Project

General

Profile

action #116845

Updated by okurz about 2 years ago

## Observation 
 CI jobs like https://gitlab.suse.de/okurz/salt-states-openqa/-/jobs/1147783 complain with 

 ``` 
 $ git clone --depth 3 https://osd_deployment_ci:${PILLARS_CLONE_TOKEN}@gitlab.suse.de/openqa/salt-pillars-openqa /srv/pillar || echo "Copy pillar access token to …" 
 Cloning into '/srv/pillar'... 
 remote: HTTP Basic: Access denied 
 fatal: Authentication failed for 'https://gitlab.suse.de/openqa/salt-pillars-openqa/' 
 ``` 

 I thought I would have such credentials, maybe something got lost or expired. It turned out I need to    But there is no mention in the README nor helpful error message pointing me to what to do. 

 ## Acceptance criteria 
 * **AC1:** CI jobs for salt-states-openqa work without users needing to set any salt pillar credentials or clear instructions exist 

 ## Suggestions 
 * Make sure tests run without cloning salt pillars in merge requests, e.g. with a mocked pillar directory that is symlinked to /srv/pillar 
 * Alternative: Add something to the README or at best within the CI script telling user with a hint what to do and consider how people who don't have access would be able to contribute 
 * Alternative: Encrypt the pillar sensitive data so that we can make the pillar repo public again because tests don't need to care about individual values

Back