Get tests passing #75
Conversation
|
Hi @felipedmesquita, Thank you for your contribution. Unfotunately, having hard coded credentials is not a good practice and it should be avoided at all costs. We will work on fixing the CI issues so that they stop occurring, but for the moment we will have to close this PR since it goes against our quality and security guidelines. |
|
I understand that hardcoded credentials go against security guidelines and only opened this pr because I was able to get the tests passing without introducing any new hardcoded credentials. env:
TEST_ACCESS_TOKEN: ${{ secrets.test_acess_token }}
PROD_ACCESS_TOKEN: ${{ secrets.prod_acess_token }} |
|
Hi @felipedmesquita. Any contribution to our code base is more than welcome. The hardcoded credentials were introduced before we had Github actions, and we want to remove them from all repositories in the future. Both your suggestions are acceptable. IMHO, I'd go with fixing tests without touching the credentials, since they only require review from our part. In any case, I'll ask you to open a new PR if you decide to submit new code to the repository. |
Tests used a mixture of test and production credentials (of test accounts), also a couple tests used an ENV var lookup. Since the GitHub Action in this repo does not seem to have ENV['ACCESS_TOKEN'] set, I've replaced those occurrences with either the production or test credentials used in the other tests. It seems confusing to me exactly when each is needed and I would love to pair with one of the maintainers to work out how this works and what's the best example to set with the test code. Maybe even implement request mocks to avoid error 500 flakiness. But for now, all tests are green.
I had to modify few details on the test customer (change email, remove zip) to avoid weird errors, and also linted out a couple misplaced spaces.