Hey everyone :wave: We have <tap-fleetio> and ever...
# singer-tapsj
john_mizerany
09/12/2024, 5:28 PMHey everyone đź‘‹ We have tap-fleetio and everytime there is update from dependabot (singer_sdk, requests, etc) the pytest suite gives us a 401 response back from our API, but we have this running in a production pipeline with the same API credentials. Does anyone have an inclination what might be going on?
đź‘€ 1
âś… 1
v
visch
09/12/2024, 5:33 PMI'd dive into the request and be sure it has all the information you expect. Maybe a config value isn't being set the way you think it is?
j
john_mizerany
09/12/2024, 5:34 PMYeah, the strange thing is this has happened before. What fixed it previously was upgrading the singer_sdk to the latest version
john_mizerany
09/12/2024, 5:35 PMBut, we have a dependabot PR that is updating the singer_sdk to the latest version and that’s also causing the same issues. So I feel this is something else
e
Edgar RamĂrez (Arch.dev)
09/12/2024, 5:53 PMHi @john_mizerany, so you set secrets in your repo and they are normally used in CI, but in dependabot PRs them seem to not be used?
âž• 1
j
john_mizerany
09/12/2024, 5:54 PMYes, the secrets in the repo are available for any CI or pr process
john_mizerany
09/12/2024, 5:54 PMThey are the same credentials we use in other pipelines
e
Edgar RamĂrez (Arch.dev)
09/12/2024, 6:01 PMGotcha. Dependabot expects its own set of secrets. It's a bit of duplication but I haven't found a way around it yet. In the Settings tab of your repo there's:
j
john_mizerany
09/12/2024, 6:01 PMOh that’s definitely what is going on
john_mizerany
09/12/2024, 6:01 PMOkay thank you
e
Edgar RamĂrez (Arch.dev)
09/12/2024, 6:02 PMI normally use the CLI to set those:
Copy code
gh secret set --env-file .env --app dependabotj
john_mizerany
09/12/2024, 6:02 PMThat’s why last time when I opened up a separate PR on my own it worked
đź‘Ť 1
2 Views