action #116845
Updated by okurz over 1 year ago
## Observation
CI jobs like https://gitlab.suse.de/okurz/salt-states-openqa/-/jobs/1147783 complain with
```
$ git clone --depth 3 https://osd_deployment_ci:${PILLARS_CLONE_TOKEN}@gitlab.suse.de/openqa/salt-pillars-openqa /srv/pillar || echo "Copy pillar access token to …"
Cloning into '/srv/pillar'...
remote: HTTP Basic: Access denied
fatal: Authentication failed for 'https://gitlab.suse.de/openqa/salt-pillars-openqa/'
```
I thought I would have such credentials, maybe something got lost or expired. It turned out I need to But there is no mention in the README nor helpful error message pointing me to what to do.
## Acceptance criteria
* **AC1:** CI jobs for salt-states-openqa work without users needing to set any salt pillar credentials or clear instructions exist
## Suggestions
* Make sure tests run without cloning salt pillars in merge requests, e.g. with a mocked pillar directory that is symlinked to /srv/pillar
* Alternative: Add something to the README or at best within the CI script telling user with a hint what to do and consider how people who don't have access would be able to contribute
* Alternative: Encrypt the pillar sensitive data so that we can make the pillar repo public again because tests don't need to care about individual values