Skip to content

Import from GitHub API can ignore target_namespace

Summary

When importing from GitHub, the required target_namespace parameter will create groups/subgroups as needed. There are some instances in which the group creation happens but the project import will fall back to the user's namespace.

Steps to reproduce

  • for GitLab: Use a group access token
  • Import a GH project using the GitLab API
  • Specify a subgroup that doesn't already exist for target_namespace

This isn't guaranteed to happen. It seems like the importer will create subgroups as needed, so when importing multiple projects only the first one will fall under the bot account's namespace. This may be a race condition, so if group creation is delayed the bot account will inherit the project and subsequent imports will work as expected.

Example Project

N/A

What is the current bug behavior?

Some imports go to the bot account's namespace when using the GH import and a group is created

What is the expected correct behavior?

We should not fall back to the user namespace if the target_namespace is blank or doesn't exist, which is what currently happens.

target_namespace is required attribute, if passed as blank, user should see an error, like target_namespace cannot be blank. Please provide an existing namespace.

The user needs to provide an existing namespace which can be their own user namespace or an existing group that they have permission to import a project into. If the conditions don't match we should return an error to the user in UI and API before importing or creating anything.

In other words, if user wants to import to a group and has no group on GitLab they can import into, they should first create a group. This info should be added to error message that user receives with failed attempt.

This all needs to be documented. /cc @eread

Relevant logs and/or screenshots

Output of checks

This bug happens on GitLab.com

See logs here for example (internal only)

See ticket (internal only) for more exampes

Results of GitLab environment info

N/A

Results of GitLab application Check

N/A

Possible fixes

Fix affects GitHub and Gitea importers.

Edited by Tetiana Zavediuk