Skip to content

Improve in-stackrox-repo check, remove TODO#226

Open
mclasmeier wants to merge 1 commit into
mainfrom
mc/stackrox-repo-check
Open

Improve in-stackrox-repo check, remove TODO#226
mclasmeier wants to merge 1 commit into
mainfrom
mc/stackrox-repo-check

Conversation

@mclasmeier

@mclasmeier mclasmeier commented Jun 30, 2026

Copy link
Copy Markdown
Collaborator

Fix stackrox repository detection for forks and HTTPS clones

Check all remotes instead of only origin, and match both SSH and HTTPS URL variants with and without .git suffix. Fixes #91.

@mclasmeier mclasmeier requested a review from porridge June 30, 2026 09:23
@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

IsInStackroxRepository() in internal/env/env.go is updated to run git remote -v and iterate all remote URLs instead of fetching only the origin URL. A new helper isStackRoxRepositoryRemote() handles URL normalization and matching against StackRox SSH/HTTPS forms.

StackRox Repository Detection

Layer / File(s) Summary
Multi-remote StackRox detection
internal/env/env.go
IsInStackroxRepository() now parses all lines from git remote -v, returning true if any remote URL matches StackRox GitHub SSH or HTTPS forms via isStackRoxRepositoryRemote(). The single hard-coded origin comparison is removed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

Poem

🐇 No longer just one origin in sight,
I hop through all remotes with delight!
SSH or HTTPS, I'll find the trail,
Trimming .git so checks never fail.
Every remote gets its moment to shine~ ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 25.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main change: improving the in-stackrox-repo check and removing a TODO.
Linked Issues check ✅ Passed The change addresses the linked review TODO by broadening repository detection and removing the remaining TODO as described in #91.
Out of Scope Changes check ✅ Passed The PR stays focused on repository detection in env.go and does not introduce unrelated changes.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch mc/stackrox-repo-check

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
internal/env/env.go (1)

330-334: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low value

Matching is limited to two exact URL forms.

The helper only matches the scp-style SSH form (git@github.com:stackrox/stackrox) and the plain HTTPS form. Remotes using ssh://git@github.com/stackrox/stackrox, a trailing slash, or differing host case would not match and fall through to the default tag path. If those forms are realistic in your environments, consider normalizing further; otherwise this is fine as-is.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/env/env.go` around lines 330 - 334, The repository remote check in
isStackRoxRepositoryRemote is too strict and only matches two exact URL forms.
Update this helper to normalize additional realistic remote variants, such as
ssh://git@github.com/stackrox/stackrox, an optional trailing slash, and
host/path case differences, before comparing so valid StackRox remotes don’t
fall through to the default tag path.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@internal/env/env.go`:
- Around line 330-334: The repository remote check in isStackRoxRepositoryRemote
is too strict and only matches two exact URL forms. Update this helper to
normalize additional realistic remote variants, such as
ssh://git@github.com/stackrox/stackrox, an optional trailing slash, and
host/path case differences, before comparing so valid StackRox remotes don’t
fall through to the default tag path.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Enterprise

Run ID: b2a0b774-222a-4ac2-a905-079f705c8b37

📥 Commits

Reviewing files that changed from the base of the PR and between 189e745 and 51412bd.

📒 Files selected for processing (1)
  • internal/env/env.go

@mclasmeier mclasmeier force-pushed the mc/stackrox-repo-check branch from 51412bd to efb31a0 Compare June 30, 2026 09:36
Comment thread internal/env/env.go
Comment on lines +332 to +334
return remote == "git@github.com:stackrox/stackrox" ||
remote == "https://github.com/stackrox/stackrox" ||
remote == "ssh://git@github.com/stackrox/stackrox"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems a bit fragile.. maybe it would be enough to check if the two last components are stackrox/stackrox? 🤔
Or even just the last one, so we allow clones of forks which don't have an upstream remote configured?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Address review of AI-generated code

2 participants