gitstream icon indicating copy to clipboard operation
gitstream copied to clipboard

Published 20 hours ago verified publisher icon linear-b

gitStream not working in one of repository in our organization, but it works in my personal repository.

Open Sekhar9581 opened this issue 2 years ago • 11 comments

Describe the bug First, I have tried GITStream with few automation actions in my personal GitHub repository, it worked fine. But same not working in one of repository of our organization. I have installed GITStream in a repository and added gitstream.cm and gitstream.yml file properly, still I cannot see any action running. Tried with different automations, nothing works. Do I need to focus on any organization/repository settings? A clear and concise description of what the bug is.

To Reproduce

Steps to reproduce the behavior:

  1. The .cm automation file
  2. The PR URL (as it contains the repo and PR identifiers)
  3. Describe your PR relevant content
  4. Add relevant commit SHA

Expected behavior

A clear and concise description of what you expected to happen.

Screenshots gitstream

If applicable, add screenshots to help explain your problem.

Additional context

Add any other context about the problem here.

Sekhar9581 avatar May 25 '23 07:05 Sekhar9581

@Sekhar9581 Thank you for giving gitStream a try!

Check the following:

Go to https://github.com/apps/gitstream-cm/installations/new and check that under Repository access you selected either All or the repositories you want gitStream to work in.

Check you see the following directory strcuture in your repo:

.
├─ .cm/
│  └─ gitstream.cm
├─ .github/
│  └─ workflows/
│     └─ gitstream.yml

If these steps doesn't help, please check the Action tab, and see if it includes gitStream runs.

Let me know if it worked

vim-zz avatar May 25 '23 08:05 vim-zz

Thanks for responding. Verified that I have selected only one repository for access and I can see gitStream under Settings>Github Apps and gitstream.cm and gitstream.yml are placed in proper directory. I cannot see any workflows in Actions tab. gitstream gitstream

Sekhar9581 avatar May 25 '23 11:05 Sekhar9581

Does both files merged to the default branch?

.
├─ .cm/
│  └─ gitstream.cm
├─ .github/
│  └─ workflows/
│     └─ gitstream.yml

vim-zz avatar May 25 '23 11:05 vim-zz

Yes. I have main(default) and test branches, both are having the cm and yml files. Im making changes in test branch and trying to merge into main through pull request. I cannot see gitstream running as shown in below snap gitstream

Sekhar9581 avatar May 25 '23 12:05 Sekhar9581

It seems that gitStream service isn't triggered by GitHub on your pull request, therefore it doesn't run the GitHub action at all. Can you share the org name you installed gitStream for (it's the 2nd element in the PR URL, right after https://github.com)? It will help to make sure that it was installed properly

vim-zz avatar May 25 '23 13:05 vim-zz

Sure, here it is 'https://github.com/Ocwen-Financial/gitstream'

Sekhar9581 avatar May 25 '23 14:05 Sekhar9581

@Sekhar9581 we see an issue with gitStream access to your org. Please add gitStream app to your authorized IPs, see GitHub instruction: https://docs.github.com/en/enterprise-cloud@latest/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization#allowing-access-by-github-apps

vim-zz avatar May 28 '23 08:05 vim-zz

Hi @vim-zz took some time to get back to you. Before enabling IP allow list for installed GitHub Apps, I have some queries. Can you please help me to understand below?

  1. How do I check the IP address of gitstream before enabling IP allow list?
  2. We are in a restricted environment and only allowed internal IPs for access. Is it safe to allow gitstream IP in our environment?
  3. Will gitstream expose my code to the outside world? If yes, what level of code will be exposed externally?

Sekhar9581 avatar Jun 15 '23 15:06 Sekhar9581

Hi @Sekhar9581

  1. Since gitStream is a GitHub app, you can automatically add to your allow list the IP addresses configured for GitHub apps that you install in your organization learn more here
  2. In this configuration, you allow to use gitStream app IP only to react on events that originated from GitHub while not allowing any other traffic from the IP of gitStream app
  3. gitStream doesn’t extract your source code. Like any other CI/CD automation, the source code is being scanned in the repo using your CI runners and is not shared with any external services

I hope it clarify things, let me know if you have more questions

vim-zz avatar Jun 19 '23 15:06 vim-zz

Hi @vim-zz Thanks for clarifying our queries. We have enabled IP allow list for installed GitHub Apps in our Organization. After enable IP allow list, I created new pull request. gitStream ran in the background while I was creating the pull request, but after sometime it showed as checks skipped. I have attached the screenshot. Please let me know if I missed anything. Thanks. gitStream

Sekhar9581 avatar Jun 28 '23 10:06 Sekhar9581

Hi @Sekhar9581 thanks for your patience with us.

Are you still having this issue? If so, do you see any errors in your GitHub Actions log for this?

BenLloydPearson avatar Sep 27 '23 13:09 BenLloydPearson