RubyGems - entitlements-github-plugin - Versions diffs - 0.4.4 → 0.5.0 - Mend

entitlements-github-plugin 0.4.4 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/lib/entitlements/backend/github_org/controller.rb +7 -6
data/lib/entitlements/backend/github_org/provider.rb +2 -1
data/lib/entitlements/backend/github_org/service.rb +9 -1
data/lib/entitlements/backend/github_team/controller.rb +2 -1
data/lib/entitlements/backend/github_team/provider.rb +4 -3
data/lib/entitlements/backend/github_team/service.rb +13 -4
data/lib/entitlements/service/github.rb +5 -3
data/lib/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 98d2e4c18c22025d89bb53a24f87340596ed2add64b5b72d401ee31202636da4
-  data.tar.gz: 602d1bd2dc77e02c19edb346ab8bbea6aed61c3a480d33fca3d082346cf2b1ee
+  metadata.gz: ebcd029f78fa24a64272f1ceb54d2f8ef72cf384fc7847a61cd9d036ac8ebc44
+  data.tar.gz: 3fb63ab5ef87df7691b84891a798d3992bd0268fec1dbe63504af8e240c40384
 SHA512:
-  metadata.gz: ee9a438713928741efb5c0d286ed91d774db024b460e349c60c2e81bd35c7c14f1e449022ce941178f89c188835f6533d906dea0250ae6e44010753636b94887
-  data.tar.gz: 71ecfaf9b149cd1509f0ec6d23322cf45f2462c221deb8f01a2c02756c12a04a41e1c4b30b3e4803079d143a6cfda5aa78426f49c8df50196914d7ce9fa014ae
+  metadata.gz: 56c8e0717ea77f9ef87352a66e3abad55ebe94219337108b8a7291782e26d8e1b0f8166e512b3d12b9327e39938cfc4fd81f9f6517eda7f434d48a09ebb08d01
+  data.tar.gz: 921ec103e0413d0665c3f2c2f681f2a2ace406083c80306827c76b7f006376f442445eaa537679a7368df5a2b280fceb216d9ae6c2456bc50db367ba32ef5480

data/lib/entitlements/backend/github_org/controller.rb CHANGED Viewed

@@ -120,12 +120,13 @@ module Entitlements
         Contract String, C::HashOf[String => C::Any] => nil
         def validate_config!(key, data)
           spec = COMMON_GROUP_CONFIG.merge({
-            "base"     => { required: true, type: String },
-            "addr"     => { required: false, type: String },
-            "org"      => { required: true, type: String },
-            "token"    => { required: true, type: String },
-            "features" => { required: false, type: Array },
-            "ignore"   => { required: false, type: Array }
+            "base"             => { required: true, type: String },
+            "addr"             => { required: false, type: String },
+            "org"              => { required: true, type: String },
+            "token"            => { required: true, type: String },
+            "features"         => { required: false, type: Array },
+            "ignore"           => { required: false, type: Array },
+            "ignore_not_found" => { required: false, type: [FalseClass, TrueClass] },
           })
           text = "GitHub organization group #{key.inspect}"
           Entitlements::Util::Util.validate_attr!(spec, data, text)

data/lib/entitlements/backend/github_org/provider.rb CHANGED Viewed

@@ -25,7 +25,8 @@ module Entitlements
             org: config.fetch("org"),
             addr: config.fetch("addr", nil),
             token: config.fetch("token"),
-            ou: config.fetch("base")
+            ou: config.fetch("base"),
+            ignore_not_found: config.fetch("ignore_not_found", false)
           )
           @role_cache = {}
         end

data/lib/entitlements/backend/github_org/service.rb CHANGED Viewed

@@ -44,7 +44,15 @@ module Entitlements
         Contract String, String => C::Bool
         def add_user_to_organization(user, role)
           Entitlements.logger.debug "#{identifier} add_user_to_organization(user=#{user}, org=#{org}, role=#{role})"
-          new_membership = octokit.update_organization_membership(org, user:, role:)
+          begin
+            new_membership = octokit.update_organization_membership(org, user:, role:)
+          rescue Octokit::NotFound => e
+            raise e unless ignore_not_found
+            Entitlements.logger.warn "User #{user} not found in GitHub instance #{identifier}, ignoring."
+            return false
+          end
           # Happy path
           if new_membership[:role] == role

data/lib/entitlements/backend/github_team/controller.rb CHANGED Viewed

@@ -110,7 +110,8 @@ module Entitlements
             "base"  => { required: true, type: String },
             "addr"  => { required: false, type: String },
             "org"   => { required: true, type: String },
-            "token" => { required: true, type: String }
+            "token" => { required: true, type: String },
+            "ignore_not_found" => { required: false, type: [FalseClass, TrueClass] },
           })
           text = "GitHub group #{key.inspect}"
           Entitlements::Util::Util.validate_attr!(spec, data, text)

data/lib/entitlements/backend/github_team/provider.rb CHANGED Viewed

@@ -23,7 +23,8 @@ module Entitlements
             org: config.fetch("org"),
             addr: config.fetch("addr", nil),
             token: config.fetch("token"),
-            ou: config.fetch("base")
+            ou: config.fetch("base"),
+            ignore_not_found: config.fetch("ignore_not_found", false)
           )
           @github_team_cache = {}
@@ -199,8 +200,8 @@ module Entitlements
             end
           end
-          existing_maintainers = existing_group.metadata_fetch_if_exists("team_maintainers")
-          changed_maintainers = group.metadata_fetch_if_exists("team_maintainers")
+          existing_maintainers = existing_group.metadata_fetch_if_exists("team_maintainers")&.downcase
+          changed_maintainers = group.metadata_fetch_if_exists("team_maintainers")&.downcase
           if existing_maintainers != changed_maintainers
             base_diff[:metadata] ||= {}
             if existing_maintainers.nil? && !changed_maintainers.nil?

data/lib/entitlements/backend/github_team/service.rb CHANGED Viewed

@@ -28,9 +28,10 @@ module Entitlements
           addr: C::Maybe[String],
           org: String,
           token: String,
-          ou: String
+          ou: String,
+          ignore_not_found: C::Bool,
         ] => C::Any
-        def initialize(addr: nil, org:, token:, ou:)
+        def initialize(addr: nil, org:, token:, ou:, ignore_not_found: false)
           super
           Entitlements.cache[:github_team_members] ||= {}
           Entitlements.cache[:github_team_members][org] ||= {}
@@ -436,8 +437,16 @@ module Entitlements
           end
           Entitlements.logger.debug "#{identifier} add_user_to_team(user=#{user}, org=#{org}, team_id=#{team.team_id}, role=#{role})"
           validate_team_id_and_slug!(team.team_id, team.team_name)
-          result = octokit.add_team_membership(team.team_id, user, role:)
-          result[:state] == "active" || result[:state] == "pending"
+          begin
+            result = octokit.add_team_membership(team.team_id, user, role:)
+            result[:state] == "active" || result[:state] == "pending"
+          rescue Octokit::NotFound => e
+            raise e unless ignore_not_found
+            Entitlements.logger.warn "User #{user} not found in GitHub instance #{identifier}, ignoring."
+            false
+          end
         end
         # Remove user from team.

data/lib/entitlements/service/github.rb CHANGED Viewed

@@ -17,7 +17,7 @@ module Entitlements
       MAX_GRAPHQL_RETRIES = 3
       WAIT_BETWEEN_GRAPHQL_RETRIES = 1
-      attr_reader :addr, :org, :token, :ou
+      attr_reader :addr, :org, :token, :ou, :ignore_not_found
       # Constructor.
       #
@@ -31,14 +31,16 @@ module Entitlements
         addr: C::Maybe[String],
         org: String,
         token: String,
-        ou: String
+        ou: String,
+        ignore_not_found: C::Bool,
       ] => C::Any
-      def initialize(addr: nil, org:, token:, ou:)
+      def initialize(addr: nil, org:, token:, ou:, ignore_not_found: false)
         # Save some parameters for the connection but don't actually connect yet.
         @addr = addr
         @org = org
         @token = token
         @ou = ou
+        @ignore_not_found = ignore_not_found
         # This is a global cache across all invocations of this object. GitHub membership
         # need to be obtained only one time per organization, but might be used multiple times.

data/lib/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Entitlements
   module Version
-    VERSION = "0.4.4"
+    VERSION = "0.5.0"
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: entitlements-github-plugin
 version: !ruby/object:Gem::Version
-  version: 0.4.4
+  version: 0.5.0
 platform: ruby
 authors:
 - GitHub, Inc. Security Ops
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-05 00:00:00.000000000 Z
+date: 2023-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: contracts