danger icon indicating copy to clipboard operation
danger copied to clipboard
verified publisher icon danger

What's the expected implementation for a request source "validates_as_ci" method?

Open sphanley opened this issue 2 years ago • 2 comments

I'm trying to understand the intended expectations around the validates_as_ci method of the RequestSource class. In the base class, it provides an implementation whose intention makes sense:

  # @return [Boolean] whether scm.origins is a valid git repository or not
  def validates_as_ci?
    !!self.scm.origins.match(%r{#{Regexp.escape self.host}(:|/)(.+/.+?)(?:\.git)?$})
  end

However, the subclasses seem to vary wildly in their approach to overriding this method. For example, Github just returns true. BitBucket Cloud and BitBucket Server both return true as well, but they don't seem as sure about it. VSTS will only return true if environment['BUILD_REPOSITORY_PROVIDER'] is equal to TfsGit, which will only be the case when running on an Azure Pipelines CI agent – meaning this RequestSource can't be used locally (something I tweaked in #1416). Gitlab uses this as a way to validate the format of its host, and returns a hard-coded value of true unless the validation raised an exception.

I'm having trouble wrapping my head around what it means, conceptually, for a Request source to "validate as CI". Isn't that the responsibility of a CI source? Is there a compelling reason for this method to exist, or should it be folded into validates_as_api_source? Or should child classes simply defer to the implementation of the parent class?

sphanley avatar Jan 26 '23 21:01 sphanley

if I recall, some environments can be just used for CI and others can be just used for code review and these were used to determine error messaging but it's been a few years now

orta avatar Jan 27 '23 10:01 orta

I'm trying to understand the intended expectations around the validates_as_ci method of the RequestSource class. In the base class, it provides an implementation whose intention makes sense:

  # @return [Boolean] whether scm.origins is a valid git repository or not
  def validates_as_ci?
    !!self.scm.origins.match(%r{#{Regexp.escape self.host}(:|/)(.+/.+?)(?:\.git)?$})
  end

However, the subclasses seem to vary wildly in their approach to overriding this method. For example, Github just returns true. BitBucket Cloud and BitBucket Server both return true as well, but they don't seem as sure about it. VSTS will only return true if environment['BUILD_REPOSITORY_PROVIDER'] is equal to TfsGit, which will only be the case when running on an Azure Pipelines CI agent – meaning this RequestSource can't be used locally (something I tweaked in #1416). Gitlab uses this as a way to validate the format of its host, and returns a hard-coded value of true unless the validation raised an exception.

I'm having trouble wrapping my head around what it means, conceptually, for a Request source to "validate as CI". Isn't that the responsibility of a CI source? Is there a compelling reason for this method to exist, or should it be folded into validates_as_api_source? Or should child classes simply defer to the implementation of the parent class?

U tell me I'm the victim I have a bad heart I can't do this on my own

Pinkyrose67 avatar Sep 29 '23 02:09 Pinkyrose67