ci: deadmansnitch for code-cover-publish Github Action #137412
Conversation
Before the fix provided by cockroachdb#137298, this Github Action was silently failing. This PR configures a call to DeadManSnitch service to report when the Github Action was last successful. The service is configured to alert CRL internal team when no ping was seen in the last 24h. Epic: none Release note: None Signed-off-by: Ludovic Leroux <[email protected]>
|
This change is |
|
|
||
| - name: 'Call DeadManSnitch' | ||
| run: | | ||
| curl -X GET 'https://nosnch.in/c2d75963ee' -d 'message=Code coverage uploaded to GCS' |
There was a problem hiding this comment.
No auth/API key is needed for this? Wondering if the url should be a secret in that case - although admittedly I haven't looked into how DeadManSnitch works.
There was a problem hiding this comment.
No auth/API key needed.
About it being a secret, I kinda wondered the same thing, but we already have one publicly available in the repo, and the worst thing that can happen is that something reports the status in lieu of the action (granted that it defeats the purpose...).
Maybe @cockroach-dev-inf has an opinion?
There was a problem hiding this comment.
We don't typically have to keep these URL's secret -- the risk isn't huge.
If you want to make this one a secret, be my guest (although you've technically already "leaked" this one, so you should "rotate" it :) )
I'm not aware of any broad issue with third parties hitting these URL's and as mentioned the worst thing that can happen is we think the thing has reported a success when it hasn't.
|
TFTR! bors r=srosenberg,rickystewart,DarrylWong |
Before the fix provided by #137298, this Github Action was silently failing.
This PR configures a call to DeadManSnitch service to report when the Github Action was last successful. The service is configured to alert CRL internal team when no ping was seen in the last 24h.
Epic: none
Release note: None