From 5cb86c839438ae7c1758b81334f061f0bcc5095b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20Busqu=C3=A9?= <marc@lamarciana.com>
Date: Thu, 9 Feb 2023 15:37:57 +0100
Subject: [PATCH 1/2] Remove Slack notifications for CI failures

We were storing the Slack secrets on a CircleCI context [1]. Although we
were also passing them to forks [2], it resulted on unauthorized builds
for external contributions.

We could work around the issue in two ways:

- Having the secrets outside of any context, but that would compromise
 the security of the associated Slack channel for:
  - Send messages as @CircleCI notifications
  - Send messages to channels @CircleCI notifications isn't a member of
  - Upload, edit, and delete files as CircleCI notifications
- Using CircleCI logic statements [3] to conditionally run jobs when
`CIRCLECI_USERNAME` or `CIRCLE_PR_USERNAME` env vars [4] are in a list
of allowed users. However, that would be something difficult to
maintain, and there's no other way to check the user's role.

Given that we don't find those trade-offs to be acceptable, we remove
the integration for now.

[1] - https://circleci.com/docs/contexts/
[2] - https://circleci.com/docs/oss/#pass-secrets-to-builds-from-forked-pull-requests
[3] - https://circleci.com/docs/configuration-reference/#logic-statements
[4] - https://circleci.com/docs/variables/
---
 .circleci/config.yml | 37 +++++++++++--------------------------
 1 file changed, 11 insertions(+), 26 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 1ec2a9f0..56faee70 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -6,7 +6,6 @@ orbs:
   # to change this configuration every time a Solidus version is released
   # or goes EOL.
   solidusio_extensions: solidusio/extensions@volatile
-  slack: circleci/slack@4.9.3
 
 commands:
   setup:
@@ -20,44 +19,33 @@ commands:
             gem install bundler -v '>=2.3.21' --conservative
             bundle --version
 
-  notify:
-    steps:
-      - slack/notify:
-          event: fail
-          template: basic_fail_1
-          branch_pattern: master
-
 jobs:
   solidus-master:
     executor:
       name: solidusio_extensions/sqlite
       ruby_version: '3.1'
-    steps: ['setup', 'solidusio_extensions/run-tests-solidus-master', 'notify']
+    steps: ['setup', 'solidusio_extensions/run-tests-solidus-master']
   solidus-current:
     executor:
       name: solidusio_extensions/sqlite
       ruby_version: '3.0'
-    steps: ['setup', 'solidusio_extensions/run-tests-solidus-current', 'notify']
+    steps: ['setup', 'solidusio_extensions/run-tests-solidus-current']
   solidus-older:
     executor:
       name: solidusio_extensions/sqlite
       ruby_version: '2.7'
-    steps: ['setup', 'solidusio_extensions/run-tests-solidus-older', 'notify']
+    steps: ['setup', 'solidusio_extensions/run-tests-solidus-older']
   lint-code:
     executor: solidusio_extensions/sqlite
-    steps: ['setup', 'solidusio_extensions/lint-code', 'notify']
+    steps: ['setup', 'solidusio_extensions/lint-code']
 
 workflows:
   "Run specs on supported Solidus versions":
     jobs:
-      - solidus-master:
-          context: slack-secrets
-      - solidus-current:
-          context: slack-secrets
-      - solidus-older:
-          context: slack-secrets
-      - lint-code:
-          context: slack-secrets
+      - solidus-master
+      - solidus-current
+      - solidus-older
+      - lint-code
 
   "Weekly run specs against master":
     triggers:
@@ -68,9 +56,6 @@ workflows:
               only:
                 - master
     jobs:
-      - solidus-master:
-          context: slack-secrets
-      - solidus-current:
-          context: slack-secrets
-      - solidus-older:
-          context: slack-secrets
+      - solidus-master
+      - solidus-current
+      - solidus-older

From d7f74f734f7ec669ff8d910583656a0e4b24bf7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20Busqu=C3=A9?= <marc@lamarciana.com>
Date: Fri, 10 Feb 2023 05:49:17 +0100
Subject: [PATCH 2/2] Move dev dependencies into the Gemfile

---
 Gemfile                     | 3 +++
 solidus_dev_support.gemspec | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index 9151647d..ac84833a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -13,6 +13,9 @@ gem 'solidus', github: 'solidusio/solidus', branch: branch
 # A workaround for https://github.com/bundler/bundler/issues/6677
 gem 'rails', '>0.a'
 
+gem 'bundler'
+gem 'rake'
+
 # These gems will be used by the temporary extensions generated by tests
 group :test do
   gem 'mysql2'
diff --git a/solidus_dev_support.gemspec b/solidus_dev_support.gemspec
index 0a0e5510..ba1ef209 100644
--- a/solidus_dev_support.gemspec
+++ b/solidus_dev_support.gemspec
@@ -47,7 +47,4 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'rubocop-rspec', '~> 2.0'
   spec.add_dependency 'solidus_core', ['>= 2.0', '< 4']
   spec.add_dependency 'webdrivers', '>= 4.4'
-
-  spec.add_development_dependency 'bundler'
-  spec.add_development_dependency 'rake'
 end