-
Notifications
You must be signed in to change notification settings - Fork 29
/
policy.go
56 lines (46 loc) · 1.93 KB
/
policy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
// SPDX-License-Identifier: Apache-2.0
package repository
import (
"context"
"errors"
"fmt"
"log/slog"
"strings"
"github.com/gittuf/gittuf/internal/gitinterface"
"github.com/gittuf/gittuf/internal/policy"
"github.com/gittuf/gittuf/internal/rsl"
)
var (
ErrPushingPolicy = errors.New("unable to push policy")
ErrPullingPolicy = errors.New("unable to pull policy")
)
// PushPolicy pushes the local gittuf policy to the specified remote. As this
// push defaults to fast-forward only, divergent policy states are detected.
// Note that this also pushes the RSL as the policy cannot change without an
// update to the RSL.
func (r *Repository) PushPolicy(ctx context.Context, remoteName string) error {
slog.Debug(fmt.Sprintf("Pushing policy and RSL references to %s...", remoteName))
if err := gitinterface.Push(ctx, r.r, remoteName, []string{policy.PolicyRef, policy.PolicyStagingRef, rsl.Ref}); err != nil {
return errors.Join(ErrPushingPolicy, err)
}
return nil
}
// PullPolicy fetches gittuf policy from the specified remote. The fetches is
// marked as fast forward only to detect divergence. Note that this also fetches
// the RSL as the policy must be updated in sync with the RSL.
func (r *Repository) PullPolicy(ctx context.Context, remoteName string) error {
slog.Debug(fmt.Sprintf("Pulling policy and RSL references from %s...", remoteName))
if err := gitinterface.Fetch(ctx, r.r, remoteName, []string{policy.PolicyRef, policy.PolicyStagingRef, rsl.Ref}, true); err != nil {
return errors.Join(ErrPullingPolicy, err)
}
return nil
}
func (r *Repository) ApplyPolicy(ctx context.Context, signRSLEntry bool) error {
return policy.Apply(ctx, r.r, signRSLEntry)
}
func (r *Repository) ListRules(ctx context.Context, targetRef string) ([]*policy.DelegationWithDepth, error) {
if strings.HasPrefix(targetRef, "refs/gittuf/") {
return policy.ListRules(ctx, r.r, targetRef)
}
return policy.ListRules(ctx, r.r, "refs/gittuf/"+targetRef)
}