-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
protected_tags.go
247 lines (208 loc) · 7.77 KB
/
protected_tags.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
package config
import (
"fmt"
"net/http"
"os"
"slices"
"sort"
mapset "github.com/deckarep/golang-set/v2"
"github.com/xanzy/go-gitlab"
"gitlab.com/tozd/go/errors"
)
// getProtectedTags populates configuration struct with configuration available
// from GitLab protected tags API endpoint.
func (c *GetCommand) getProtectedTags(client *gitlab.Client, configuration *Configuration) (bool, errors.E) { //nolint:unparam
fmt.Fprintf(os.Stderr, "Getting protected tags...\n")
configuration.ProtectedTags = []map[string]interface{}{}
descriptions, errE := getProtectedTagsDescriptions(c.DocsRef)
if errE != nil {
return false, errE
}
// We need "name" later on.
if _, ok := descriptions["name"]; !ok {
return false, errors.New(`"name" field is missing in protected tags descriptions`)
}
configuration.ProtectedTagsComment = formatDescriptions(descriptions)
u := fmt.Sprintf("projects/%s/protected_tags", gitlab.PathEscape(c.Project))
options := &gitlab.ListProtectedTagsOptions{
PerPage: maxGitLabPageSize,
Page: 1,
}
for {
req, err := client.NewRequest(http.MethodGet, u, options, nil)
if err != nil {
errE := errors.WithMessage(err, "failed to get protected tags")
errors.Details(errE)["page"] = options.Page
return false, errE
}
protectedTags := []map[string]interface{}{}
response, err := client.Do(req, &protectedTags)
if err != nil {
errE := errors.WithMessage(err, "failed to get protected tags")
errors.Details(errE)["page"] = options.Page
return false, errE
}
if len(protectedTags) == 0 {
break
}
for _, protectedTag := range protectedTags {
// We rename to be consistent between getting and updating.
protectedTag["allowed_to_create"] = protectedTag["create_access_levels"]
// We for now remove ID because it is not useful for updating protected tags.
// TODO: Use ID to just update protected tags.
// See: https://gitlab.com/tozd/gitlab/config/-/issues/18
removeField(protectedTag["allowed_to_create"], "id")
// Making sure ids and levels are an integer.
castFloatsToInts(protectedTag)
// Only retain those keys which can be edited through the API
// (which are those available in descriptions).
for key := range protectedTag {
_, ok := descriptions[key]
if !ok {
delete(protectedTag, key)
}
}
// Make the description be a comment for the sequence item.
renameMapField(protectedTag, "access_level_description", "comment:")
name, ok := protectedTag["name"]
if !ok {
return false, errors.New(`protected tag is missing field "name"`)
}
_, ok = name.(string)
if !ok {
errE := errors.New(`protected tag's field "name" is not a string`)
errors.Details(errE)["type"] = fmt.Sprintf("%T", name)
errors.Details(errE)["value"] = name
return false, errE
}
configuration.ProtectedTags = append(configuration.ProtectedTags, protectedTag)
}
if response.NextPage == 0 {
break
}
options.Page = response.NextPage
}
// We sort by protected tag's name so that we have deterministic order.
sort.Slice(configuration.ProtectedTags, func(i, j int) bool {
// We checked that name is string above.
return configuration.ProtectedTags[i]["name"].(string) < configuration.ProtectedTags[j]["name"].(string) //nolint:forcetypeassert
})
return false, nil
}
// parseProtectedTagsDocumentation parses GitLab's documentation in Markdown for
// protected tags API endpoint and extracts description of fields used to describe
// protected tags.
func parseProtectedTagsDocumentation(input []byte) (map[string]string, errors.E) {
return parseTable(input, "Protect repository tags", func(key string) string {
switch key {
case "create_access_level":
// We prefer that everything is done through "allowed_to_create".
return ""
default:
return key
}
})
}
// getProtectedTagsDescriptions obtains description of fields used to describe
// an individual protected tags from GitLab's documentation for protected tags API endpoint.
func getProtectedTagsDescriptions(gitRef string) (map[string]string, errors.E) {
data, err := downloadFile(fmt.Sprintf("https://gitlab.com/gitlab-org/gitlab/-/raw/%s/doc/api/protected_tags.md", gitRef))
if err != nil {
return nil, errors.WithMessage(err, "failed to get protected tags descriptions")
}
return parseProtectedTagsDocumentation(data)
}
// updateProtectedTags updates GitLab project's protected tags using GitLab
// protected tags API endpoint based on the configuration struct.
//
// It first unprotects all protected tags which the project does not have anymore
// configured as protected, and then updates or adds protection for configured
// protected tags. When updating an existing protected tag it briefly umprotects
// the tag and reprotects it with new configuration.
func (c *SetCommand) updateProtectedTags(client *gitlab.Client, configuration *Configuration) errors.E {
if configuration.ProtectedTags == nil {
return nil
}
fmt.Fprintf(os.Stderr, "Updating protected tags...\n")
options := &gitlab.ListProtectedTagsOptions{
PerPage: maxGitLabPageSize,
Page: 1,
}
protectedTags := []*gitlab.ProtectedTag{}
for {
pt, response, err := client.ProtectedTags.ListProtectedTags(c.Project, options)
if err != nil {
errE := errors.WithMessage(err, "failed to get protected tags")
errors.Details(errE)["page"] = options.Page
return errE
}
protectedTags = append(protectedTags, pt...)
if response.NextPage == 0 {
break
}
options.Page = response.NextPage
}
existingProtectedTagsSet := mapset.NewThreadUnsafeSet[string]()
for _, protectedTag := range protectedTags {
existingProtectedTagsSet.Add(protectedTag.Name)
}
wantedProtectedTagsSet := mapset.NewThreadUnsafeSet[string]()
for i, protectedTag := range configuration.ProtectedTags {
name, ok := protectedTag["name"]
if !ok {
errE := errors.Errorf(`protected tag is missing field "name"`)
errors.Details(errE)["index"] = i
return errE
}
n, ok := name.(string)
if !ok {
errE := errors.New(`protected tag's field "name" is not a string`)
errors.Details(errE)["index"] = i
errors.Details(errE)["type"] = fmt.Sprintf("%T", name)
errors.Details(errE)["value"] = name
return errE
}
wantedProtectedTagsSet.Add(n)
}
extraProtectedTags := existingProtectedTagsSet.Difference(wantedProtectedTagsSet).ToSlice()
slices.Sort(extraProtectedTags)
for _, protectedTagName := range extraProtectedTags {
_, err := client.ProtectedTags.UnprotectRepositoryTags(c.Project, protectedTagName)
if err != nil {
errE := errors.WithMessage(err, "failed to unprotect tag")
errors.Details(errE)["tag"] = protectedTagName
return errE
}
}
u := fmt.Sprintf("projects/%s/protected_tags", gitlab.PathEscape(c.Project))
for i, protectedTag := range configuration.ProtectedTags { //nolint:dupl
// We made sure above that all protected tags in configuration have a string name.
name := protectedTag["name"].(string) //nolint:errcheck,forcetypeassert
// If project already have this protected tag, we have to
// first unprotect it to be able to update the protected tag.
if existingProtectedTagsSet.Contains(name) {
_, err := client.ProtectedTags.UnprotectRepositoryTags(c.Project, name)
if err != nil {
errE := errors.WithMessage(err, "failed to unprotect tag before reprotecting")
errors.Details(errE)["index"] = i
errors.Details(errE)["tag"] = name
return errE
}
}
req, err := client.NewRequest(http.MethodPost, u, protectedTag, nil)
if err != nil {
errE := errors.WithMessage(err, "failed to protect tag")
errors.Details(errE)["index"] = i
errors.Details(errE)["tag"] = name
return errE
}
_, err = client.Do(req, nil)
if err != nil {
errE := errors.WithMessage(err, "failed to protect tag")
errors.Details(errE)["index"] = i
errors.Details(errE)["tag"] = name
return errE
}
}
return nil
}