Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(repo settings): approve build mechanism for pull_request events #328

Merged
merged 9 commits into from
Nov 27, 2023
Merged

feat(repo settings): approve build mechanism for pull_request events #328

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
34fb9c5
init commit
ecrupper Oct 2, 2023
668e8ca
Merge branch 'main' into feat/fork-pr-approve-build
ecrupper Oct 10, 2023
18d8f0a
add testing
ecrupper Oct 10, 2023
de9fdd1
Merge branch 'main' into feat/fork-pr-approve-build
timhuynh94 Oct 12, 2023
35f222c
Update library/repo.go
ecrupper Oct 19, 2023
ddfe433
Merge branch 'main' into feat/fork-pr-approve-build
ecrupper Nov 14, 2023
a668d28
audit approval and allow more options for approve field
ecrupper Nov 26, 2023
b810497
pack PR data into a PullRequest struct for webhooks
ecrupper Nov 27, 2023
30b8593
last name change I promise
ecrupper Nov 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions constants/repo.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,21 @@ const (
// in Vela to control their pipeline being compiled as Starlark templates.
PipelineTypeStarlark = "starlark"
)

// Repo ApproveForkBuild types.
const (
// ApproveAlways defines the CI strategy of having a repo administrator approve
// all builds triggered from a forked PR.
ApproveAlways = "always"

// ApproveNoWrite defines the CI strategy of having a repo administrator approve
// all builds triggered from a forked PR where the author does not have write access.
ApproveNoWrite = "no-write"

// ApproveOnce defines the CI strategy of having a repo administrator approve
// all builds triggered from an outside contributor if this is their first time contributing.
ApproveOnce = "first-time"
Comment on lines +30 to +32
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A note on this: I am adding this constant as more of a To-Do. I don't have actual functionality for this coded up, but would create a follow-up story to implement this at a later point.


// ApproveNever defines the CI strategy of never having to approve CI builds from outside contributors.
ApproveNever = "never"
)
3 changes: 3 additions & 0 deletions constants/status.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ const (
// StatusPending defines the status type for build and step pending statuses.
StatusPending = "pending"

// StatusPendingApproval defines the status type for a build waiting to be approved to run.
StatusPendingApproval = "pending approval"

// StatusRunning defines the status type for build and step running statuses.
StatusRunning = "running"

Expand Down
104 changes: 56 additions & 48 deletions database/repo.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,30 +44,31 @@ var (

// Repo is the database representation of a repo.
type Repo struct {
ID sql.NullInt64 `sql:"id"`
UserID sql.NullInt64 `sql:"user_id"`
Hash sql.NullString `sql:"hash"`
Org sql.NullString `sql:"org"`
Name sql.NullString `sql:"name"`
FullName sql.NullString `sql:"full_name"`
Link sql.NullString `sql:"link"`
Clone sql.NullString `sql:"clone"`
Branch sql.NullString `sql:"branch"`
Topics pq.StringArray `sql:"topics" gorm:"type:varchar(1020)"`
BuildLimit sql.NullInt64 `sql:"build_limit"`
Timeout sql.NullInt64 `sql:"timeout"`
Counter sql.NullInt32 `sql:"counter"`
Visibility sql.NullString `sql:"visibility"`
Private sql.NullBool `sql:"private"`
Trusted sql.NullBool `sql:"trusted"`
Active sql.NullBool `sql:"active"`
AllowPull sql.NullBool `sql:"allow_pull"`
AllowPush sql.NullBool `sql:"allow_push"`
AllowDeploy sql.NullBool `sql:"allow_deploy"`
AllowTag sql.NullBool `sql:"allow_tag"`
AllowComment sql.NullBool `sql:"allow_comment"`
PipelineType sql.NullString `sql:"pipeline_type"`
PreviousName sql.NullString `sql:"previous_name"`
ID sql.NullInt64 `sql:"id"`
UserID sql.NullInt64 `sql:"user_id"`
Hash sql.NullString `sql:"hash"`
Org sql.NullString `sql:"org"`
Name sql.NullString `sql:"name"`
FullName sql.NullString `sql:"full_name"`
Link sql.NullString `sql:"link"`
Clone sql.NullString `sql:"clone"`
Branch sql.NullString `sql:"branch"`
Topics pq.StringArray `sql:"topics" gorm:"type:varchar(1020)"`
BuildLimit sql.NullInt64 `sql:"build_limit"`
Timeout sql.NullInt64 `sql:"timeout"`
Counter sql.NullInt32 `sql:"counter"`
Visibility sql.NullString `sql:"visibility"`
Private sql.NullBool `sql:"private"`
Trusted sql.NullBool `sql:"trusted"`
Active sql.NullBool `sql:"active"`
AllowPull sql.NullBool `sql:"allow_pull"`
AllowPush sql.NullBool `sql:"allow_push"`
AllowDeploy sql.NullBool `sql:"allow_deploy"`
AllowTag sql.NullBool `sql:"allow_tag"`
AllowComment sql.NullBool `sql:"allow_comment"`
PipelineType sql.NullString `sql:"pipeline_type"`
PreviousName sql.NullString `sql:"previous_name"`
ApproveForkBuild sql.NullString `sql:"approve_fork_build"`
}

// Decrypt will manipulate the existing repo hash by
Expand Down Expand Up @@ -198,6 +199,11 @@ func (r *Repo) Nullify() *Repo {
r.PreviousName.Valid = false
}

// check if the ApproveForkBuild field should be false
if len(r.ApproveForkBuild.String) == 0 {
r.ApproveForkBuild.Valid = false
}

return r
}

Expand Down Expand Up @@ -230,6 +236,7 @@ func (r *Repo) ToLibrary() *library.Repo {
repo.SetAllowComment(r.AllowComment.Bool)
repo.SetPipelineType(r.PipelineType.String)
repo.SetPreviousName(r.PreviousName.String)
repo.SetApproveForkBuild(r.ApproveForkBuild.String)

return repo
}
Expand Down Expand Up @@ -301,30 +308,31 @@ func (r *Repo) Validate() error {
// to a database repo type.
func RepoFromLibrary(r *library.Repo) *Repo {
repo := &Repo{
ID: sql.NullInt64{Int64: r.GetID(), Valid: true},
UserID: sql.NullInt64{Int64: r.GetUserID(), Valid: true},
Hash: sql.NullString{String: r.GetHash(), Valid: true},
Org: sql.NullString{String: r.GetOrg(), Valid: true},
Name: sql.NullString{String: r.GetName(), Valid: true},
FullName: sql.NullString{String: r.GetFullName(), Valid: true},
Link: sql.NullString{String: r.GetLink(), Valid: true},
Clone: sql.NullString{String: r.GetClone(), Valid: true},
Branch: sql.NullString{String: r.GetBranch(), Valid: true},
Topics: pq.StringArray(r.GetTopics()),
BuildLimit: sql.NullInt64{Int64: r.GetBuildLimit(), Valid: true},
Timeout: sql.NullInt64{Int64: r.GetTimeout(), Valid: true},
Counter: sql.NullInt32{Int32: int32(r.GetCounter()), Valid: true},
Visibility: sql.NullString{String: r.GetVisibility(), Valid: true},
Private: sql.NullBool{Bool: r.GetPrivate(), Valid: true},
Trusted: sql.NullBool{Bool: r.GetTrusted(), Valid: true},
Active: sql.NullBool{Bool: r.GetActive(), Valid: true},
AllowPull: sql.NullBool{Bool: r.GetAllowPull(), Valid: true},
AllowPush: sql.NullBool{Bool: r.GetAllowPush(), Valid: true},
AllowDeploy: sql.NullBool{Bool: r.GetAllowDeploy(), Valid: true},
AllowTag: sql.NullBool{Bool: r.GetAllowTag(), Valid: true},
AllowComment: sql.NullBool{Bool: r.GetAllowComment(), Valid: true},
PipelineType: sql.NullString{String: r.GetPipelineType(), Valid: true},
PreviousName: sql.NullString{String: r.GetPreviousName(), Valid: true},
ID: sql.NullInt64{Int64: r.GetID(), Valid: true},
UserID: sql.NullInt64{Int64: r.GetUserID(), Valid: true},
Hash: sql.NullString{String: r.GetHash(), Valid: true},
Org: sql.NullString{String: r.GetOrg(), Valid: true},
Name: sql.NullString{String: r.GetName(), Valid: true},
FullName: sql.NullString{String: r.GetFullName(), Valid: true},
Link: sql.NullString{String: r.GetLink(), Valid: true},
Clone: sql.NullString{String: r.GetClone(), Valid: true},
Branch: sql.NullString{String: r.GetBranch(), Valid: true},
Topics: pq.StringArray(r.GetTopics()),
BuildLimit: sql.NullInt64{Int64: r.GetBuildLimit(), Valid: true},
Timeout: sql.NullInt64{Int64: r.GetTimeout(), Valid: true},
Counter: sql.NullInt32{Int32: int32(r.GetCounter()), Valid: true},
Visibility: sql.NullString{String: r.GetVisibility(), Valid: true},
Private: sql.NullBool{Bool: r.GetPrivate(), Valid: true},
Trusted: sql.NullBool{Bool: r.GetTrusted(), Valid: true},
Active: sql.NullBool{Bool: r.GetActive(), Valid: true},
AllowPull: sql.NullBool{Bool: r.GetAllowPull(), Valid: true},
AllowPush: sql.NullBool{Bool: r.GetAllowPush(), Valid: true},
AllowDeploy: sql.NullBool{Bool: r.GetAllowDeploy(), Valid: true},
AllowTag: sql.NullBool{Bool: r.GetAllowTag(), Valid: true},
AllowComment: sql.NullBool{Bool: r.GetAllowComment(), Valid: true},
PipelineType: sql.NullString{String: r.GetPipelineType(), Valid: true},
PreviousName: sql.NullString{String: r.GetPreviousName(), Valid: true},
ApproveForkBuild: sql.NullString{String: r.GetApproveForkBuild(), Valid: true},
}

return repo.Nullify()
Expand Down
77 changes: 41 additions & 36 deletions database/repo_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"reflect"
"testing"

"github.com/go-vela/types/constants"
"github.com/go-vela/types/library"
)

Expand Down Expand Up @@ -106,18 +107,19 @@ func TestDatabase_Repo_Nullify(t *testing.T) {
var r *Repo

want := &Repo{
ID: sql.NullInt64{Int64: 0, Valid: false},
UserID: sql.NullInt64{Int64: 0, Valid: false},
Hash: sql.NullString{String: "", Valid: false},
Org: sql.NullString{String: "", Valid: false},
Name: sql.NullString{String: "", Valid: false},
FullName: sql.NullString{String: "", Valid: false},
Link: sql.NullString{String: "", Valid: false},
Clone: sql.NullString{String: "", Valid: false},
Branch: sql.NullString{String: "", Valid: false},
Timeout: sql.NullInt64{Int64: 0, Valid: false},
Visibility: sql.NullString{String: "", Valid: false},
PipelineType: sql.NullString{String: "", Valid: false},
ID: sql.NullInt64{Int64: 0, Valid: false},
UserID: sql.NullInt64{Int64: 0, Valid: false},
Hash: sql.NullString{String: "", Valid: false},
Org: sql.NullString{String: "", Valid: false},
Name: sql.NullString{String: "", Valid: false},
FullName: sql.NullString{String: "", Valid: false},
Link: sql.NullString{String: "", Valid: false},
Clone: sql.NullString{String: "", Valid: false},
Branch: sql.NullString{String: "", Valid: false},
Timeout: sql.NullInt64{Int64: 0, Valid: false},
Visibility: sql.NullString{String: "", Valid: false},
PipelineType: sql.NullString{String: "", Valid: false},
ApproveForkBuild: sql.NullString{String: "", Valid: false},
}

// setup tests
Expand Down Expand Up @@ -177,6 +179,7 @@ func TestDatabase_Repo_ToLibrary(t *testing.T) {
want.SetAllowComment(false)
want.SetPipelineType("yaml")
want.SetPreviousName("oldName")
want.SetApproveForkBuild(constants.ApproveNever)

// run test
got := testRepo().ToLibrary()
Expand Down Expand Up @@ -330,6 +333,7 @@ func TestDatabase_RepoFromLibrary(t *testing.T) {
r.SetAllowComment(false)
r.SetPipelineType("yaml")
r.SetPreviousName("oldName")
r.SetApproveForkBuild(constants.ApproveNever)

want := testRepo()

Expand All @@ -345,29 +349,30 @@ func TestDatabase_RepoFromLibrary(t *testing.T) {
// type with all fields set to a fake value.
func testRepo() *Repo {
return &Repo{
ID: sql.NullInt64{Int64: 1, Valid: true},
UserID: sql.NullInt64{Int64: 1, Valid: true},
Hash: sql.NullString{String: "superSecretHash", Valid: true},
Org: sql.NullString{String: "github", Valid: true},
Name: sql.NullString{String: "octocat", Valid: true},
FullName: sql.NullString{String: "github/octocat", Valid: true},
Link: sql.NullString{String: "https://github.com/github/octocat", Valid: true},
Clone: sql.NullString{String: "https://github.com/github/octocat.git", Valid: true},
Branch: sql.NullString{String: "main", Valid: true},
Topics: []string{"cloud", "security"},
BuildLimit: sql.NullInt64{Int64: 10, Valid: true},
Timeout: sql.NullInt64{Int64: 30, Valid: true},
Counter: sql.NullInt32{Int32: 0, Valid: true},
Visibility: sql.NullString{String: "public", Valid: true},
Private: sql.NullBool{Bool: false, Valid: true},
Trusted: sql.NullBool{Bool: false, Valid: true},
Active: sql.NullBool{Bool: true, Valid: true},
AllowPull: sql.NullBool{Bool: false, Valid: true},
AllowPush: sql.NullBool{Bool: true, Valid: true},
AllowDeploy: sql.NullBool{Bool: false, Valid: true},
AllowTag: sql.NullBool{Bool: false, Valid: true},
AllowComment: sql.NullBool{Bool: false, Valid: true},
PipelineType: sql.NullString{String: "yaml", Valid: true},
PreviousName: sql.NullString{String: "oldName", Valid: true},
ID: sql.NullInt64{Int64: 1, Valid: true},
UserID: sql.NullInt64{Int64: 1, Valid: true},
Hash: sql.NullString{String: "superSecretHash", Valid: true},
Org: sql.NullString{String: "github", Valid: true},
Name: sql.NullString{String: "octocat", Valid: true},
FullName: sql.NullString{String: "github/octocat", Valid: true},
Link: sql.NullString{String: "https://github.com/github/octocat", Valid: true},
Clone: sql.NullString{String: "https://github.com/github/octocat.git", Valid: true},
Branch: sql.NullString{String: "main", Valid: true},
Topics: []string{"cloud", "security"},
BuildLimit: sql.NullInt64{Int64: 10, Valid: true},
Timeout: sql.NullInt64{Int64: 30, Valid: true},
Counter: sql.NullInt32{Int32: 0, Valid: true},
Visibility: sql.NullString{String: "public", Valid: true},
Private: sql.NullBool{Bool: false, Valid: true},
Trusted: sql.NullBool{Bool: false, Valid: true},
Active: sql.NullBool{Bool: true, Valid: true},
AllowPull: sql.NullBool{Bool: false, Valid: true},
AllowPush: sql.NullBool{Bool: true, Valid: true},
AllowDeploy: sql.NullBool{Bool: false, Valid: true},
AllowTag: sql.NullBool{Bool: false, Valid: true},
AllowComment: sql.NullBool{Bool: false, Valid: true},
PipelineType: sql.NullString{String: "yaml", Valid: true},
PreviousName: sql.NullString{String: "oldName", Valid: true},
ApproveForkBuild: sql.NullString{String: constants.ApproveNever, Valid: true},
}
}
Loading