are proposing is instead of subscribing to events from an external repo we passively check if the external dependencies are open or closed? |
|
@rsarky correct. |
|
Hmmm. |
|
@rsarky currently the app mainly listens for pull request open/close events: If I understand @laughedelic 's proposal correctly. We will need to listen to more PR related events e.g. pull_request_review, pull_request_review_comment ..etc. in order to re-check and update PR accordingly ASAP. Then we will need to modify our matching regex to support external repo referencing To somthing like this (not tested): const pattern = /depend(?:s|ed)?(?:[ \t]+(?:up)?on)?[ \t]+((?:[\w-.]+\/[\w-.]+)?#\d+)/giBy the way, technically, the app actually receives some other PR events like
Depends on how often that PR changes |
|
@ahmed-taj right. I'm glad that I could explain my idea in the end. Technically you can subscribe to all events from pull-requests:
|
|
So on any of the above actions we poll the external repo dependncies for their status right? |
@rsarky yup |
|
We're trying to simulate updates that are triggered by an external repository by checking with whatever events we get from the current repository. I think it makes sense, if we're going to implement a hack like this, we should do it on any event that won't be recursive (if there's an event for "update a status", then we shouldn't do the check for that). And it should check all pull requests for each of those events, so that it doesn't even need to be related to the pull request in question in order to update the status for the external repository. This is a not insignificant overhead. But I'll let @ahmed-taj decide if the trade-offs are worthwhile. |
|
Thumbs up, that's exactly what we're looking for react-native and react-native-website. Some pull requests in the documentation depends on pull request in the core repo and at the moment we handle this manually. I think this bot could be a great improvement in the process flow. Additionally, if the bot could also comment in the PRs to notify us that would be great. I can submit a PR with that once the cross-repository will be available. Keep us up-to-date. |
|
Thank you all for sharing your thoughts, I really appreciate it 🙌 @charpeni consider this real example: facebook/react-native-website#401 which depends on facebook/react-native#19627 None of these events would actually trigger an update (cc @laughedelic ):
For the example above, I don't see any event will ever be triggered on that specific PR. While it's possible to listen to some more events (e.g. push, issues, ...etc), the more we add the more likely the app would hit GitHub API limits (and resources limit - at least for the hosted version at https://probot-dep.now.sh).
I don't know but, what if we only listened to |
|
It might make sense to have a way to manually reevaluate checks. Might be able to make use of checkrun actions https://developer.github.com/v3/checks/runs/#parameters. |
|
Hi guys, any updates about this enhancement, I tested this dep app and looks exactly what we need currently in our company, the only problem is that dep doesn't support cross repository dependencies, seems like the fix is just to update the regex matching pattern and extend it to match pull request urls as well. |
Can you refer to the PR? |
Thanks for your interaction, I see sign of life here 😄 |
|
@SouhaibBenFarhat that PR was not actually related. Regarding this. I'm afraid I don't have much time to work on this anytime soon. Please feel free to submit a pull request. |
|
I will try to investigate and see how things works with probot and octokit, try to implement something in the next few days, Thanks for your interaction. You did a very nice job. 👍 |
|
@SouhaibBenFarhat was you able to find the solution for linking cross-repo PRs? |
|
Hey everyone I hope you are doing well. I was able to build a new GitHub action that replaces this bot. The new action is more robust and has a few more features like customizing the keywords, label, and handling of cross-repository dependencies 🎉 Please check it out at https://github.com/z0al/dependent-issues This bot is now deprecated and I will be archiving this repository in the upcoming days. Thanks. |
It would be awesome if this would work across repositories. That's actually the reason we looked into this bot.
The text was updated successfully, but these errors were encountered: