From ee1d38084bf53948d9d8f8b1033510f706a8293a Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Thu, 11 Apr 2024 11:13:33 +0300 Subject: [PATCH] Support repository environments This allows projects to do things like * require deployment reviews * Ensure deployments come from defined set of branches/tags Signed-off-by: Jussi Kukkonen --- main.go | 50 ++++++++++++++++++++++++++++++++++++++++++++ pkg/config/config.go | 17 +++++++++++++++ 2 files changed, 67 insertions(+) diff --git a/main.go b/main.go index 6af5277..381a551 100644 --- a/main.go +++ b/main.go @@ -5,6 +5,7 @@ import ( "log" "os" "path" + "strconv" "strings" github "github.com/pulumi/pulumi-github/sdk/v6/go/github" @@ -157,6 +158,55 @@ func main() { return err } + for _, env := range repo.Environments { + var reviewerIDs []int + for _, username := range env.Reviewers { + user, err := github.GetUser(ctx, &github.GetUserArgs{Username: username}) + if err != nil { + return err + } + userID, err := strconv.Atoi(user.Id) + if err != nil { + return err + } + reviewerIDs = append(reviewerIDs, userID) + } + + pulumiEnv, err := github.NewRepositoryEnvironment(ctx, env.Name, &github.RepositoryEnvironmentArgs{ + Environment: pulumi.String(env.Name), + Repository: newRepo.Name, + CanAdminsBypass: pulumi.Bool(env.CanAdminsBypass), + DeploymentBranchPolicy: &github.RepositoryEnvironmentDeploymentBranchPolicyArgs{ + ProtectedBranches: pulumi.Bool(env.ProtectedBranches), + CustomBranchPolicies: pulumi.Bool(env.CustomBranchPolicies), + }, + PreventSelfReview: pulumi.Bool(env.PreventSelfReview), + Reviewers: github.RepositoryEnvironmentReviewerArray{ + &github.RepositoryEnvironmentReviewerArgs{ + Users: pulumi.ToIntArray(reviewerIDs), + }, + }, + WaitTimer: pulumi.Int(env.WaitTimer), + }) + if err != nil { + return err + } + + for _, policy := range env.DeploymentBranchPolicies { + _, err = github.NewRepositoryDeploymentBranchPolicy(ctx, policy.Name, &github.RepositoryDeploymentBranchPolicyArgs{ + Repository: newRepo.Name, + EnvironmentName: pulumi.String(env.Name), + Name: pulumi.String(policy.Pattern), + }, pulumi.DependsOn([]pulumi.Resource{ + pulumiEnv, + })) + + if err != nil { + return err + } + } + } + _, err = github.NewBranchDefault(ctx, repo.Name, &github.BranchDefaultArgs{ Branch: pulumi.String(repo.DefaultBranch), Repository: pulumi.String(repo.Name), diff --git a/pkg/config/config.go b/pkg/config/config.go index 61d5d09..63ce96c 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -25,6 +25,22 @@ type Team struct { ParentTeamID int `yaml:"parentTeamId"` } +type DeploymentBranchPolicy struct { + Name string `yaml:"name"` + Pattern string `yaml:"pattern"` +} + +type Environment struct { + Name string `yaml:"name"` + CanAdminsBypass bool `yaml:"canAdminsBypass"` + Reviewers []string `yaml:"reviewers"` + PreventSelfReview bool `yaml:"preventSelfReview"` + WaitTimer int `yaml:"waitTimer"` + ProtectedBranches bool `yaml:"protectedBranches"` + CustomBranchPolicies bool `yaml:"protectedBranches"` + DeploymentBranchPolicies []DeploymentBranchPolicy `yaml:"deploymentBranchPolicies"` +} + type Repository struct { AllowAutoMerge bool `yaml:"allowAutoMerge"` AllowMergeCommit bool `yaml:"allowMergeCommit"` @@ -33,6 +49,7 @@ type Repository struct { Archived bool `yaml:"archived"` AutoInit bool `yaml:"autoInit"` DeleteBranchOnMerge bool `yaml:"deleteBranchOnMerge"` + Environments []Environment `yaml:"environments"` HasDiscussions bool `yaml:"hasDiscussions"` HasDownloads bool `yaml:"hasDownloads"` HasIssues bool `yaml:"hasIssues"`