Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: PR creation fails without message #2445

Open
jasonkarns opened this issue Jun 3, 2024 · 7 comments
Open

Bug: PR creation fails without message #2445

jasonkarns opened this issue Jun 3, 2024 · 7 comments

Comments

@jasonkarns
Copy link

I have used the analyze and PR creation flow a couple of times on other repos in the same org, so I believe I have authorized corrrectly.

However, I'm now getting errors trying to create PRs for another repo in the same org: nodenv/.github.

There is no error message in the UI. After clicking the Create Pull Request, I get the dialog for the PR subject/description. I click Create Pull Request button again from the dialog. It says "creation can take up to 30sec" (as it did before).

About 15 seconds later, I get an error without a message. And no PR is opened on the repo.

image
@jasonkarns jasonkarns changed the title PR creation fails without message Bug: PR creation fails without message Jun 3, 2024
@varunsh-coder
Copy link
Member

@jasonkarns thanks for creating this issue! We have a known issue where if someone has created a PR for a repo in an org, the PR creation fails for the same repo name in a different org. It has to do with the fork of the repo that is created in the step-security-bot account.

I have deleted the previous fork of .github in the step-security-bot account for now, so it should work for you. We will address the root cause of the issue in the future.

@jasonkarns
Copy link
Author

@varunsh-coder ah, thanks! I can see that being problematic (especially considering the number of repos whose names are not optional. .github being a special repo that must have that name in order for it to be respected with GitHub's tooling.

@pSub
Copy link

pSub commented Jul 5, 2024

I think I'm having the same issue with my repository pSub/configs. I get an error without a message and when I look at the corresponding HTTP request, it contains the error 422 Object does not exist [] which indicates that it tries to find the commit of my repo in an different repo with an other name.

Edit: Indeed https://github.com/step-security-bot/configs is a fork of OpenAlly/configs.

Edit2: I think to fix this bug step-security needs to fork to step-security-bot/<username>-<repository> or something similar. I had a look at https://github.com/step-security/secure-repo/blob/main/Automate-PR/src/index.ts which seems to be the right place for this change, but I currently do not have the capacity to attempt a solid PR for this.

@varunsh-coder
Copy link
Member

@pSub I have deleted https://github.com/step-security-bot/configs for now, and so you should be unblocked.

We had tried to fork by specifying a different name and that was causing the fork process to be inconsistent. It would fail unexpectedly sometimes. We will try this again, may be the API has been improved since the last time we tried.

@pSub
Copy link

pSub commented Jul 5, 2024

@varunsh-coder Thank you. That unblocked me.

🤞 that the API has improved and this issue can be resolved!

@IEvangelist
Copy link

IEvangelist commented Jul 17, 2024

I was seeing this issue too, and I think I figured out why. @BillWagner and I were attempting to generate a PR for the dotnet/docs repo, and this would fail every time. I then noticed that the step-security-bot list of repositories was updating their existing docs repo, but it was originally forked from a different repo (by the same name).

With this theory in mind, I renamed my fork of the dotnet/docs repo to be named dotnet-docs, making it a unique repo for the step-security-bot. And then it worked...

image

My proposal is to have the step-security-bot create a unique fork name, that includes the organization to help ensure that collisions like this are avoided.

This is likely where you'd like to specify the fork name:

await originRepo.forks.create()

@BenWibking
Copy link

I'm an admin for https://github.com/quokka-astro/quokka and I'm seeing this same issue when trying to create a PR using https://app.stepsecurity.io/securerepo. This is the only repo I've tried running the tool on. Can you provide any assistance?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants