[Git][debian-gis-team/scripts][master] Configure protected branches to allow Developers to push to master.

Bas Couwenberg gitlab at salsa.debian.org
Wed Dec 2 12:27:20 GMT 2020 


Bas Couwenberg pushed to branch master at Debian GIS Project / scripts


Commits:
3f6880f5 by Bas Couwenberg at 2020-12-02T13:27:12+01:00
Configure protected branches to allow Developers to push to master.

- - - - -


1 changed file:

- salsa-configure-repositories.pl


Changes:

=====================================
salsa-configure-repositories.pl
=====================================
@@ -111,6 +111,15 @@ if(!$result || $cfg{help}) {
         exit 1;
 }
 
+my %access_level = (
+                     'No access'  => 0,
+                     'Guest'      => 10,
+                     'Reporter'   => 20,
+                     'Developer'  => 30,
+                     'Maintainer' => 40,
+                     'Owner'      => 50,
+                   );
+
 my $ua = new LWP::UserAgent(agent => basename($0));
 
 $cfg{token} = get_private_token() if(!$cfg{token});
@@ -174,6 +183,11 @@ foreach my $project (@{$team_projects}) {
 	if(!configure_kgb_webhook($project)) {
 		exit 1;
 	}
+
+	# Configure protected branches
+	if(!configure_protected_branches($project)) {
+		exit 1;
+	}
 }
 
 exit 0;
@@ -740,3 +754,134 @@ sub configure_kgb_webhook {
 	}
 }
 
+sub configure_protected_branches {
+	my ($project) = @_;
+
+	my $url = $cfg{url}.'/projects/'.uri_escape($project->{id}).'/protected_branches';
+
+	my $req = new HTTP::Request(GET => $url);
+	   $req->header('PRIVATE-TOKEN' => $cfg{token});
+
+	my $res = $ua->request($req);
+	if($res->is_success) {
+		my $content = $res->content;
+
+		my $data = decode_json($content);
+
+		print "protected_branches:\n". Dumper($data) if($cfg{debug});
+
+		my $delete = 1;
+		my $configure = 0;
+
+		foreach my $branch (@{$data}) {
+			if($branch->{name} ne 'master') {
+				print "Skipping branch: ". $branch->{name} ."\n" if($cfg{debug});
+				next;
+			}
+
+			if(
+			    $#{$branch->{merge_access_levels}} != 0 ||
+			    $branch->{merge_access_levels}[0]->{access_level} != $access_level{Maintainer}
+			) {
+				$configure = 1;
+				last;
+			}
+
+			if(
+			    $#{$branch->{push_access_levels}} != 0 ||
+			    $branch->{push_access_levels}[0]->{access_level} != $access_level{Developer}
+			) {
+				$configure = 1;
+				last;
+			}
+
+			if(
+			    exists $branch->{unprotect_access_levels} &&
+                            (
+			      $#{$branch->{unprotect_access_levels}} != -1 ||
+			      $branch->{unprotect_access_levels}[0]->{access_level} != $access_level{Maintainer}
+                            )
+			) {
+				$configure = 1;
+				last;
+			}
+			elsif(
+			       exists $branch->{unprotect_access_levels} &&
+			       $#{$branch->{unprotect_access_levels}} == -1
+			) {
+				$delete = 1;
+				$configure = 1;
+				last;
+			}
+		}
+
+		if($#{$data} == -1) {
+			$delete = 0;
+			$configure = 1;
+		}
+
+		if(!$configure) {
+			print "Protected branches already configured for project: ". $project->{name} ." (". $project->{id} .")\n" if($cfg{verbose});
+
+			return 2;
+		}
+
+		if($delete) {
+			my $delete_url = $url ."/master";
+
+			my $req = HTTP::Request::Common::DELETE($delete_url);
+			   $req->header('PRIVATE-TOKEN' => $cfg{token});
+
+			my $res = $ua->request($req);
+			if($res->code != 204) {
+				print "Error: Request failed! ($url)\n";
+				print "HTTP Status: ".$res->code." ".$res->message."\n";
+				print $res->content if($res->content);
+
+				return;
+			}
+		}
+
+		print "Configuring protected branches for: ". $project->{name} ." (". $project->{id} .")\n" if($cfg{verbose});
+
+		my $url = $cfg{url}.'/projects/'.uri_escape($project->{id}).'/protected_branches';
+
+		my %param = (
+		              name                   => 'master',
+		              merge_access_level     => $access_level{Maintainer},
+		              push_access_level      => $access_level{Developer},
+		              unprotect_access_level => $access_level{Maintainer},
+		            );
+
+		print "param:\n".Dumper(\%param) if($cfg{debug});
+
+		my $req = HTTP::Request::Common::POST($url, [ %param ]);
+		   $req->header('PRIVATE-TOKEN' => $cfg{token});
+
+		my $res = $ua->request($req);
+		if($res->is_success) {
+			my $content = $res->content;
+
+			print "Content:\n".Dumper($content) if($cfg{debug});
+
+			print "Configured protected branches for project: ". $project->{name} ." (". $project->{id} .")\n" if($cfg{verbose});
+
+			return 1;
+		}
+		else {
+			print "Error: Request failed! ($url)\n";
+			print "HTTP Status: ".$res->code." ".$res->message."\n";
+			print $res->content if($res->content);
+
+			return;
+		}
+	}
+	else {
+		print "Error: Request failed! ($url)\n";
+		print "HTTP Status: ".$res->code." ".$res->message."\n";
+		print $res->content if($res->content);
+
+		return;
+	}
+}
+



View it on GitLab: https://salsa.debian.org/debian-gis-team/scripts/-/commit/3f6880f563c36c83a095f922ab8e871c15b363af

-- 
View it on GitLab: https://salsa.debian.org/debian-gis-team/scripts/-/commit/3f6880f563c36c83a095f922ab8e871c15b363af
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-grass-devel/attachments/20201202/05b90d64/attachment-0001.html>

More information about the Pkg-grass-devel mailing list