Add repository admins validation check

[Copilot]

Overview

This PR implements a new repository policy check to validate repository administrators against a defined list in the policy configuration, addressing issue #[issue_number].

Changes

New Feature: Admins Check

Added a new AdminsChecks class that validates repository administrators by:

• Fetching all repository collaborators via the GitHub API
• Filtering for users with admin-level permissions
• Comparing actual repository admins with the policy-defined list
• Identifying discrepancies (missing or extra admins)

Implementation Details

Type Definitions (src/types/common/main.d.ts)

• Added admins: string[] field to the RepoPolicy interface

New Check Class (src/evaluators/repository/AdminsChecks.ts)

• Created following the existing pattern used by other repository checks
• Implements checkAdmins() method that returns a CheckResult with pass/fail status
• Reports detailed information about missing and extra admins

Integration (src/evaluators/RepoPolicyEvaluator.ts)

• Imported and integrated AdminsChecks into the policy evaluation flow
• Check executes when the admins field is present in the repository policy
• Results are logged and included in the repository check results

Policy Configuration (policies/repository.yml)

• Added example configuration demonstrating the feature:

admins:
  - admin1
  - admin2

Documentation (policies/repository.readme.md)

• Added comprehensive documentation section explaining the admins check
• Includes usage examples and validation behavior

Usage Example

Users can now specify expected repository admins in their repository.yml policy file:

admins:
  - username1
  - username2
  - username3

Validation Behavior

• ✅ Pass: All admins match exactly (no missing admins, no extra admins)
• ❌ Fail: Discrepancies found with detailed reporting:
  • missing_admins: Users listed in policy but not repository admins
  • extra_admins: Repository admins not listed in policy

Testing

• Verified TypeScript compilation succeeds
• Validated code formatting with prettier
• Tested logic with multiple scenarios (perfect match, missing admins, extra admins, both)
• Follows existing code patterns and conventions

Notes

This implementation follows the same pattern as other repository checks (WebHooksChecks, RunnersChecks, etc.) ensuring consistency with the existing codebase architecture.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Add check to validate repository admins</issue_title>
<issue_description># Improvement
Add a repository policy to validate the admins of the repo

Example

admins:
   - admin1
   - admin2

Functionality

Gitarmor will check that the admin specified in the policy are matching the admins of the repo
</issue_description>

Comments on the Issue (you are @copilot in this section)

Fixes #5

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[david3107]

good