Improve in-stackrox-repo check, remove TODO#226
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (2)
👮 Files not reviewed due to content moderation or server errors (2)
📝 Walkthrough🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
internal/env/env.go (1)
330-334: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low valueMatching is limited to two exact URL forms.
The helper only matches the scp-style SSH form (
git@github.com:stackrox/stackrox) and the plain HTTPS form. Remotes usingssh://git@github.com/stackrox/stackrox, a trailing slash, or differing host case would not match and fall through to the default tag path. If those forms are realistic in your environments, consider normalizing further; otherwise this is fine as-is.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@internal/env/env.go` around lines 330 - 334, The repository remote check in isStackRoxRepositoryRemote is too strict and only matches two exact URL forms. Update this helper to normalize additional realistic remote variants, such as ssh://git@github.com/stackrox/stackrox, an optional trailing slash, and host/path case differences, before comparing so valid StackRox remotes don’t fall through to the default tag path.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@internal/env/env.go`:
- Around line 330-334: The repository remote check in isStackRoxRepositoryRemote
is too strict and only matches two exact URL forms. Update this helper to
normalize additional realistic remote variants, such as
ssh://git@github.com/stackrox/stackrox, an optional trailing slash, and
host/path case differences, before comparing so valid StackRox remotes don’t
fall through to the default tag path.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yml
Review profile: CHILL
Plan: Enterprise
Run ID: b2a0b774-222a-4ac2-a905-079f705c8b37
📒 Files selected for processing (1)
internal/env/env.go
51412bd to
efb31a0
Compare
| return remote == "git@github.com:stackrox/stackrox" || | ||
| remote == "https://github.com/stackrox/stackrox" || | ||
| remote == "ssh://git@github.com/stackrox/stackrox" |
There was a problem hiding this comment.
This seems a bit fragile.. maybe it would be enough to check if the two last components are stackrox/stackrox? 🤔
Or even just the last one, so we allow clones of forks which don't have an upstream remote configured?
There was a problem hiding this comment.
What exactly do you consider to be fragile here?
I would imagine that checking for git@github.com:stackrox/stackrox and https://github.com/stackrox/stackrox covers 99% of the use-cases and ssh://git@github.com/stackrox/stackrox is (AFAIK) slightly more exotic, but valid as well.
So, unless we have clear indication (among our engineers) that some use-case is not covered, it would feel like over-engineering to me to try pushing this to 100%.
There was a problem hiding this comment.
The fact that we need to match against the transport is, is fragile IMO.
I also think roxie should be usable for any stackrox developer, not just "our" Red Hat engineers. StackRox as a project is already passively hostile against upstream contributions because so many pieces of the workflow depend on having write access to the repo. Let's not make it worse?
629ec20 to
9de8b01
Compare
Fix stackrox repository detection for forks and HTTPS clones
Check all remotes instead of only
origin, and match both SSH and HTTPS URL variants with and without.gitsuffix. Fixes #91.Summary by CodeRabbit
.gitsuffix, reducing false negatives.