Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: Error on SBOM import #3873

Closed
bdougie opened this issue Aug 6, 2024 · 6 comments
Closed

Bug: Error on SBOM import #3873

bdougie opened this issue Aug 6, 2024 · 6 comments
Assignees
Labels
🐛 bug Something isn't working

Comments

@bdougie
Copy link
Member

bdougie commented Aug 6, 2024

Describe the bug

When building an SBOM for nasa/open. Because I am importing for an SBOM, there 70+ repos and no indication of what is failing.

Screenshot 2024-08-06 at 12 50 43 PM

Failed on "eslint-plugin-no-unsanitized/issues"

Steps to reproduce

  1. Add a repository insight
  2. Import SBOM using "nasa/openmct"
  3. Hit create and confirm the error.

My suggestion is skipping the repos that error and let the user know it was skipped, but allow the insight to be created.

The insight does get created despite the error, and filled with unrelated repos. Note the three instances of them while I was trying to triage.

Screenshot 2024-08-06 at 12 51 38 PM

Copy link
Contributor

github-actions bot commented Aug 6, 2024

Thanks for the issue, our team will look into it as soon as possible! If you would like to work on this issue, please wait for us to decide if it's ready. The issue will be ready to work on once we remove the "needs triage" label.

To claim an issue that does not have the "needs triage" label, please leave a comment that says ".take". If you have any questions, please comment on this issue.

For full info on how to contribute, please check out our contributors guide.

@bdougie
Copy link
Member Author

bdougie commented Aug 6, 2024

I can't delete an insight without upgrading as well. This is a dark pattern, that we will need to update as well.

Screenshot 2024-08-06 at 12 53 38 PM

When I click upgrade, I don't see delete. That might be annoying users.

Screenshot 2024-08-06 at 12 55 14 PM

@zeucapua
Copy link
Contributor

zeucapua commented Aug 6, 2024

re: @bdougie

When clicking the upgrade from the modal, it takes you to the workspace settings since it has the option, not the repository insight settings. The fact that the insight settings are gated behind an upgrade is confusing via the UI. You can get around this by changing the URL directly from .../dashboard to .../edit to get to the settings.

  • Should I make an issue to only block the 'Update Workspace' button on the insight's settings rather than gating the page altogether?

  • Are there options below that aren't allowed for non-upgraded users if the insight/workspace is above the limit? Eg. Users shouldn't be able to edit the repositories on creation if over the limit?

image

@brandonroberts
Copy link
Contributor

I'll get a fix in on the API side for the repository import. The repository URL for the one that caused the failure is https://github.com/mozilla/eslint-plugin-no-unsanitized/issues

@brandonroberts
Copy link
Contributor

@zeucapua Yea, they should be able to edit the repository insight if only to be able to delete it even if they are over the overall repository limit.

@brandonroberts
Copy link
Contributor

Fixed parsing of the repository full names in the API for SBOM generation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🐛 bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants