qontract-reconcile 0.9.1rc298__py3-none-any.whl → 0.10.1.dev1203__py3-none-any.whl

reconcile/utils/gitlab_api.py

@@ -1,20 +1,42 @@
 import logging
 import os
+import re
+from collections.abc import (
+    Iterable,
+    Set,
+)
+from functools import cached_property
 from operator import (
     attrgetter,
     itemgetter,
 )
 from typing import (
     Any,
-    Optional,
+    TypedDict,
+    cast,
 )
 from urllib.parse import urlparse
 
 import gitlab
 import urllib3
+from gitlab.const import (
+    DEVELOPER_ACCESS,
+    GUEST_ACCESS,
+    MAINTAINER_ACCESS,
+    OWNER_ACCESS,
+    REPORTER_ACCESS,
+)
 from gitlab.v4.objects import (
     CurrentUser,
+    Group,
+    GroupMember,
+    PersonalAccessToken,
+    Project,
+    ProjectIssue,
+    ProjectIssueManager,
     ProjectMergeRequest,
+    ProjectMergeRequestManager,
+    ProjectMergeRequestNote,
 )
 from sretoolbox.utils import retry
 
@@ -30,6 +52,7 @@ MR_DESCRIPTION_COMMENT_ID = 0
 
 # The default value is there for unit test
 INTEGRATION_NAME = os.getenv("INTEGRATION_NAME", "")
+DEFAULT_MAIN_BRANCH = "master"
 
 
 class MRState:
@@ -58,12 +81,20 @@ class MRStatus:
     CANNOT_BE_MERGED_RECHECK = "cannot_be_merged_recheck"
 
 
+GROUP_BOT_NAME_REGEX = re.compile(r"group_.+_bot_.+")
+
+
+class GLGroupMember(TypedDict):
+    id: str
+    user: str
+    access_level: str
+
+
 class GitLabApi:  # pylint: disable=too-many-public-methods
     def __init__(
         self,
         instance,
         project_id=None,
-        ssl_verify=True,
         settings=None,
         secret_reader=None,
         project_url=None,
@@ -74,11 +105,14 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         if not secret_reader:
             secret_reader = SecretReader(settings=settings)
         token = secret_reader.read(instance["token"])
-        ssl_verify = instance["sslVerify"]
-        if ssl_verify is None:
-            ssl_verify = True
+        self.ssl_verify = instance["sslVerify"]
+        if self.ssl_verify is None:
+            self.ssl_verify = True
         self.gl = gitlab.Gitlab(
-            self.server, private_token=token, ssl_verify=ssl_verify, timeout=timeout
+            self.server,
+            private_token=token,
+            ssl_verify=self.ssl_verify,
+            timeout=timeout,
         )
         self._auth()
         self.user: CurrentUser = self.gl.user
@@ -88,11 +122,24 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
             if project_url is not None:
                 parsed_project_url = urlparse(project_url)
                 name_with_namespace = parsed_project_url.path.strip("/")
+                gitlab_request.labels(integration=INTEGRATION_NAME).inc()
                 self.project = self.gl.projects.get(name_with_namespace)
         else:
+            gitlab_request.labels(integration=INTEGRATION_NAME).inc()
             self.project = self.gl.projects.get(project_id)
         self.saas_files = saas_files
 
+    @cached_property
+    def project_main_branch(self) -> str:
+        return next(
+            (b.name for b in self.project.branches.list(iterator=True) if b.default),
+            DEFAULT_MAIN_BRANCH,
+        )
+
+    @property
+    def main_branch(self) -> str:
+        return self.project_main_branch if self.project else DEFAULT_MAIN_BRANCH
+
     def __enter__(self):
         return self
 
@@ -127,13 +174,11 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         """
 
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        self.project.commits.create(
-            {
-                "branch": branch_name,
-                "commit_message": commit_message,
-                "actions": actions,
-            }
-        )
+        self.project.commits.create({
+            "branch": branch_name,
+            "commit_message": commit_message,
+            "actions": actions,
+        })
 
     def create_file(self, branch_name, file_path, commit_message, content):
         data = {
@@ -186,27 +231,23 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         return self.project.mergerequests.create(data)
 
-    def mr_exists(self, title):
+    def mr_exists(self, title: str) -> bool:
         mrs = self.get_merge_requests(state=MRState.OPENED)
-        for mr in mrs:
-            # since we are using a naming convention for these MRs
-            # we can determine if a pending MR exists based on the title
-            if mr.attributes.get("title") != title:
-                continue
-
-            return True
-
-        return False
+        # since we are using a naming convention for these MRs
+        # we can determine if a pending MR exists based on the title
+        return any(mr.title == title for mr in mrs)
 
     @retry()
-    def get_project_maintainers(self, repo_url=None):
-        if repo_url is None:
-            project = self.project
-        else:
-            project = self.get_project(repo_url)
+    def get_project_maintainers(
+        self, repo_url: str | None = None, query: dict | None = None
+    ) -> list[str] | None:
+        project = self.project if repo_url is None else self.get_project(repo_url)
         if project is None:
             return None
-        members = self.get_items(project.members.all)
+        if query:
+            members = self.get_items(project.members_all.list, query_parameters=query)
+        else:
+            members = self.get_items(project.members_all.list)
         return [m.username for m in members if m.access_level >= 40]
 
     def get_app_sre_group_users(self):
@@ -214,26 +255,51 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         app_sre_group = self.gl.groups.get("app-sre")
         return self.get_items(app_sre_group.members.list)
 
-    def check_group_exists(self, group_name):
-        groups = self.get_items(self.gl.groups.list)
-        group_names = list(map(lambda x: x.name, groups))
-        if group_name not in group_names:
-            return False
-        return True
+    def get_group_if_exists(self, group_name: str) -> Group | None:
+        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+        try:
+            return self.gl.groups.get(group_name)
+        except gitlab.exceptions.GitlabGetError:
+            return None
 
-    def get_group_members(self, group_name):
-        if not self.check_group_exists(group_name):
-            logging.error(group_name + " group not found")
-            return []
+    def share_project_with_group(
+        self,
+        project: Project,
+        group_id: int,
+        access_level: int,
+        reshare: bool = False,
+    ) -> None:
+        if reshare:
+            gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+            project.unshare(group_id)
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        group = self.gl.groups.get(group_name)
-        return [
-            {
-                "user": m.username,
-                "access_level": self.get_access_level_string(m.access_level),
-            }
-            for m in self.get_items(group.members.list)
-        ]
+        project.share(group_id, access_level)
+
+    @staticmethod
+    def _is_bot_username(username: str) -> bool:
+        """crudely checking for the username
+
+        as gitlab-python require a major upgrade to use the billable members apis
+        https://python-gitlab.readthedocs.io/en/stable/gl_objects/groups.html#id11 lists the api
+        billable_membersis the attribute that provides billable members of groups
+
+        the second api is https://python-gitlab.readthedocs.io/en/stable/gl_objects/group_access_tokens.html
+        which provides a list of access tokens as well as their assigned users
+
+        those apis are not avaliable in python-gitlab v1.x
+        """
+        return GROUP_BOT_NAME_REGEX.match(username) is not None
+
+    def get_group_members(self, group: Group | None) -> list[GroupMember]:
+        if group is None:
+            logging.error("no group provided")
+            return []
+        else:
+            return [
+                m
+                for m in self.get_items(group.members.list)
+                if not self._is_bot_username(m.username)
+            ]
 
     def add_project_member(self, repo_url, user, access="maintainer"):
         project = self.get_project(repo_url)
@@ -247,74 +313,66 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
             member.access_level = access_level
             member.save()
 
-    def add_group_member(self, group_name, username, access):
-        if not self.check_group_exists(group_name):
-            logging.error(group_name + " group not found")
-        else:
+    def add_group_member(self, group, user):
+        gitlab_user = self.get_user(user.user)
+        if gitlab_user is not None:
             gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-            group = self.gl.groups.get(group_name)
-            user = self.get_user(username)
-            access_level = self.get_access_level(access)
-            if user is not None:
+            try:
+                group.members.create({
+                    "user_id": gitlab_user.id,
+                    "access_level": user.access_level,
+                })
+            except gitlab.exceptions.GitlabCreateError:
                 gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-                try:
-                    group.members.create(
-                        {"user_id": user.id, "access_level": access_level}
-                    )
-                except gitlab.exceptions.GitlabCreateError:
-                    gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-                    member = group.members.get(user.id)
-                    member.access_level = access_level
+                member = group.members.get(user.user)
+                member.access_level = user.access_level
+                member.save()
 
-    def remove_group_member(self, group_name, username):
+    def remove_group_member(self, group, user_id):
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        group = self.gl.groups.get(group_name)
-        user = self.get_user(username)
-        if user is not None:
-            gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-            group.members.delete(user.id)
+        group.members.delete(user_id)
 
-    def change_access(self, group, username, access):
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        group = self.gl.groups.get(group)
-        user = self.get_user(username)
+    def change_access(self, member, access_level):
+        member.access_level = access_level
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        member = group.members.get(user.id)
-        member.access_level = self.get_access_level(access)
         member.save()
 
     @staticmethod
     def get_access_level_string(access_level):
-        if access_level == gitlab.OWNER_ACCESS:
+        if access_level == OWNER_ACCESS:
             return "owner"
-        if access_level == gitlab.MAINTAINER_ACCESS:
+        if access_level == MAINTAINER_ACCESS:
             return "maintainer"
-        if access_level == gitlab.DEVELOPER_ACCESS:
+        if access_level == DEVELOPER_ACCESS:
             return "developer"
-        if access_level == gitlab.REPORTER_ACCESS:
+        if access_level == REPORTER_ACCESS:
             return "reporter"
-        if access_level == gitlab.GUEST_ACCESS:
+        if access_level == GUEST_ACCESS:
             return "guest"
 
     @staticmethod
     def get_access_level(access):
         access = access.lower()
         if access == "owner":
-            return gitlab.OWNER_ACCESS
+            return OWNER_ACCESS
         if access == "maintainer":
-            return gitlab.MAINTAINER_ACCESS
+            return MAINTAINER_ACCESS
         if access == "developer":
-            return gitlab.DEVELOPER_ACCESS
+            return DEVELOPER_ACCESS
         if access == "reporter":
-            return gitlab.REPORTER_ACCESS
+            return REPORTER_ACCESS
         if access == "guest":
-            return gitlab.GUEST_ACCESS
+            return GUEST_ACCESS
 
-    def get_group_id_and_projects(self, group_name):
+    def get_group_id_and_projects(self, group_name: str) -> tuple[str, list[str]]:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         group = self.gl.groups.get(group_name)
         return group.id, [p.name for p in self.get_items(group.projects.list)]
 
+    def get_group(self, group_name: str) -> Group:
+        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+        return self.gl.groups.get(group_name)
+
     def create_project(self, group_id, project):
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         self.gl.projects.create({"name": project, "namespace_id": group_id})
@@ -323,7 +381,7 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         return f"{self.server}/{group}/{project}"
 
     @retry()
-    def get_project(self, repo_url):
+    def get_project(self, repo_url: str) -> Project | None:
         repo = repo_url.replace(self.server + "/", "")
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         try:
@@ -347,14 +405,22 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         return self.get_items(mr.resourcelabelevents.list)
 
     def get_merge_request_pipelines(self, mr: ProjectMergeRequest) -> list[dict]:
+        # TODO: use typed object in return
+        # TODO: use server side order_by
+        items = self.get_items(mr.pipelines.list)
         return sorted(
-            self.get_items(mr.pipelines), key=lambda x: x["created_at"], reverse=True
+            [i.asdict() for i in items],
+            key=lambda x: x["created_at"],
+            reverse=True,
         )
 
-    def get_merge_request_changed_paths(self, mr_id: int) -> list[str]:
+    @staticmethod
+    def get_merge_request_changed_paths(
+        merge_request: ProjectMergeRequest,
+    ) -> list[str]:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        changes = merge_request.changes()["changes"]
+        result = merge_request.changes()
+        changes = cast(dict, result)["changes"]
         changed_paths = set()
         for change in changes:
             old_path = change["old_path"]
@@ -363,101 +429,126 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
             changed_paths.add(new_path)
         return list(changed_paths)
 
-    def get_merge_request_author_username(self, mr_id: int) -> str:
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
+    @staticmethod
+    def get_merge_request_author_username(
+        merge_request: ProjectMergeRequest,
+    ) -> str:
         return merge_request.author["username"]
 
+    @staticmethod
     def get_merge_request_comments(
-        self, mr_id: int, include_description: bool = False
+        merge_request: ProjectMergeRequest,
+        include_description: bool = False,
     ) -> list[dict[str, Any]]:
         comments = []
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
         if include_description:
-            comments.append(
-                {
-                    "username": merge_request.author["username"],
-                    "body": merge_request.description,
-                    "created_at": merge_request.created_at,
-                    "id": MR_DESCRIPTION_COMMENT_ID,
-                }
-            )
-        for note in self.get_items(merge_request.notes.list):
+            comments.append({
+                "username": merge_request.author["username"],
+                "body": merge_request.description,
+                "created_at": merge_request.created_at,
+                "id": MR_DESCRIPTION_COMMENT_ID,
+            })
+        for note in GitLabApi.get_items(merge_request.notes.list):
             if note.system:
                 continue
-            comments.append(
-                {
-                    "username": note.author["username"],
-                    "body": note.body,
-                    "created_at": note.created_at,
-                    "id": note.id,
-                }
-            )
+            comments.append({
+                "username": note.author["username"],
+                "body": note.body,
+                "created_at": note.created_at,
+                "id": note.id,
+                "note": note,
+            })
         return comments
 
-    def delete_gitlab_comment(self, mr_id, comment_id):
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        note = merge_request.notes.get(comment_id)
+    @staticmethod
+    def delete_comment(note: ProjectMergeRequestNote) -> None:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         note.delete()
 
-    def add_comment_on_merge_request(
-        self, merge_request: ProjectMergeRequest, comment: str
+    def delete_merge_request_comments(
+        self,
+        merge_request: ProjectMergeRequest,
+        startswith: str,
     ) -> None:
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request.notes.create({"body": comment})
+        comments = self.get_merge_request_comments(merge_request)
+        for c in comments:
+            body = c["body"] or ""
+            if c["username"] == self.user.username and body.startswith(startswith):
+                self.delete_comment(c["note"])
 
-    def add_merge_request_comment(self, mr_id, comment):
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request.notes.create({"body": comment})
-
-    def get_project_labels(self):
-        return [ln.name for ln in self.get_items(self.project.labels.list)]
+    @retry()
+    def get_project_labels(self) -> Set[str]:
+        return {ln.name for ln in self.get_items(self.project.labels.list)}
 
-    def get_merge_request_labels(self, mr_id):
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        return merge_request.labels
+    @staticmethod
+    def add_label_to_merge_request(
+        merge_request: ProjectMergeRequest,
+        label: str,
+    ) -> None:
+        # merge_request maybe stale, refresh it to reduce the possibility of labels overwriting
+        GitLabApi.refresh_labels(merge_request)
 
-    def add_label_to_merge_request(self, mr_id, label):
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        labels = merge_request.attributes.get("labels")
+        labels = merge_request.labels
+        if label in labels:
+            return
         labels.append(label)
-        self.update_labels(merge_request, "merge-request", labels)
+        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+        merge_request.save()
 
-    def add_labels_to_merge_request(self, mr_id, labels):
+    @staticmethod
+    def add_labels_to_merge_request(
+        merge_request: ProjectMergeRequest,
+        labels: Iterable[str],
+    ):
         """Adds labels to a Merge Request"""
+        # merge_request maybe stale, refresh it to reduce the possibility of labels overwriting
+        GitLabApi.refresh_labels(merge_request)
+
+        new_labels = set(labels) - set(merge_request.labels)
+        if not new_labels:
+            return
+        merge_request.labels.extend(new_labels)
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        mr_labels = merge_request.attributes.get("labels")
-        mr_labels += labels
-        self.update_labels(merge_request, "merge-request", mr_labels)
+        merge_request.save()
 
-    def set_labels_on_merge_request(self, mr_id, labels):
+    @staticmethod
+    def set_labels_on_merge_request(
+        merge_request: ProjectMergeRequest,
+        labels: Iterable[str],
+    ) -> None:
         """Set labels to a Merge Request"""
-        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        self.update_labels(merge_request, "merge-request", labels)
+        desired_labels = set(labels)
+        current_labels = set(merge_request.labels)
+        labels_to_add = desired_labels - current_labels
+        labels_to_remove = current_labels - desired_labels
+
+        if not labels_to_add and not labels_to_remove:
+            return
+
+        # merge_request maybe stale, refresh it to reduce the possibility of labels overwriting
+        GitLabApi.refresh_labels(merge_request)
+
+        refreshed_current_labels = set(merge_request.labels)
+        new_desired_labels = (
+            refreshed_current_labels - labels_to_remove
+        ) | labels_to_add
+
+        if new_desired_labels == refreshed_current_labels:
+            return
 
-    def remove_label_from_merge_request(self, mr_id, label):
+        merge_request.labels = list(new_desired_labels)
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
-        labels = merge_request.attributes.get("labels")
-        if label in labels:
-            labels.remove(label)
-        self.update_labels(merge_request, "merge-request", labels)
+        merge_request.save()
 
-    def add_comment_to_merge_request(self, mr_id, body):
+    @staticmethod
+    def add_comment_to_merge_request(
+        merge_request: ProjectMergeRequest,
+        body: str,
+    ) -> None:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        merge_request = self.project.mergerequests.get(mr_id)
         merge_request.notes.create({"body": body})
 
+    # TODO: deprecated this method as new support of list(get_all=True), and figure out request counter metrics
     @staticmethod
     def get_items(method, **kwargs):
         all_items = []
@@ -476,35 +567,75 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         self.project.labels.create({"name": label_text, "color": label_color})
 
-    def add_label(self, item, item_type, label):
-        note_body = (
-            "item has been marked as {0}. " "to remove say `/{0} cancel`"
-        ).format(label)
-        labels = item.attributes.get("labels")
+    @staticmethod
+    def refresh_labels(item: ProjectMergeRequest | ProjectIssue):
+        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+        manager: ProjectMergeRequestManager | ProjectIssueManager
+        match item:
+            case ProjectMergeRequest():
+                manager = cast(ProjectMergeRequestManager, item.manager)
+            case ProjectIssue():
+                manager = cast(ProjectIssueManager, item.manager)
+            case _:
+                raise ValueError("item must be a ProjectMergeRequest or ProjectIssue")
+        item_id = item.get_id()
+        if item_id is None:
+            raise ValueError("item must have an id")
+        refreshed_item = manager.get(item_id)
+        item.labels = refreshed_item.labels
+
+    @staticmethod
+    def add_label_with_note(
+        item: ProjectMergeRequest | ProjectIssue,
+        label: str,
+    ) -> None:
+        # item maybe stale, refresh it to reduce the possibility of labels overwriting
+        GitLabApi.refresh_labels(item)
+
+        labels = item.labels
+        if label in labels:
+            return
         labels.append(label)
+        note_body = (
+            f"item has been marked as {label}. " f"to remove say `/{label} cancel`"
+        )
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         item.notes.create({"body": note_body})
-        self.update_labels(item, item_type, labels)
+        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+        item.save()
 
-    def remove_label(self, item, item_type, label):
-        labels = item.attributes.get("labels")
+    @staticmethod
+    def remove_label(
+        item: ProjectMergeRequest | ProjectIssue,
+        label: str,
+    ):
+        # item maybe stale, refresh it to reduce the possibility of labels overwriting
+        GitLabApi.refresh_labels(item)
+
+        labels = item.labels
+        if label not in labels:
+            return
         labels.remove(label)
-        self.update_labels(item, item_type, labels)
+        gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+        item.save()
+
+    @staticmethod
+    def remove_labels(
+        item: ProjectMergeRequest | ProjectIssue,
+        labels: Iterable[str],
+    ):
+        # item maybe stale, refresh it to reduce the possibility of labels overwriting
+        GitLabApi.refresh_labels(item)
+
+        current_labels = set(item.labels)
+        to_be_removed = set(labels) & current_labels
+
+        if not to_be_removed:
+            return
+        item.labels = list(current_labels - to_be_removed)
 
-    def update_labels(self, item, item_type, labels):
-        if item_type == "issue":
-            gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-            editable_item = self.project.issues.get(
-                item.attributes.get("iid"), lazy=True
-            )
-        elif item_type == "merge-request":
-            gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-            editable_item = self.project.mergerequests.get(
-                item.attributes.get("iid"), lazy=True
-            )
-        editable_item.labels = labels
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        editable_item.save()
+        item.save()
 
     @staticmethod
     def close(item):
@@ -514,7 +645,7 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
 
     def get_user(self, username):
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        user = self.gl.users.list(search=username)
+        user = self.gl.users.list(search=username, page=1, per_page=1)
         if len(user) == 0:
             logging.error(username + " user not found")
             return
@@ -527,7 +658,8 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         if p is None:
             return []
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        return p.hooks.list(per_page=100)
+        # TODO: get_all may send multiple requests, update metrics accordingly
+        return p.hooks.list(per_page=100, get_all=True)
 
     def create_project_hook(self, repo_url, data):
         p = self.get_project(repo_url)
@@ -538,9 +670,9 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         hook = {
             "url": url,
             "enable_ssl_verification": 1,
-            "note_events": int(trigger == "mr"),
-            "push_events": int(trigger == "push"),
-            "merge_requests_events": int(trigger == "mr"),
+            "note_events": int("note" in trigger),
+            "push_events": int("push" in trigger),
+            "merge_requests_events": int("mr" in trigger),
         }
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         p.hooks.create(hook)
@@ -582,7 +714,7 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         # what is the time of the last app-sre response?
         last_action_by_team = None
         # comments
-        comments = self.get_merge_request_comments(mr.iid)
+        comments = self.get_merge_request_comments(mr)
         comments.sort(key=itemgetter("created_at"), reverse=True)
         for comment in comments:
             username = comment["username"]
@@ -593,7 +725,8 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
                 break
         # labels
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        label_events = mr.resourcelabelevents.list()
+        # TODO: this may send multiple requests, update metrics accordingly
+        label_events = mr.resourcelabelevents.list(get_all=True)
         for label in reversed(label_events):
             if label.action == "add" and label.label["name"] in hold_labels:
                 username = label.user["username"]
@@ -642,7 +775,7 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         author, assignee = last_assignment[0], last_assignment[1]
         return author in team_usernames and mr.assignee["username"] == assignee
 
-    def last_assignment(self, mr: ProjectMergeRequest) -> Optional[tuple[str, str]]:
+    def last_assignment(self, mr: ProjectMergeRequest) -> tuple[str, str] | None:
         body_format = "assigned to @"
         notes = self.get_items(mr.notes.list)
 
@@ -661,8 +794,8 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
 
     def last_comment(
         self, mr: ProjectMergeRequest, exclude_bot=True
-    ) -> Optional[dict[str, Any]]:
-        comments = self.get_merge_request_comments(mr.iid)
+    ) -> dict[str, Any] | None:
+        comments = self.get_merge_request_comments(mr)
         comments.sort(key=itemgetter("created_at"), reverse=True)
         for comment in comments:
             username = comment["username"]
@@ -674,5 +807,15 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
     def get_commit_sha(self, ref: str, repo_url: str) -> str:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
         project = self.get_project(repo_url)
-        commits = project.commits.list(ref_name=ref, per_page=1)
+        commits = project.commits.list(ref_name=ref, per_page=1, page=1)
         return commits[0].id
+
+    def repository_compare(
+        self, repo_url: str, ref_from: str, ref_to: str
+    ) -> list[dict[str, Any]]:
+        project = self.get_project(repo_url)
+        response: Any = project.repository_compare(ref_from, ref_to)
+        return response.get("commits", [])
+
+    def get_personal_access_tokens(self) -> list[PersonalAccessToken]:
+        return self.get_items(self.gl.personal_access_tokens.list)