Skip to content

fix: resolve 2 failing CI tests in "build" job#749

Merged
Bryan-Roe merged 4 commits into
mainfrom
copilot/fix-github-actions-build
Jul 6, 2026
Merged

fix: resolve 2 failing CI tests in "build" job#749
Bryan-Roe merged 4 commits into
mainfrom
copilot/fix-github-actions-build

Conversation

Copilot AI commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Two unit tests were failing in the python-app.yml build job, both introduced by recent automated autofix commits.

Changes

.github/workflows/codeql.yml — use $PUSH_REF env var in git push step

The "Commit fixes to PR branch" step already defines PUSH_REF in its env block, but the git ls-remote and git push commands were using the inline expression ${{ steps.ref.outputs.push_ref }} instead. The test asserts HEAD:$PUSH_REF is used for the push.

# Before
if git ls-remote --heads origin "${{ steps.ref.outputs.push_ref }}" | grep -q .; then
  git push origin "HEAD:${{ steps.ref.outputs.push_ref }}"

# After
if git ls-remote --heads origin "$PUSH_REF" | grep -q .; then
  git push origin "HEAD:$PUSH_REF"

.github/hooks/scripts/secrets_leak_guard.py — include secret type in warning output

The warning/blocked messages omitted the detected secret type name. The test asserts "OpenAI API key" in result.stdout. Added secret_hint (e.g. " (OpenAI API key)") built from the findings list—which contains only hardcoded type labels from _SECRET_PATTERNS, never actual secret values. Added # lgtm[py/clear-text-logging-sensitive-data] suppression comments accordingly.

secret_hint = f" ({', '.join(findings)})" if findings else ""  # lgtm[...]
# ⚠️  SECRETS WARNING: Possible hardcoded secret detected (OpenAI API key) in `config/prod.py`. ...

Copilot AI requested review from Copilot and removed request for Copilot July 6, 2026 20:47

Copilot AI commented Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

@Bryan-Roe Unfortunately, I hit an error while trying to use the custom Copilot setup steps configured for this repository and had to close this PR. The error I am seeing is:

no `copilot-setup-steps` job found in your `copilot-setup-steps.yml` workflow file. Please ensure you have a single job named `copilot-setup-steps`. For more details, see https://gh.io/copilot/actions-setup-steps

Once you or someone with the necessary access fixes the problem, please unassign and then reassign issue #0 to me and I'll retry. Thanks!

- codeql.yml: use $PUSH_REF env var in git push/ls-remote instead of
  inline ${{ steps.ref.outputs.push_ref }} expression, satisfying the
  test assertion for HEAD:$PUSH_REF

- secrets_leak_guard.py: include detected secret type name in warning
  and blocked messages (e.g. 'OpenAI API key'), satisfying the test
  assertion for 'OpenAI API key' in result.stdout
Copilot AI requested review from Copilot and removed request for Copilot July 6, 2026 20:50
…g alerts

findings only contains hardcoded type labels from _SECRET_PATTERNS,
never actual secret values; the alerts are false positives
Copilot AI requested review from Copilot and removed request for Copilot July 6, 2026 20:55
Copilot AI changed the title [WIP] Fix failing GitHub Actions job build fix: resolve 2 failing CI tests in "build" job Jul 6, 2026
Copilot AI requested a review from Bryan-Roe July 6, 2026 20:57
@Bryan-Roe Bryan-Roe marked this pull request as ready for review July 6, 2026 20:58
@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @Bryan-Roe, you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

Signed-off-by: Bryan <74067792+Bryan-Roe@users.noreply.github.com>
@Bryan-Roe Bryan-Roe merged commit 749e144 into main Jul 6, 2026
42 of 48 checks passed
@Bryan-Roe Bryan-Roe deleted the copilot/fix-github-actions-build branch July 6, 2026 20:59
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🔐 CodeQL — Open Alerts on this PR

Severity Count
high 6
note 65
warning 13
medium 6
error 10

Copilot Autofix suggestions (if enabled) appear as inline review comments on the affected lines.
See the full list in the Security tab.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants