Import from GitHub API can ignore target_namespace
Summary
When importing from GitHub, the required target_namespace
parameter will create groups/subgroups as needed. There are some instances in which the group creation happens but the project import will fall back to the user's namespace.
Steps to reproduce
- for GitLab: Use a group access token
- Import a GH project using the GitLab API
- Specify a subgroup that doesn't already exist for
target_namespace
This isn't guaranteed to happen. It seems like the importer will create subgroups as needed, so when importing multiple projects only the first one will fall under the bot account's namespace. This may be a race condition, so if group creation is delayed the bot account will inherit the project and subsequent imports will work as expected.
Example Project
N/A
What is the current bug behavior?
Some imports go to the bot account's namespace when using the GH import and a group is created
What is the expected correct behavior?
We should not fall back to the user namespace if the target_namespace
is blank or doesn't exist, which is what currently happens.
target_namespace
is required attribute, if passed as blank, user should see an error, like target_namespace cannot be blank. Please provide an existing namespace.
The user needs to provide an existing namespace which can be their own user namespace or an existing group that they have permission to import a project into. If the conditions don't match we should return an error to the user in UI and API before importing or creating anything.
In other words, if user wants to import to a group and has no group on GitLab they can import into, they should first create a group. This info should be added to error message that user receives with failed attempt.
This all needs to be documented. /cc @eread
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
See logs here for example (internal only)
See ticket (internal only) for more exampes
Results of GitLab environment info
N/A
Results of GitLab application Check
N/A
Possible fixes
Fix affects GitHub and Gitea importers.