Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: Only initialize what is needed #3663

Closed
pnacht opened this issue Nov 10, 2023 · 1 comment · Fixed by #3680
Closed

Feature: Only initialize what is needed #3663

pnacht opened this issue Nov 10, 2023 · 1 comment · Fixed by #3680
Labels
kind/enhancement New feature or request

Comments

@pnacht
Copy link
Contributor

pnacht commented Nov 10, 2023

Is your feature request related to a problem? Please describe.
#3464 shows a case (pytorch/pytorch) where a project is too big to be handled by the default values passed to the GraphQL client when running Scorecard.

However, this is the case even when running only Token-Permissions on pytorch:

scorecard --repo pytorch/pytorch --checks Token-Permissions
Error: RunScorecard: internal error: ListCommits:error during graphqlHandler.setup: internal error: githubv4.Query: non-200 OK status code: 502 Bad Gateway body: "{\n   \"data\": null,\n   \"errors\":[\n      {\n         \"message\":\"Something went wrong while executing your query. This may be the result of a timeout, or it could be a GitHub bug. Please include `9C92:7937:4AB1C92:9882206:654E36E9` when reporting this issue.\"\n      }\n   ]\n}\n"
2023/11/10 13:58:13 error during command execution: RunScorecard: internal error: ListCommits:error during graphqlHandler.setup: internal error: githubv4.Query: non-200 OK status code: 502 Bad Gateway body: "{\n   \"data\": null,\n   \"errors\":[\n      {\n         \"message\":\"Something went wrong while executing your query. This may be the result of a timeout, or it could be a GitHub bug. Please include `9C92:7937:4AB1C92:9882206:654E36E9` when reporting this issue.\"\n      }\n   ]\n}\n"

Looking at the code, I understand that Token-Permissions only uses the repo's tarball (fetched with the HTTP client) and doesn't rely on the GraphQL API. This check therefore shouldn't be impacted by issues setting up the graphQL client.

Describe the solution you'd like
Setup of each client should only happen if it will actually be used.
@pnacht pnacht added the kind/enhancement New feature or request label Nov 10, 2023
@spencerschrock
Copy link
Contributor

Looking at the code, I understand that Token-Permissions only uses the repo's tarball (fetched with the HTTP client) and doesn't rely on the GraphQL API. This check therefore shouldn't be impacted by issues setting up the graphQL client.

For most things, Scorecard does lazy evaluate clients. The problem is this particular query always runs since we put the commit SHA in the run metadata:

scorecard/pkg/scorecard.go

Lines 110 to 124 in 934f170

versionInfo := version.GetVersionInfo()
ret := ScorecardResult{
Repo: RepoInfo{
Name: repo.URI(),
CommitSHA: commitSHA,
},
Scorecard: ScorecardInfo{
Version: versionInfo.GitVersion,
CommitSHA: versionInfo.GitCommit,
},
Date: time.Now(),
}
commitSHA, err := getRepoCommitHash(repoClient)

That being said, there's other ways we can get this data. I'll take a stab at this

@spencerschrock spencerschrock mentioned this issue Nov 16, 2023
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement New feature or request
Projects
None yet
Milestone
No milestone
2 participants
@spencerschrock @pnacht