We use pipeline/commit statuses in gitlab to communicate the state of an external pipeline. However, if Hubcast is handling a merge request sync from a fork, it cannot POST any commit status, as it would require write permission to the fork's API endpoint.

See this issue: https://gitlab.com/gitlab-org/gitlab/-/issues/374133

Alternatives:

• write the external pipeline status to a comment within an MR and update it with changes

let me know if you know of others

edit: we can use this feature: https://docs.gitlab.com/user/project/merge_requests/status_checks in combination with commit statuses (if we have permissions)

edit2: nevermind

Status checks fail if they stay in the pending state for more than two minutes.

re: bot setup if using gitlab as the source repo

Gitlab does not provide a similar mechanism to Github apps, where a collection of permissions/webhooks can be "installed" to a repo.

From what I've seen in other examples (codecov, jenkins), the workaround is:

Instruct Hubcast users to create a "bot" account on the source Github instance. The account should have access at the Developer role.

• An access token with api and read_repository access would be provided as an env variable to hubcast along with the bot username.
• The bot user could be given access to many Gitlab groups or individual repositories by the administrators of those entities.
• The bot would set the status of pipelines and comment on PRs.

Downsides:

• each repository would need to configure a webhook to create events upon pushes, comments, and merge request changes
  • similar to the way we handle this for the destination, we could handle the creation of this webhook upon setup/register of the repository somehow
• how would we handle multiple webhooks? they would have the same URL of course, but should they also share webhook secrets?

the handlers and clients have names like GitLabSrcClientFactory and GitLabSrcHandler. I haven't changed the destination equivalents yet, or GitHub classes if there's a more attractive option available