entitlements-github-plugin 0.4.1 → 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/entitlements/backend/github_team/provider.rb +17 -0
  3. data/lib/entitlements/backend/github_team/service.rb +13 -2
  4. data/lib/version.rb +1 -1
  5. metadata +28 -28
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a4cbb307760618dcde3accef28dd587ce5a37cb8049ce7c0819634be60725cf1
4
- data.tar.gz: 8aaad78f84fa9011cad4788e57f777ae820cd3f4a5ac6efc828dbb5d4b7e9b58
3
+ metadata.gz: '0987a803d14c6ea071918561b6295665e0e72c41b4888ea796d73809e5befb91'
4
+ data.tar.gz: 52a80360a3dc15c5248228fa64aae7bb1afde55b3248bf2048ed26b64117d8c2
5
5
  SHA512:
6
- metadata.gz: e277789bd072b042003e42970eb5c91d12520ea0332759f050c7c3774bbee8bbd54d68c1f7c552594f8e8aedd16e5d37dabd9d2be7597f581de637b0f205d1c1
7
- data.tar.gz: d0d2ee3e7f4f6ba4ff909b880b5de0cf9f16d6940a4e90b81350fc80cc6bacb38059765cbe780bc85aad29fa3aca1d6d78aae5da7264aed3c7f9d89dd3074b37
6
+ metadata.gz: 6bb6d37eee52744b52af7303b60101f12e21b387d9526fad08f9c77e98d5c9b98724be9104b730c31b89b8ed9c1052051f2a2acb7b73cbfc6190ddf567771f05
7
+ data.tar.gz: 48545ac1774a659e90dc0303bd4d51b5a6619012a1d1ded25f8ed52472e774b9547abd6a462c37e2d318c73eb7e04d16b27346c83e502c1cb8b0771a77f6f727
data/lib/entitlements/backend/github_team/provider.rb CHANGED
@@ -198,6 +198,23 @@ module Entitlements
198
198
  Entitlements.logger.info "CHANGE github_parent_team from #{existing_parent_team} to #{changed_parent_team} for #{existing_group.dn} in #{github.org}"
199
199
  end
200
200
  end
201
+
202
+ existing_maintainers = existing_group.metadata_fetch_if_exists("team_maintainers")
203
+ changed_maintainers = group.metadata_fetch_if_exists("team_maintainers")
204
+ if existing_maintainers != changed_maintainers
205
+ base_diff[:metadata] ||= {}
206
+ if existing_maintainers.nil? && !changed_maintainers.nil?
207
+ base_diff[:metadata][:team_maintainers] = "add"
208
+ Entitlements.logger.info "ADD github_team_maintainers #{changed_maintainers} to #{existing_group.dn} in #{github.org}"
209
+ elsif !existing_maintainers.nil? && changed_maintainers.nil?
210
+ base_diff[:metadata][:team_maintainers] = "remove"
211
+ Entitlements.logger.info "REMOVE (NOOP) github_team_maintainers #{existing_maintainers} from #{existing_group.dn} in #{github.org}"
212
+ else
213
+ base_diff[:metadata][:team_maintainers] = "change"
214
+ Entitlements.logger.info "CHANGE github_team_maintainers from #{existing_maintainers} to #{changed_maintainers} for #{existing_group.dn} in #{github.org}"
215
+ end
216
+ end
217
+
201
218
  base_diff
202
219
  end
203
220
 
data/lib/entitlements/backend/github_team/service.rb CHANGED
@@ -104,6 +104,10 @@ module Entitlements
104
104
  end
105
105
  end
106
106
 
107
+ maintainers = teamdata[:members].select { |u| teamdata[:roles][u] == "maintainer" }
108
+ team_metadata = team_metadata || {}
109
+ team_metadata = team_metadata.merge({"team_maintainers" => maintainers.any? ? maintainers.join(",") : nil})
110
+
107
111
  team = Entitlements::Backend::GitHubTeam::Models::Team.new(
108
112
  team_id: teamdata[:team_id],
109
113
  team_name: team_identifier,
@@ -326,11 +330,12 @@ module Entitlements
326
330
  # team_slug - Identifier of the team to retrieve.
327
331
  #
328
332
  # Returns a data structure with team data.
329
- Contract String => { members: C::ArrayOf[String], team_id: Integer, parent_team_name: C::Or[String, nil] }
333
+ Contract String => { members: C::ArrayOf[String], team_id: Integer, parent_team_name: C::Or[String, nil], roles: C::HashOf[String => String] }
330
334
  def graphql_team_data(team_slug)
331
335
  cursor = nil
332
336
  team_id = nil
333
337
  result = []
338
+ roles = {}
334
339
  sanity_counter = 0
335
340
 
336
341
  while sanity_counter < 100
@@ -348,6 +353,7 @@ module Entitlements
348
353
  node {
349
354
  login
350
355
  }
356
+ role
351
357
  cursor
352
358
  }
353
359
  }
@@ -375,12 +381,17 @@ module Entitlements
375
381
  buffer = edges.map { |e| e.fetch("node").fetch("login").downcase }
376
382
  result.concat buffer
377
383
 
384
+ edges.each do |e|
385
+ role = e.fetch("role").downcase
386
+ roles[e.fetch("node").fetch("login").downcase] = role
387
+ end
388
+
378
389
  cursor = edges.last.fetch("cursor")
379
390
  next if cursor && buffer.size == max_graphql_results
380
391
  break
381
392
  end
382
393
 
383
- { members: result, team_id:, parent_team_name: }
394
+ { members: result, team_id:, parent_team_name:, roles: }
384
395
  end
385
396
 
386
397
  # Ensure that the given team ID actually matches up to the team slug on GitHub. This is in place
data/lib/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Entitlements
4
4
  module Version
5
- VERSION = "0.4.1"
5
+ VERSION = "0.4.3"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,27 +1,27 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: entitlements-github-plugin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub, Inc. Security Ops
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-29 00:00:00.000000000 Z
11
+ date: 2023-09-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: contracts
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '='
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: 0.17.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '='
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.17.0
27
27
  - !ruby/object:Gem::Dependency
@@ -70,168 +70,168 @@ dependencies:
70
70
  name: entitlements
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '='
73
+ - - "~>"
74
74
  - !ruby/object:Gem::Version
75
75
  version: 0.2.0
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - '='
80
+ - - "~>"
81
81
  - !ruby/object:Gem::Version
82
82
  version: 0.2.0
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: rake
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
- - - '='
87
+ - - "~>"
88
88
  - !ruby/object:Gem::Version
89
89
  version: 13.0.6
90
90
  type: :development
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
- - - '='
94
+ - - "~>"
95
95
  - !ruby/object:Gem::Version
96
96
  version: 13.0.6
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: rspec
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '='
101
+ - - "~>"
102
102
  - !ruby/object:Gem::Version
103
103
  version: 3.8.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
- - - '='
108
+ - - "~>"
109
109
  - !ruby/object:Gem::Version
110
110
  version: 3.8.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: rspec-core
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
- - - '='
115
+ - - "~>"
116
116
  - !ruby/object:Gem::Version
117
117
  version: 3.8.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
- - - '='
122
+ - - "~>"
123
123
  - !ruby/object:Gem::Version
124
124
  version: 3.8.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - '='
129
+ - - "~>"
130
130
  - !ruby/object:Gem::Version
131
131
  version: 1.29.1
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
- - - '='
136
+ - - "~>"
137
137
  - !ruby/object:Gem::Version
138
138
  version: 1.29.1
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: rubocop-github
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
- - - '='
143
+ - - "~>"
144
144
  - !ruby/object:Gem::Version
145
145
  version: 0.17.0
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
- - - '='
150
+ - - "~>"
151
151
  - !ruby/object:Gem::Version
152
152
  version: 0.17.0
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: rubocop-performance
155
155
  requirement: !ruby/object:Gem::Requirement
156
156
  requirements:
157
- - - '='
157
+ - - "~>"
158
158
  - !ruby/object:Gem::Version
159
159
  version: 1.13.3
160
160
  type: :development
161
161
  prerelease: false
162
162
  version_requirements: !ruby/object:Gem::Requirement
163
163
  requirements:
164
- - - '='
164
+ - - "~>"
165
165
  - !ruby/object:Gem::Version
166
166
  version: 1.13.3
167
167
  - !ruby/object:Gem::Dependency
168
168
  name: rugged
169
169
  requirement: !ruby/object:Gem::Requirement
170
170
  requirements:
171
- - - '='
171
+ - - "~>"
172
172
  - !ruby/object:Gem::Version
173
173
  version: 0.27.5
174
174
  type: :development
175
175
  prerelease: false
176
176
  version_requirements: !ruby/object:Gem::Requirement
177
177
  requirements:
178
- - - '='
178
+ - - "~>"
179
179
  - !ruby/object:Gem::Version
180
180
  version: 0.27.5
181
181
  - !ruby/object:Gem::Dependency
182
182
  name: simplecov
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
- - - '='
185
+ - - "~>"
186
186
  - !ruby/object:Gem::Version
187
187
  version: 0.16.1
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
- - - '='
192
+ - - "~>"
193
193
  - !ruby/object:Gem::Version
194
194
  version: 0.16.1
195
195
  - !ruby/object:Gem::Dependency
196
196
  name: simplecov-erb
197
197
  requirement: !ruby/object:Gem::Requirement
198
198
  requirements:
199
- - - '='
199
+ - - "~>"
200
200
  - !ruby/object:Gem::Version
201
201
  version: 1.0.1
202
202
  type: :development
203
203
  prerelease: false
204
204
  version_requirements: !ruby/object:Gem::Requirement
205
205
  requirements:
206
- - - '='
206
+ - - "~>"
207
207
  - !ruby/object:Gem::Version
208
208
  version: 1.0.1
209
209
  - !ruby/object:Gem::Dependency
210
210
  name: vcr
211
211
  requirement: !ruby/object:Gem::Requirement
212
212
  requirements:
213
- - - '='
213
+ - - "~>"
214
214
  - !ruby/object:Gem::Version
215
215
  version: 4.0.0
216
216
  type: :development
217
217
  prerelease: false
218
218
  version_requirements: !ruby/object:Gem::Requirement
219
219
  requirements:
220
- - - '='
220
+ - - "~>"
221
221
  - !ruby/object:Gem::Version
222
222
  version: 4.0.0
223
223
  - !ruby/object:Gem::Dependency
224
224
  name: webmock
225
225
  requirement: !ruby/object:Gem::Requirement
226
226
  requirements:
227
- - - '='
227
+ - - "~>"
228
228
  - !ruby/object:Gem::Version
229
229
  version: 3.4.2
230
230
  type: :development
231
231
  prerelease: false
232
232
  version_requirements: !ruby/object:Gem::Requirement
233
233
  requirements:
234
- - - '='
234
+ - - "~>"
235
235
  - !ruby/object:Gem::Version
236
236
  version: 3.4.2
237
237
  description: Entitlements plugin to manage GitHub Orgs and Team memberships and access