From bc666a7805ae1d3045e89332d129ff2fa1170aa7 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Mon, 23 May 2022 10:26:35 -0300 Subject: [PATCH 01/61] 3 new actions --- CHANGES.md | 6 +++ actions/add_repository_collaborator.py | 29 ++++++++++++ actions/add_repository_collaborator.yaml | 44 ++++++++++++++++++ actions/check_user_repository_collaborator.py | 36 +++++++++++++++ .../check_user_repository_collaborator.yaml | 34 ++++++++++++++ actions/get_repository_collaborators.py | 31 +++++++++++++ actions/get_repository_collaborators.yaml | 46 +++++++++++++++++++ 7 files changed, 226 insertions(+) create mode 100644 actions/add_repository_collaborator.py create mode 100644 actions/add_repository_collaborator.yaml create mode 100644 actions/check_user_repository_collaborator.py create mode 100644 actions/check_user_repository_collaborator.yaml create mode 100644 actions/get_repository_collaborators.py create mode 100644 actions/get_repository_collaborators.yaml diff --git a/CHANGES.md b/CHANGES.md index 2bbbfad..f96b6c0 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,11 @@ # Changelog +## 2.1.2 + +* Add new ``github.add_repository_collaborator`` action which allows user to add a collaborator to repository. +* Add new ``github.check_user_repository_collaborator`` action which allows user to check if an user is a collaborator's repository. +* Add new ``github.get_repository_collaborators`` action which allows user to list the collaborators of repository. + ## 2.1.1 * Bug fix (#43) where the sensor will throw an exception if no events are returned from the GitHub api. diff --git a/actions/add_repository_collaborator.py b/actions/add_repository_collaborator.py new file mode 100644 index 0000000..e5174ad --- /dev/null +++ b/actions/add_repository_collaborator.py @@ -0,0 +1,29 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'AddRepositoryCollaboratorAction' +] + +class AddRepositoryCollaboratorAction(BaseGithubAction): + def run(self, api_user, owner, repo, username, github_type, permission ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "permission": permission } + + response = self._request("PUT", + "/repos/{}/{}/collaborators/{}".format(owner,repo,username ), + payload, + self.token, + enterprise) + + results = {'response': response} + + return results diff --git a/actions/add_repository_collaborator.yaml b/actions/add_repository_collaborator.yaml new file mode 100644 index 0000000..76b6808 --- /dev/null +++ b/actions/add_repository_collaborator.yaml @@ -0,0 +1,44 @@ +--- +name: add_repository_collaborator +runner_type: python-script +pack: github +description: > + Add a repository collaborator. + Example: + st2 run github.add_repository_collaborator owner="organization" repo="reponame" username="collaborator" api_user="token_name" +enabled: true +entry_point: add_repository_collaborator.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive.." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + username: + type: "string" + description: "The handle for the GitHub user account." + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + permission: + type: "string" + description: "The permission to grant the collaborator. Only valid on organization-owned repositories. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any." + enum: + - "pull" + - "push" + - "admin" + - "maintain" + - "triage" + default: "push" \ No newline at end of file diff --git a/actions/check_user_repository_collaborator.py b/actions/check_user_repository_collaborator.py new file mode 100644 index 0000000..1cea121 --- /dev/null +++ b/actions/check_user_repository_collaborator.py @@ -0,0 +1,36 @@ +import time +import datetime +import json + +from lib.base import BaseGithubAction + +__all__ = [ + 'CheckIfUserIsRepositoryCollaborator' +] + +class CheckIfUserIsRepositoryCollaborator(BaseGithubAction): + def run(self, api_user, owner, repo, username, github_type ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + try: + response = self._request("GET", + "/repos/{}/{}/collaborators/{}".format(owner,repo,username ), + {}, + self.token, + enterprise) + results = {'response': "The user {} is a Collaborator".format(username)} + except OSError as err: + raise err + except ValueError as err: + raise err + except Exception as err: + if str(err).find("404"): + results = {'response': "is not a Collaborator or not found"} + else: + raise err + + return results diff --git a/actions/check_user_repository_collaborator.yaml b/actions/check_user_repository_collaborator.yaml new file mode 100644 index 0000000..7d14c81 --- /dev/null +++ b/actions/check_user_repository_collaborator.yaml @@ -0,0 +1,34 @@ +--- +name: check_user_repository_collaborator +runner_type: python-script +pack: github +description: > + Check if a user is a repository collaborator. + Example: + st2 run github.check_user_repository_collaborator owner="organization" repo="reponame" username="collaborator" api_user="token_name" +enabled: true +entry_point: check_user_repository_collaborator.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + username: + type: "string" + description: "The handle for the GitHub user account." + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" \ No newline at end of file diff --git a/actions/get_repository_collaborators.py b/actions/get_repository_collaborators.py new file mode 100644 index 0000000..65988d7 --- /dev/null +++ b/actions/get_repository_collaborators.py @@ -0,0 +1,31 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'GetRepositoryCollaborators' +] + +class GetRepositoryCollaborators(BaseGithubAction): + def run(self, api_user, owner, repo, affiliation, per_page, page, github_type ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "affiliation": affiliation, + "per_page": per_page, + "page": page } + + response = self._request("GET", + "/repos/{}/{}/collaborators".format(owner,repo), + payload, + self.token, + enterprise) + + results = {'response': response} + + return results diff --git a/actions/get_repository_collaborators.yaml b/actions/get_repository_collaborators.yaml new file mode 100644 index 0000000..455b9a3 --- /dev/null +++ b/actions/get_repository_collaborators.yaml @@ -0,0 +1,46 @@ +--- +name: get_repository_collaborators +runner_type: python-script +pack: github +description: > + List repository collaborators. + Example: + st2 run github.get_repository_collaborators owner="organization" repo="reponame" api_user="token_name" +enabled: true +entry_point: get_repository_collaborators.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + affiliation: + type: "string" + description: "Filter collaborators returned by their affiliation. outside means all outside collaborators of an organization-owned repository. direct means all collaborators with permissions to an organization-owned repository, regardless of organization membership status. all means all collaborators the authenticated user can see." + enum: + - "outside" + - "direct" + - "all" + default: "all" + per_page: + type: "integer" + description: "The number of results per page (max 100)." + default: 30 + page: + type: "integer" + description: "Page number of the results to fetch." + default: 1 + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" \ No newline at end of file From 91b65669d1211ad73d4911c482770d3d24c642be Mon Sep 17 00:00:00 2001 From: Marlon Augusto Heiber <55984212+MarlonHeiber@users.noreply.github.com> Date: Mon, 23 May 2022 18:26:02 -0300 Subject: [PATCH 02/61] Update CHANGES.md Co-authored-by: Eugen C. <1533818+armab@users.noreply.github.com> --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index f96b6c0..2488d6a 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,6 +1,6 @@ # Changelog -## 2.1.2 +## 2.2.0 * Add new ``github.add_repository_collaborator`` action which allows user to add a collaborator to repository. * Add new ``github.check_user_repository_collaborator`` action which allows user to check if an user is a collaborator's repository. From 67620f03b99e2994b0668e7e783340066b1df9ec Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Wed, 25 May 2022 09:37:50 -0300 Subject: [PATCH 03/61] more two actions --- CHANGES.md | 4 +- actions/add_update_repository_team.py | 29 +++++++++++ actions/add_update_repository_team.yaml | 48 +++++++++++++++++++ .../check_team_permissions_for_repository.py | 37 ++++++++++++++ ...check_team_permissions_for_repository.yaml | 38 +++++++++++++++ 5 files changed, 155 insertions(+), 1 deletion(-) create mode 100644 actions/add_update_repository_team.py create mode 100644 actions/add_update_repository_team.yaml create mode 100644 actions/check_team_permissions_for_repository.py create mode 100644 actions/check_team_permissions_for_repository.yaml diff --git a/CHANGES.md b/CHANGES.md index f96b6c0..50427e6 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,10 +1,12 @@ # Changelog -## 2.1.2 +## 2.2.0 * Add new ``github.add_repository_collaborator`` action which allows user to add a collaborator to repository. * Add new ``github.check_user_repository_collaborator`` action which allows user to check if an user is a collaborator's repository. * Add new ``github.get_repository_collaborators`` action which allows user to list the collaborators of repository. +* Add new ``github.add_update_repository_team`` action which allows user to add a team to repository. +* Add new ``github.check_team_permissions_for_repository`` action which allows user to check if a team has access to repository. ## 2.1.1 diff --git a/actions/add_update_repository_team.py b/actions/add_update_repository_team.py new file mode 100644 index 0000000..93f8e14 --- /dev/null +++ b/actions/add_update_repository_team.py @@ -0,0 +1,29 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'AddUpdateRepositoryTeamAction' +] + +class AddUpdateRepositoryTeamAction(BaseGithubAction): + def run(self, api_user, org, team_slug, owner, repo, github_type, permission ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "permission": permission } + + response = self._request("PUT", + "/orgs/{}/teams/{}/repos/{}/{}".format(org,team_slug,owner,repo ), + payload, + self.token, + enterprise) + + results = {'response': response} + + return results diff --git a/actions/add_update_repository_team.yaml b/actions/add_update_repository_team.yaml new file mode 100644 index 0000000..fd5fef0 --- /dev/null +++ b/actions/add_update_repository_team.yaml @@ -0,0 +1,48 @@ +--- +name: add_update_repository_team +runner_type: python-script +pack: github +description: > + Add or update repository team. + Example: + st2 run github.add_update_repository_team organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" +enabled: true +entry_point: add_update_repository_team.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + org: + type: "string" + description: "The organization name. The name is not case sensitive." + required: true + team_slug: + type: "string" + description: "The slug of the team name." + required: true + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + permission: + type: "string" + description: "The permission to grant the team on this repository. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any. If no permission is specified, the team's permission attribute will be used to determine what permission to grant the team on this repository." + enum: + - "pull" + - "push" + - "admin" + - "maintain" + - "triage" + default: "push" \ No newline at end of file diff --git a/actions/check_team_permissions_for_repository.py b/actions/check_team_permissions_for_repository.py new file mode 100644 index 0000000..81fd33f --- /dev/null +++ b/actions/check_team_permissions_for_repository.py @@ -0,0 +1,37 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'CheckTeamPermissionsForRepository' +] + +class CheckTeamPermissionsForRepository(BaseGithubAction): + def run(self, api_user, org, team_slug, owner, repo, github_type ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + try: + response = self._request("GET", + "/orgs/{}/teams/{}/repos/{}/{}".format(org,team_slug,owner,repo ), + {}, + self.token, + enterprise) + + results = {'response': "The team {} has access to the repository {}".format(team_slug, repo)} + except OSError as err: + raise err + except ValueError as err: + raise err + except Exception as err: + if str(err).find("404"): + results = {'response': "The team don't have access to the repository or not found"} + else: + raise err + + return results diff --git a/actions/check_team_permissions_for_repository.yaml b/actions/check_team_permissions_for_repository.yaml new file mode 100644 index 0000000..7802865 --- /dev/null +++ b/actions/check_team_permissions_for_repository.yaml @@ -0,0 +1,38 @@ +--- +name: check_team_permissions_for_repository +runner_type: python-script +pack: github +description: > + Check team permissions for a repository. + Example: + st2 run github.check_team_permissions_for_repository organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" +enabled: true +entry_point: check_team_permissions_for_repository.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + org: + type: "string" + description: "The organization name. The name is not case sensitive." + required: true + team_slug: + type: "string" + description: "The slug of the team name." + required: true + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" \ No newline at end of file From 394f93f8ab540c3e3874f3f0182f4333e55ea923 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Tue, 21 Jun 2022 18:01:02 -0300 Subject: [PATCH 04/61] create/get/delete branches :) --- actions/create_branch.py | 40 ++++++++++++++++++++++++++++++++++++++ actions/create_branch.yaml | 29 +++++++++++++++++++++++++++ actions/delete_branch.py | 24 +++++++++++++++++++++++ actions/delete_branch.yaml | 25 ++++++++++++++++++++++++ actions/get_branch.py | 26 +++++++++++++++++++++++++ actions/get_branch.yaml | 25 ++++++++++++++++++++++++ 6 files changed, 169 insertions(+) create mode 100644 actions/create_branch.py create mode 100644 actions/create_branch.yaml create mode 100644 actions/delete_branch.py create mode 100644 actions/delete_branch.yaml create mode 100644 actions/get_branch.py create mode 100644 actions/get_branch.yaml diff --git a/actions/create_branch.py b/actions/create_branch.py new file mode 100644 index 0000000..35b7bda --- /dev/null +++ b/actions/create_branch.py @@ -0,0 +1,40 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateBranchAction' +] + +class CreateBranchAction(BaseGithubAction): + def run(self, api_user, new_branch, origin_ref, repository, github_type): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + + # First, we have to get the sha1 for the given origin ref + response = self._request("GET", f"/repos/{repository}/git/refs/{origin_ref}", + {}, + self.token, + enterprise) + + if not response or not response['object']['sha']: + raise Exception(f"Could not get ref [{origin_ref}]. Response: {response}") + + + # Then, we create the branch based on the origin ref + payload = { "ref": f"refs/heads/{new_branch}", + "sha": response['object']['sha']} + + response = self._request("POST", + f"/repos/{repository}/git/refs", + payload, + self.token, + enterprise) + + return { 'response': response } diff --git a/actions/create_branch.yaml b/actions/create_branch.yaml new file mode 100644 index 0000000..f4cdd2a --- /dev/null +++ b/actions/create_branch.yaml @@ -0,0 +1,29 @@ +--- +name: "create_branch" +runner_type: "python-script" +description: "Create a new branch for a GitHub repository" +enabled: true +entry_point: "create_branch.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + origin_ref: + type: "string" + description: "The current reference to branch from (e.g. heads/master, heads/main)" + default: "heads/master" + new_branch: + type: "string" + description: "The branch to be created from the given ref" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: enterprise + enum: + - enterprise + - online diff --git a/actions/delete_branch.py b/actions/delete_branch.py new file mode 100644 index 0000000..c8b1d9e --- /dev/null +++ b/actions/delete_branch.py @@ -0,0 +1,24 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'DeleteBranchAction' +] + +class DeleteBranchAction(BaseGithubAction): + def run(self, api_user, branch, repository, github_type): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + response = self._request("DELETE", f"/repos/{repository}/git/refs/heads/{branch}", + {}, + self.token, + enterprise) + + return { 'response': response } diff --git a/actions/delete_branch.yaml b/actions/delete_branch.yaml new file mode 100644 index 0000000..36a0258 --- /dev/null +++ b/actions/delete_branch.yaml @@ -0,0 +1,25 @@ +--- +name: "delete_branch" +runner_type: "python-script" +description: "Deletes a branch from a GitHub repository" +enabled: true +entry_point: "delete_branch.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + branch: + type: "string" + description: "The branch to be created from the given ref" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: enterprise + enum: + - enterprise + - online diff --git a/actions/get_branch.py b/actions/get_branch.py new file mode 100644 index 0000000..4e846f0 --- /dev/null +++ b/actions/get_branch.py @@ -0,0 +1,26 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'GetBranchAction' +] + +class GetBranchAction(BaseGithubAction): + def run(self, api_user, branch, repository, github_type): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + + # First, we have to get the sha1 for the given origin ref + response = self._request("GET", f"/repos/{repository}/git/ref/heads/{branch}", + {}, + self.token, + enterprise) + + return { 'response': response } diff --git a/actions/get_branch.yaml b/actions/get_branch.yaml new file mode 100644 index 0000000..e970dd1 --- /dev/null +++ b/actions/get_branch.yaml @@ -0,0 +1,25 @@ +--- +name: "get_branch" +runner_type: "python-script" +description: "Gets branch details from a GitHub repository" +enabled: true +entry_point: "get_branch.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + branch: + type: "string" + description: "The name of the branch to fetch details for" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: enterprise + enum: + - enterprise + - online From 929a01891539fccf411450815c9394c72158a74f Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Tue, 21 Jun 2022 18:08:41 -0300 Subject: [PATCH 05/61] documentation --- CHANGES.md | 1 + actions/create_branch.yaml | 5 ++++- actions/delete_branch.yaml | 5 ++++- actions/get_branch.yaml | 5 ++++- 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 545a01c..0e15138 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -7,6 +7,7 @@ * Add new ``github.create_repository_from_template`` action which allows user to create a repository from template. * Bug fix on ``github.store_oauth_token.`` to api save the token correctly so that it can be read later. * Segure improvement on ``github.store_oauth_token.`` to encrypt de github token in web interface. +* Add new ``github.create_branch``, ``github.get_branch``, ``github.delete_branch`` actions which allows user to create/get/delete a branch. ## 2.1.1 diff --git a/actions/create_branch.yaml b/actions/create_branch.yaml index f4cdd2a..e3e03b0 100644 --- a/actions/create_branch.yaml +++ b/actions/create_branch.yaml @@ -1,7 +1,10 @@ --- name: "create_branch" runner_type: "python-script" -description: "Create a new branch for a GitHub repository" +description: > + Create a new branch for a GitHub repository + Example: + st2 run github.create_branch repository="reponame" origin_ref="heads/" new_branch="branch_name" api_user="token_name" enabled: true entry_point: "create_branch.py" parameters: diff --git a/actions/delete_branch.yaml b/actions/delete_branch.yaml index 36a0258..a605ef3 100644 --- a/actions/delete_branch.yaml +++ b/actions/delete_branch.yaml @@ -1,7 +1,10 @@ --- name: "delete_branch" runner_type: "python-script" -description: "Deletes a branch from a GitHub repository" +description: > + Deletes a branch from a GitHub repository + Example: + st2 run github.delete_branch repository="reponame" branch="branch_name" api_user="token_name" enabled: true entry_point: "delete_branch.py" parameters: diff --git a/actions/get_branch.yaml b/actions/get_branch.yaml index e970dd1..be6755d 100644 --- a/actions/get_branch.yaml +++ b/actions/get_branch.yaml @@ -1,7 +1,10 @@ --- name: "get_branch" runner_type: "python-script" -description: "Gets branch details from a GitHub repository" +description: > + Gets branch details from a GitHub repository + Example: + st2 run github.get_branch repository="reponame" branch="branch_name" api_user="token_name" enabled: true entry_point: "get_branch.py" parameters: From a55d1ee24bfff93e3c3335597f9a8834b1a4679f Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Wed, 22 Jun 2022 17:21:54 -0300 Subject: [PATCH 06/61] fixes --- actions/create_branch.py | 2 +- actions/create_file.py | 3 ++- actions/create_file.yaml | 12 ++++++++++++ actions/create_pull.py | 4 +++- actions/create_pull.yaml | 12 ++++++++++++ actions/get_user.py | 4 +--- actions/lib/base.py | 15 +++++++++++++++ actions/update_file.py | 3 ++- actions/update_file.yaml | 11 +++++++++++ 9 files changed, 59 insertions(+), 7 deletions(-) diff --git a/actions/create_branch.py b/actions/create_branch.py index 35b7bda..57ebb38 100644 --- a/actions/create_branch.py +++ b/actions/create_branch.py @@ -18,7 +18,7 @@ def run(self, api_user, new_branch, origin_ref, repository, github_type): # First, we have to get the sha1 for the given origin ref - response = self._request("GET", f"/repos/{repository}/git/refs/{origin_ref}", + response = self._request("GET", f"/repos/{repository}/git/ref/{origin_ref}", {}, self.token, enterprise) diff --git a/actions/create_file.py b/actions/create_file.py index d705fcb..5567969 100644 --- a/actions/create_file.py +++ b/actions/create_file.py @@ -8,8 +8,9 @@ class CreateFileAction(BaseGithubAction): - def run(self, user, repo, path, message, content, branch=None, committer=None, author=None, + def run(self, user, repo, path, message, content, github_type, api_user, branch=None, committer=None, author=None, encoding=None): + self._change_to_user_token_if_enterprise(api_user, github_type) author, branch, committer = prep_github_params_for_file_ops(author, branch, committer) if encoding and encoding == 'base64': diff --git a/actions/create_file.yaml b/actions/create_file.yaml index bb5281c..ddadda1 100644 --- a/actions/create_file.yaml +++ b/actions/create_file.yaml @@ -45,3 +45,15 @@ parameters: type: "string" description: "If omitted this will be filled in with committer information. If passed, you must specify both a name and email. Expected format: FirstName LastName " required: false + + api_user: + type: "string" + description: "The" + default: "{{action_context.api_user|default(None)}}" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ + enum: + - enterprise + - online \ No newline at end of file diff --git a/actions/create_pull.py b/actions/create_pull.py index 5274d95..965c508 100644 --- a/actions/create_pull.py +++ b/actions/create_pull.py @@ -7,7 +7,9 @@ class CreatePullAction(BaseGithubAction): - def run(self, user, repo, title, body, head, base): + def run(self, user, repo, title, body, head, base, api_user, github_type): + self._change_to_user_token_if_enterprise(api_user, github_type) + user = self._client.get_user(user) repo = user.get_repo(repo) pull = repo.create_pull(title=title, body=body, head=head, base=base) diff --git a/actions/create_pull.yaml b/actions/create_pull.yaml index d1caf79..ca10588 100644 --- a/actions/create_pull.yaml +++ b/actions/create_pull.yaml @@ -32,3 +32,15 @@ parameters: type: "string" description: "The name of the branch you want the changes pulled into. This should be an existing branch on the current repository. You cannot submit a pull request to one repository that requests a merge to a base of another repository." required: true + api_user: + type: "string" + description: "The" + default: "{{action_context.api_user|default(None)}}" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ + enum: + - enterprise + - online + diff --git a/actions/get_user.py b/actions/get_user.py index 9b25dd0..1a50a51 100644 --- a/actions/get_user.py +++ b/actions/get_user.py @@ -8,9 +8,7 @@ class GetUserAction(BaseGithubAction): def run(self, user, token_user, github_type): - enterprise = self._is_enterprise(github_type) - if token_user: - self._change_to_user_token(token_user, enterprise) + self._change_to_user_token_if_enterprise(token_user, github_type) user = self._client.get_user(user) result = user_to_dict(user=user) diff --git a/actions/lib/base.py b/actions/lib/base.py index 22b0716..9169096 100644 --- a/actions/lib/base.py +++ b/actions/lib/base.py @@ -2,6 +2,7 @@ import requests from bs4 import BeautifulSoup import json +import logging from st2common.runners.base_action import Action @@ -18,6 +19,7 @@ class BaseGithubAction(Action): + def run(self, **kwargs): pass @@ -70,6 +72,8 @@ def _get_analytics(self, category, repo, enterprise): response = s.get(url) return response.json() + # Whether or not this execution is meant for enterprise github installation (on-premises) + # or online installations (in the cloud) def _is_enterprise(self, github_type): if github_type == "enterprise": @@ -83,6 +87,8 @@ def _is_enterprise(self, github_type): else: raise ValueError("Default GitHub Invalid!") + # Github token will come from KV using this function.. and depending on whether + # it's for enterprise or not, it will return have either of the key prefix below def _get_user_token(self, user, enterprise): """ Return a users GitHub OAuth Token, if it fails replace '-' @@ -104,7 +110,15 @@ def _get_user_token(self, user, enterprise): return token + def _change_to_user_token_if_enterprise(self, api_user, github_type): + enterprise = self._is_enterprise(github_type) + if api_user: + self._change_to_user_token(api_user, enterprise) + + # Changes the internal client used on this instance of action execution to + # the one matching the configuration for enterprise/online and user given here def _change_to_user_token(self, user, enterprise): + logging.debug("Changing github client for user [%s] and enterprise [%s]", user, enterprise) token = self._get_user_token(user, enterprise) if enterprise: @@ -114,6 +128,7 @@ def _change_to_user_token(self, user, enterprise): return True + # Sends a generic HTTP/s request to the github endpoint def _request(self, method, uri, payload, token, enterprise): headers = {'Authorization': 'token {}'.format(token)} diff --git a/actions/update_file.py b/actions/update_file.py index b36fc45..48d1b5e 100644 --- a/actions/update_file.py +++ b/actions/update_file.py @@ -8,8 +8,9 @@ class UpdateFileAction(BaseGithubAction): - def run(self, user, repo, path, message, content, sha, branch=None, committer=None, + def run(self, user, repo, path, message, content, sha, api_user, github_type, branch=None, committer=None, author=None, encoding=None): + self._change_to_user_token_if_enterprise(api_user, github_type) author, branch, committer = prep_github_params_for_file_ops(author, branch, committer) if encoding and encoding == 'base64': diff --git a/actions/update_file.yaml b/actions/update_file.yaml index bdbaa62..de31537 100644 --- a/actions/update_file.yaml +++ b/actions/update_file.yaml @@ -49,3 +49,14 @@ parameters: type: "string" description: "If omitted this will be filled in with committer information. If passed, you must specify both a name and email. Expected format: FirstName LastName " required: false + api_user: + type: "string" + description: "The" + default: "{{action_context.api_user|default(None)}}" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ + enum: + - enterprise + - online From a376c7a5e5f05befe4219bb253bce5a17dca479d Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 24 Jun 2022 14:11:35 -0300 Subject: [PATCH 07/61] adding missing repository actions --- actions/add_update_repository_team.py | 29 +++++++++++++++ actions/add_update_repository_team.yaml | 48 +++++++++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 actions/add_update_repository_team.py create mode 100644 actions/add_update_repository_team.yaml diff --git a/actions/add_update_repository_team.py b/actions/add_update_repository_team.py new file mode 100644 index 0000000..93f8e14 --- /dev/null +++ b/actions/add_update_repository_team.py @@ -0,0 +1,29 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'AddUpdateRepositoryTeamAction' +] + +class AddUpdateRepositoryTeamAction(BaseGithubAction): + def run(self, api_user, org, team_slug, owner, repo, github_type, permission ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "permission": permission } + + response = self._request("PUT", + "/orgs/{}/teams/{}/repos/{}/{}".format(org,team_slug,owner,repo ), + payload, + self.token, + enterprise) + + results = {'response': response} + + return results diff --git a/actions/add_update_repository_team.yaml b/actions/add_update_repository_team.yaml new file mode 100644 index 0000000..fd5fef0 --- /dev/null +++ b/actions/add_update_repository_team.yaml @@ -0,0 +1,48 @@ +--- +name: add_update_repository_team +runner_type: python-script +pack: github +description: > + Add or update repository team. + Example: + st2 run github.add_update_repository_team organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" +enabled: true +entry_point: add_update_repository_team.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + org: + type: "string" + description: "The organization name. The name is not case sensitive." + required: true + team_slug: + type: "string" + description: "The slug of the team name." + required: true + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + permission: + type: "string" + description: "The permission to grant the team on this repository. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any. If no permission is specified, the team's permission attribute will be used to determine what permission to grant the team on this repository." + enum: + - "pull" + - "push" + - "admin" + - "maintain" + - "triage" + default: "push" \ No newline at end of file From 966853ee47d70afd514603b834333ff49c6f1b65 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Tue, 12 Jul 2022 15:30:12 -0300 Subject: [PATCH 08/61] pack --- pack.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pack.yaml b/pack.yaml index 53013e4..6138ecd 100644 --- a/pack.yaml +++ b/pack.yaml @@ -8,7 +8,7 @@ keywords: - git - scm - serverless -version: 2.1.1 +version: 2.1.2 python_versions: - "3" author : StackStorm, Inc. From 59abe03862551adc12ea5f2865639630fdaf327a Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Tue, 12 Jul 2022 15:31:53 -0300 Subject: [PATCH 09/61] pack 2.2.0 --- pack.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pack.yaml b/pack.yaml index 6138ecd..b991709 100644 --- a/pack.yaml +++ b/pack.yaml @@ -8,7 +8,7 @@ keywords: - git - scm - serverless -version: 2.1.2 +version: 2.2.0 python_versions: - "3" author : StackStorm, Inc. From a6092a79fd19efda1ced19eb8fad04a17712f4d6 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Mon, 18 Jul 2022 15:02:41 -0300 Subject: [PATCH 10/61] changeloh --- CHANGES.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGES.md b/CHANGES.md index 6b14be7..d9a59a8 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -12,6 +12,7 @@ * Bug fix on ``github.store_oauth_token.`` to api save the token correctly so that it can be read later. * Segure improvement on ``github.store_oauth_token.`` to encrypt de github token in web interface. * Add new ``github.create_branch``, ``github.get_branch``, ``github.delete_branch`` actions which allows user to create/get/delete a branch. +* Add token to ``github.create_file``, ``github.create_pull``, ``github.update_file``. ## 2.1.1 From 7788189fe660bd4b8e6eea0e85d69d29efc32c1d Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Mon, 18 Jul 2022 16:05:50 -0300 Subject: [PATCH 11/61] Squashed 'lint-configs/' content from commit 4696bad git-subtree-dir: lint-configs git-subtree-split: 4696badf397dfee865b76eddd0f5d9410ed5f80a --- .gitignore | 63 ++++++++++++++++++++++++++++++++++++++ README.md | 30 ++++++++++++++++++ python/.flake8 | 18 +++++++++++ python/.flake8-exchange | 18 +++++++++++ python/.flake8-oss | 18 +++++++++++ python/.flake8-proprietary | 17 ++++++++++ python/.pylintrc | 31 +++++++++++++++++++ python/.pylintrc-exchange | 32 +++++++++++++++++++ python/.pylintrc-pack-ci | 33 ++++++++++++++++++++ 9 files changed, 260 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 python/.flake8 create mode 100644 python/.flake8-exchange create mode 100644 python/.flake8-oss create mode 100644 python/.flake8-proprietary create mode 100644 python/.pylintrc create mode 100644 python/.pylintrc-exchange create mode 100644 python/.pylintrc-pack-ci diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a044288 --- /dev/null +++ b/.gitignore @@ -0,0 +1,63 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] + +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.cache +nosetests.xml +coverage.xml + +# Translations +*.mo +*.pot + +# Django stuff: +*.log + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Virtual Environments +.venv + +# Temporary Files +*.swp + +# Visual Studio Code +.vscode/ diff --git a/README.md b/README.md new file mode 100644 index 0000000..ff83c74 --- /dev/null +++ b/README.md @@ -0,0 +1,30 @@ +# StackStorm Lint Configs + +This repository contains lint configs for different programming languages and +tools (flake8, pylint, etc.) used by different StackStorm repositories. + +Configs are grouped in sub-directories by programming language. + +## Usage + +To use those configs, add this repository as a git subtree to the repository +where you want to utilize those configs. After that is done, update make +targets (or similar) to correctly pass path to the configs to the tools +in question. + +```bash +git subtree add --prefix lint-configs https://github.com/StackStorm/lint-configs.git master --squash +``` + +To use it (example with pylint) + +```bash +pylint -E --rcfile=./lint-configs/python/.pylintrc +... +``` + +And once you want to pull changes / updates from the lint-configs repository: + +```bash +git subtree pull --prefix lint-configs https://github.com/StackStorm/lint-configs.git master --squash +``` diff --git a/python/.flake8 b/python/.flake8 new file mode 100644 index 0000000..f3cc01b --- /dev/null +++ b/python/.flake8 @@ -0,0 +1,18 @@ +[flake8] +max-line-length = 100 +# L102 - apache license header +enable-extensions = L101,L102 +ignore = E128,E402,E722,W504 +exclude=*.egg/*,build,dist + +# Configuration for flake8-copyright extension +copyright-check = True +copyright-min-file-size = 1 + +# Settings for flake8-license +license-type = apache + +# NOTE: This requires flake8 >= 3.0.0 to work correctly. +# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones +# listed above as part of ignore list +select = E,F,W,C,L diff --git a/python/.flake8-exchange b/python/.flake8-exchange new file mode 100644 index 0000000..f3cc01b --- /dev/null +++ b/python/.flake8-exchange @@ -0,0 +1,18 @@ +[flake8] +max-line-length = 100 +# L102 - apache license header +enable-extensions = L101,L102 +ignore = E128,E402,E722,W504 +exclude=*.egg/*,build,dist + +# Configuration for flake8-copyright extension +copyright-check = True +copyright-min-file-size = 1 + +# Settings for flake8-license +license-type = apache + +# NOTE: This requires flake8 >= 3.0.0 to work correctly. +# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones +# listed above as part of ignore list +select = E,F,W,C,L diff --git a/python/.flake8-oss b/python/.flake8-oss new file mode 100644 index 0000000..86e3658 --- /dev/null +++ b/python/.flake8-oss @@ -0,0 +1,18 @@ +[flake8] +max-line-length = 100 +# L102 - apache license header +enable-extensions = L101,L102 +ignore = E128,E402,E722,W504 +exclude=*.egg/*,build,dist + +# Configuration for flake8-copyright extension +copyright-check = False +copyright-min-file-size = 1 + +# Settings for flake8-license +license-type = apache + +# NOTE: This requires flake8 >= 3.0.0 to work correctly. +# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones +# listed above as part of ignore list +select = E,F,W,C,L diff --git a/python/.flake8-proprietary b/python/.flake8-proprietary new file mode 100644 index 0000000..afb1456 --- /dev/null +++ b/python/.flake8-proprietary @@ -0,0 +1,17 @@ +[flake8] +max-line-length = 100 +# L101 - proprietary license header +enable-extensions = L101,L102 +ignore = E128,E402,E722,W504 +exclude=*.egg/*,build,dist + +# Configuration for flake8-copyright extension +copyright-check = True +copyright-min-file-size = 1 + +license-type = proprietary + +# NOTE: This requires flake8 >= 3.0.0 to work correctly. +# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones +# listed above as part of ignore list +select = E,F,W,C,L diff --git a/python/.pylintrc b/python/.pylintrc new file mode 100644 index 0000000..e25a0f7 --- /dev/null +++ b/python/.pylintrc @@ -0,0 +1,31 @@ +[MESSAGES CONTROL] +# C0111 Missing docstring +# I0011 Warning locally suppressed using disable-msg +# I0012 Warning locally suppressed using disable-msg +# W0704 Except doesn't do anything Used when an except clause does nothing but "pass" and there is no "else" clause +# W0142 Used * or * magic* Used when a function or method is called using *args or **kwargs to dispatch arguments. +# W0212 Access to a protected member %s of a client class +# W0232 Class has no __init__ method Used when a class has no __init__ method, neither its parent classes. +# W0613 Unused argument %r Used when a function or method argument is not used. +# W0702 No exception's type specified Used when an except clause doesn't specify exceptions type to catch. +# R0201 Method could be a function +# W0614 Unused import XYZ from wildcard import +# R0914 Too many local variables +# R0912 Too many branches +# R0915 Too many statements +# R0913 Too many arguments +# R0904 Too many public methods +# E0211: Method has no argument +# E1128: Assigning to function call which only returns None Used when an assignment is done on a function call but the inferred function returns nothing but None. +# E1129: Context manager ‘%s’ doesn’t implement __enter__ and __exit__. Used when an instance in a with statement doesn’t implement the context manager protocol(__enter__/__exit__). +disable=C0103,C0111,I0011,I0012,W0704,W0142,W0212,W0232,W0613,W0702,R0201,W0614,R0914,R0912,R0915,R0913,R0904,R0801,not-context-manager,assignment-from-none + +[TYPECHECK] +# Note: This modules are manipulated during the runtime so we can't detect all the properties during +# static analysis +ignored-modules=distutils,eventlet.green.subprocess,six,six.moves + +[FORMAT] +max-line-length=100 +max-module-lines=1000 +indent-string=' ' diff --git a/python/.pylintrc-exchange b/python/.pylintrc-exchange new file mode 100644 index 0000000..988e222 --- /dev/null +++ b/python/.pylintrc-exchange @@ -0,0 +1,32 @@ +[MESSAGES CONTROL] +# C0111 Missing docstring +# I0011 Warning locally suppressed using disable-msg +# I0012 Warning locally suppressed using disable-msg +# W0704 Except doesn't do anything Used when an except clause does nothing but "pass" and there is no "else" clause +# W0142 Used * or * magic* Used when a function or method is called using *args or **kwargs to dispatch arguments. +# W0212 Access to a protected member %s of a client class +# W0232 Class has no __init__ method Used when a class has no __init__ method, neither its parent classes. +# W0613 Unused argument %r Used when a function or method argument is not used. +# W0702 No exception's type specified Used when an except clause doesn't specify exceptions type to catch. +# R0201 Method could be a function +# W0614 Unused import XYZ from wildcard import +# R0914 Too many local variables +# R0912 Too many branches +# R0915 Too many statements +# R0913 Too many arguments +# R0904 Too many public methods +# E0211: Method has no argument +# E1128: Assigning to function call which only returns None Used when an assignment is done on a function call but the inferred function returns nothing but None. +# E1129: Context manager ‘%s’ doesn’t implement __enter__ and __exit__. Used when an instance in a with statement doesn’t implement the context manager protocol(__enter__/__exit__). +disable=C0103,C0111,I0011,I0012,W0704,W0142,W0212,W0232,W0613,W0702,R0201,W0614,R0914,R0912,R0915,R0913,R0904,R0801,not-context-manager,assignment-from-none + +[TYPECHECK] +# Note: This modules are manipulated during the runtime so we can't detect all the properties during +# static analysis +# The lib package is automatically added to PYTHONPATH by ST2 for Python actions +ignored-modules=distutils,eventlet.green.subprocess,six,six.moves,lib + +[FORMAT] +max-line-length=100 +max-module-lines=1000 +indent-string=' ' diff --git a/python/.pylintrc-pack-ci b/python/.pylintrc-pack-ci new file mode 100644 index 0000000..a6c1de2 --- /dev/null +++ b/python/.pylintrc-pack-ci @@ -0,0 +1,33 @@ +[MESSAGES CONTROL] +# C0111 Missing docstring +# I0011 Warning locally suppressed using disable-msg +# I0012 Warning locally suppressed using disable-msg +# W0704 Except doesn't do anything Used when an except clause does nothing but "pass" and there is no "else" clause +# W0142 Used * or * magic* Used when a function or method is called using *args or **kwargs to dispatch arguments. +# W0212 Access to a protected member %s of a client class +# W0232 Class has no __init__ method Used when a class has no __init__ method, neither its parent classes. +# W0511 Used when a warning note as FIXME or XXX is detected. +# W0613 Unused argument %r Used when a function or method argument is not used. +# W0702 No exception's type specified Used when an except clause doesn't specify exceptions type to catch. +# R0201 Method could be a function +# W0614 Unused import XYZ from wildcard import +# W0621 Redefining name %r from outer scope (line %s) Used when a variable’s name hide a name defined in the outer scope. +# R0914 Too many local variables +# R0912 Too many branches +# R0915 Too many statements +# R0913 Too many arguments +# R0904 Too many public methods +# E0211: Method has no argument +# E1128: Assigning to function call which only returns None Used when an assignment is done on a function call but the inferred function returns nothing but None. +# E1129: Context manager ‘%s’ doesn’t implement __enter__ and __exit__. Used when an instance in a with statement doesn’t implement the context manager protocol(__enter__/__exit__). +disable=C0103,C0111,I0011,I0012,W0704,W0142,W0212,W0232,W0511,W0613,W0702,R0201,W0614,W0621,R0914,R0912,R0915,R0913,R0904,R0801,not-context-manager,assignment-from-none + +[TYPECHECK] +# Note: This modules are manipulated during the runtime so we can't detect all the properties during +# static analysis +ignored-modules=distutils,eventlet.green.subprocess,six,six.moves,st2common + +[FORMAT] +max-line-length=100 +max-module-lines=1000 +indent-string=' ' From c5b02955313280d575c34c452c56d6fc3540bab3 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Mon, 18 Jul 2022 17:58:11 -0300 Subject: [PATCH 12/61] lint_flake8 --- actions/add_repository_collaborator.py | 17 +++++------- actions/add_update_repository_team.py | 18 ++++++------- .../check_team_permissions_for_repository.py | 26 +++++++++---------- actions/check_user_repository_collaborator.py | 20 ++++++-------- actions/create_branch.py | 15 ++++------- actions/create_file.py | 14 ++++++---- actions/delete_branch.py | 10 +++---- actions/get_branch.py | 8 ++---- actions/get_clone_stats.py | 3 ++- actions/get_repository_collaborators.py | 18 ++++++------- actions/get_traffic_stats.py | 3 ++- actions/update_branch_protection.py | 5 ++-- 12 files changed, 70 insertions(+), 87 deletions(-) diff --git a/actions/add_repository_collaborator.py b/actions/add_repository_collaborator.py index e5174ad..57f0f13 100644 --- a/actions/add_repository_collaborator.py +++ b/actions/add_repository_collaborator.py @@ -1,28 +1,25 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'AddRepositoryCollaboratorAction' ] + class AddRepositoryCollaboratorAction(BaseGithubAction): - def run(self, api_user, owner, repo, username, github_type, permission ): + def run(self, api_user, owner, repo, username, github_type, permission): enterprise = self._is_enterprise(github_type) if api_user: self.token = self._get_user_token(api_user, enterprise) - payload = { "permission": permission } + payload = {"permission": permission} response = self._request("PUT", - "/repos/{}/{}/collaborators/{}".format(owner,repo,username ), - payload, - self.token, - enterprise) + "/repos/{}/{}/collaborators/{}".format(owner, repo, username), + payload, + self.token, + enterprise) results = {'response': response} diff --git a/actions/add_update_repository_team.py b/actions/add_update_repository_team.py index 93f8e14..56a934c 100644 --- a/actions/add_update_repository_team.py +++ b/actions/add_update_repository_team.py @@ -1,28 +1,26 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'AddUpdateRepositoryTeamAction' ] + class AddUpdateRepositoryTeamAction(BaseGithubAction): - def run(self, api_user, org, team_slug, owner, repo, github_type, permission ): + def run(self, api_user, org, team_slug, + owner, repo, github_type, permission): enterprise = self._is_enterprise(github_type) if api_user: self.token = self._get_user_token(api_user, enterprise) - payload = { "permission": permission } + payload = {"permission": permission} response = self._request("PUT", - "/orgs/{}/teams/{}/repos/{}/{}".format(org,team_slug,owner,repo ), - payload, - self.token, - enterprise) + "/orgs/{}/teams/{}/repos/{}/{}".format(org, team_slug, owner, repo), + payload, + self.token, + enterprise) results = {'response': response} diff --git a/actions/check_team_permissions_for_repository.py b/actions/check_team_permissions_for_repository.py index 81fd33f..9499686 100644 --- a/actions/check_team_permissions_for_repository.py +++ b/actions/check_team_permissions_for_repository.py @@ -1,15 +1,12 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'CheckTeamPermissionsForRepository' ] + class CheckTeamPermissionsForRepository(BaseGithubAction): - def run(self, api_user, org, team_slug, owner, repo, github_type ): + def run(self, api_user, org, team_slug, owner, repo, github_type): enterprise = self._is_enterprise(github_type) @@ -17,13 +14,15 @@ def run(self, api_user, org, team_slug, owner, repo, github_type ): self.token = self._get_user_token(api_user, enterprise) try: - response = self._request("GET", - "/orgs/{}/teams/{}/repos/{}/{}".format(org,team_slug,owner,repo ), - {}, - self.token, - enterprise) - - results = {'response': "The team {} has access to the repository {}".format(team_slug, repo)} + self._request("GET", + "/orgs/{}/teams/{}/repos/{}/{}".format(org, team_slug, owner, repo), + {}, + self.token, + enterprise) + + results = { + 'response': "The team {} has access to the repository {}".format(team_slug, repo) + } except OSError as err: raise err except ValueError as err: @@ -31,7 +30,6 @@ def run(self, api_user, org, team_slug, owner, repo, github_type ): except Exception as err: if str(err).find("404"): results = {'response': "The team don't have access to the repository or not found"} - else: + else: raise err - return results diff --git a/actions/check_user_repository_collaborator.py b/actions/check_user_repository_collaborator.py index 1cea121..50826b6 100644 --- a/actions/check_user_repository_collaborator.py +++ b/actions/check_user_repository_collaborator.py @@ -1,15 +1,12 @@ -import time -import datetime -import json - from lib.base import BaseGithubAction __all__ = [ 'CheckIfUserIsRepositoryCollaborator' ] + class CheckIfUserIsRepositoryCollaborator(BaseGithubAction): - def run(self, api_user, owner, repo, username, github_type ): + def run(self, api_user, owner, repo, username, github_type): enterprise = self._is_enterprise(github_type) @@ -17,11 +14,11 @@ def run(self, api_user, owner, repo, username, github_type ): self.token = self._get_user_token(api_user, enterprise) try: - response = self._request("GET", - "/repos/{}/{}/collaborators/{}".format(owner,repo,username ), - {}, - self.token, - enterprise) + self._request("GET", + "/repos/{}/{}/collaborators/{}".format(owner, repo, username), + {}, + self.token, + enterprise) results = {'response': "The user {} is a Collaborator".format(username)} except OSError as err: raise err @@ -30,7 +27,6 @@ def run(self, api_user, owner, repo, username, github_type ): except Exception as err: if str(err).find("404"): results = {'response': "is not a Collaborator or not found"} - else: + else: raise err - return results diff --git a/actions/create_branch.py b/actions/create_branch.py index 57ebb38..cb6927a 100644 --- a/actions/create_branch.py +++ b/actions/create_branch.py @@ -1,13 +1,10 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'CreateBranchAction' ] + class CreateBranchAction(BaseGithubAction): def run(self, api_user, new_branch, origin_ref, repository, github_type): @@ -16,20 +13,18 @@ def run(self, api_user, new_branch, origin_ref, repository, github_type): if api_user: self.token = self._get_user_token(api_user, enterprise) - # First, we have to get the sha1 for the given origin ref response = self._request("GET", f"/repos/{repository}/git/ref/{origin_ref}", {}, self.token, enterprise) - + if not response or not response['object']['sha']: raise Exception(f"Could not get ref [{origin_ref}]. Response: {response}") - # Then, we create the branch based on the origin ref - payload = { "ref": f"refs/heads/{new_branch}", - "sha": response['object']['sha']} + payload = {"ref": f"refs/heads/{new_branch}", + "sha": response['object']['sha']} response = self._request("POST", f"/repos/{repository}/git/refs", @@ -37,4 +32,4 @@ def run(self, api_user, new_branch, origin_ref, repository, github_type): self.token, enterprise) - return { 'response': response } + return {'response': response} diff --git a/actions/create_file.py b/actions/create_file.py index 5567969..839d6ef 100644 --- a/actions/create_file.py +++ b/actions/create_file.py @@ -8,17 +8,20 @@ class CreateFileAction(BaseGithubAction): - def run(self, user, repo, path, message, content, github_type, api_user, branch=None, committer=None, author=None, - encoding=None): + def run(self, user, repo, path, message, content, github_type, api_user, + branch=None, committer=None, author=None, encoding=None): self._change_to_user_token_if_enterprise(api_user, github_type) - author, branch, committer = prep_github_params_for_file_ops(author, branch, committer) + author, branch, committer = prep_github_params_for_file_ops(author, + branch, + committer) if encoding and encoding == 'base64': content = decode_base64(content) user = self._client.get_user(user) repo = user.get_repo(repo) - api_response = repo.create_file(path=path, message=message, content=content, branch=branch, + api_response = repo.create_file(path=path, message=message, + content=content, branch=branch, committer=committer, author=author) result = file_response_to_dict(api_response) return result @@ -33,7 +36,8 @@ def run(self, user, repo, path, message, content, github_type, api_user, branch= AUTHOR = os.environ.get('AUTHOR', None) act = CreateFileAction(config={'token': GITHUB_TOKEN, 'github_type': 'online'}) - res = act.run(user=GITHUB_ORG, repo=GITHUB_REPO, path='README5.md', message='Test commit', + res = act.run(user=GITHUB_ORG, repo=GITHUB_REPO, path='README5.md', + message='Test commit', content='Super duper read me file, pushed from Stackstorm github pack!\n', branch='branch1', committer=COMMITTER, author=AUTHOR) import pprint diff --git a/actions/delete_branch.py b/actions/delete_branch.py index c8b1d9e..a120483 100644 --- a/actions/delete_branch.py +++ b/actions/delete_branch.py @@ -1,13 +1,10 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'DeleteBranchAction' ] + class DeleteBranchAction(BaseGithubAction): def run(self, api_user, branch, repository, github_type): @@ -16,9 +13,10 @@ def run(self, api_user, branch, repository, github_type): if api_user: self.token = self._get_user_token(api_user, enterprise) - response = self._request("DELETE", f"/repos/{repository}/git/refs/heads/{branch}", + response = self._request("DELETE", + f"/repos/{repository}/git/refs/heads/{branch}", {}, self.token, enterprise) - return { 'response': response } + return {'response': response} diff --git a/actions/get_branch.py b/actions/get_branch.py index 4e846f0..e1e1623 100644 --- a/actions/get_branch.py +++ b/actions/get_branch.py @@ -1,13 +1,10 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'GetBranchAction' ] + class GetBranchAction(BaseGithubAction): def run(self, api_user, branch, repository, github_type): @@ -16,11 +13,10 @@ def run(self, api_user, branch, repository, github_type): if api_user: self.token = self._get_user_token(api_user, enterprise) - # First, we have to get the sha1 for the given origin ref response = self._request("GET", f"/repos/{repository}/git/ref/heads/{branch}", {}, self.token, enterprise) - return { 'response': response } + return {'response': response} diff --git a/actions/get_clone_stats.py b/actions/get_clone_stats.py index 0d235af..8e3befc 100644 --- a/actions/get_clone_stats.py +++ b/actions/get_clone_stats.py @@ -8,5 +8,6 @@ class GetCloneStatsAction(BaseGithubAction): def run(self, repo, github_type): clone_data = self._get_analytics( - category='clone-activity-data', repo=repo, enterprise=self._is_enterprise(github_type)) + category='clone-activity-data', repo=repo, + enterprise=self._is_enterprise(github_type)) return clone_data['summary'] diff --git a/actions/get_repository_collaborators.py b/actions/get_repository_collaborators.py index 65988d7..649af36 100644 --- a/actions/get_repository_collaborators.py +++ b/actions/get_repository_collaborators.py @@ -1,31 +1,29 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'GetRepositoryCollaborators' ] + class GetRepositoryCollaborators(BaseGithubAction): - def run(self, api_user, owner, repo, affiliation, per_page, page, github_type ): + def run(self, api_user, owner, repo, affiliation, + per_page, page, github_type): enterprise = self._is_enterprise(github_type) if api_user: self.token = self._get_user_token(api_user, enterprise) - payload = { "affiliation": affiliation, - "per_page": per_page, - "page": page } + payload = {"affiliation": affiliation, + "per_page": per_page, + "page": page} response = self._request("GET", - "/repos/{}/{}/collaborators".format(owner,repo), + "/repos/{}/{}/collaborators".format(owner, repo), payload, self.token, enterprise) results = {'response': response} - + return results diff --git a/actions/get_traffic_stats.py b/actions/get_traffic_stats.py index 0a76e42..e14378b 100644 --- a/actions/get_traffic_stats.py +++ b/actions/get_traffic_stats.py @@ -8,5 +8,6 @@ class GetTrafficStatsAction(BaseGithubAction): def run(self, repo, github_type): traffic_data = self._get_analytics( - category='traffic-data', repo=repo, enterprise=self._is_enterprise(github_type)) + category='traffic-data', repo=repo, + enterprise=self._is_enterprise(github_type)) return traffic_data['summary'] diff --git a/actions/update_branch_protection.py b/actions/update_branch_protection.py index 7fdf5dc..4b28e21 100644 --- a/actions/update_branch_protection.py +++ b/actions/update_branch_protection.py @@ -8,8 +8,9 @@ class UpdateBranchProtectionAction(BaseGithubAction): def run(self, user, repo, branch, required_status_checks, enforce_admins, - required_pull_request_reviews, restrictions, required_linear_history=False, - allow_force_pushes=False, allow_deletions=False): + required_pull_request_reviews, restrictions, + required_linear_history=False, allow_force_pushes=False, + allow_deletions=False): user = self._client.get_user(user) repo = user.get_repo(repo) From 629bb614f1c99f55380a4f8ef5c6675c5fec8800 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Mon, 18 Jul 2022 18:11:25 -0300 Subject: [PATCH 13/61] lint --- actions/update_file.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/actions/update_file.py b/actions/update_file.py index 48d1b5e..6ee8a17 100644 --- a/actions/update_file.py +++ b/actions/update_file.py @@ -8,7 +8,8 @@ class UpdateFileAction(BaseGithubAction): - def run(self, user, repo, path, message, content, sha, api_user, github_type, branch=None, committer=None, + def run(self, user, repo, path, message, content, sha, + api_user, github_type, branch=None, committer=None, author=None, encoding=None): self._change_to_user_token_if_enterprise(api_user, github_type) author, branch, committer = prep_github_params_for_file_ops(author, branch, committer) From be2b512a556dfe9befacf123ba6bf7530e55898e Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Tue, 19 Jul 2022 11:59:21 -0300 Subject: [PATCH 14/61] variable not used --- actions/update_branch_protection.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/actions/update_branch_protection.py b/actions/update_branch_protection.py index 4b28e21..28f2bbd 100644 --- a/actions/update_branch_protection.py +++ b/actions/update_branch_protection.py @@ -8,9 +8,7 @@ class UpdateBranchProtectionAction(BaseGithubAction): def run(self, user, repo, branch, required_status_checks, enforce_admins, - required_pull_request_reviews, restrictions, - required_linear_history=False, allow_force_pushes=False, - allow_deletions=False): + required_pull_request_reviews, restrictions): user = self._client.get_user(user) repo = user.get_repo(repo) From 343458f9e4abf3520ccf497feef5779217cd726f Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Tue, 19 Jul 2022 16:44:58 -0300 Subject: [PATCH 15/61] pylint test --- actions/create_file.py | 6 ++++++ actions/update_file.py | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/actions/create_file.py b/actions/create_file.py index 839d6ef..4168114 100644 --- a/actions/create_file.py +++ b/actions/create_file.py @@ -10,6 +10,12 @@ class CreateFileAction(BaseGithubAction): def run(self, user, repo, path, message, content, github_type, api_user, branch=None, committer=None, author=None, encoding=None): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + self._change_to_user_token_if_enterprise(api_user, github_type) author, branch, committer = prep_github_params_for_file_ops(author, branch, diff --git a/actions/update_file.py b/actions/update_file.py index 6ee8a17..6a8bada 100644 --- a/actions/update_file.py +++ b/actions/update_file.py @@ -11,6 +11,12 @@ class UpdateFileAction(BaseGithubAction): def run(self, user, repo, path, message, content, sha, api_user, github_type, branch=None, committer=None, author=None, encoding=None): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + self._change_to_user_token_if_enterprise(api_user, github_type) author, branch, committer = prep_github_params_for_file_ops(author, branch, committer) From 5bc19a1f84363edb48ba9f6813b25017741a6cc3 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Tue, 19 Jul 2022 17:00:06 -0300 Subject: [PATCH 16/61] pylint --- actions/create_file.py | 79 +++++++++++++--------- actions/update_branch_protection.py | 101 +++++++++++++++++----------- actions/update_file.py | 81 +++++++++++++--------- 3 files changed, 162 insertions(+), 99 deletions(-) diff --git a/actions/create_file.py b/actions/create_file.py index 4168114..a012328 100644 --- a/actions/create_file.py +++ b/actions/create_file.py @@ -2,50 +2,69 @@ from lib.formatters import file_response_to_dict, decode_base64 from lib.utils import prep_github_params_for_file_ops -__all__ = [ - 'CreateFileAction' -] +__all__ = ["CreateFileAction"] class CreateFileAction(BaseGithubAction): - def run(self, user, repo, path, message, content, github_type, api_user, - branch=None, committer=None, author=None, encoding=None): - - enterprise = self._is_enterprise(github_type) - - if api_user: - self.token = self._get_user_token(api_user, enterprise) - + def run( + self, + user, + repo, + path, + message, + content, + github_type, + api_user, + branch=None, + committer=None, + author=None, + encoding=None, + ): self._change_to_user_token_if_enterprise(api_user, github_type) - author, branch, committer = prep_github_params_for_file_ops(author, - branch, - committer) + author, branch, committer = prep_github_params_for_file_ops( + author, branch, committer + ) - if encoding and encoding == 'base64': + if encoding and encoding == "base64": content = decode_base64(content) user = self._client.get_user(user) repo = user.get_repo(repo) - api_response = repo.create_file(path=path, message=message, - content=content, branch=branch, - committer=committer, author=author) + api_response = repo.create_file( + path=path, + message=message, + content=content, + branch=branch, + committer=committer, + author=author, + ) result = file_response_to_dict(api_response) return result -if __name__ == '__main__': +if __name__ == "__main__": import os - GITHUB_TOKEN = os.environ.get('GITHUB_TOKEN') - GITHUB_ORG = os.environ.get('GITHUB_ORG') - GITHUB_REPO = os.environ.get('GITHUB_REPO') - COMMITTER = os.environ.get('COMMITTER', None) - AUTHOR = os.environ.get('AUTHOR', None) - - act = CreateFileAction(config={'token': GITHUB_TOKEN, 'github_type': 'online'}) - res = act.run(user=GITHUB_ORG, repo=GITHUB_REPO, path='README5.md', - message='Test commit', - content='Super duper read me file, pushed from Stackstorm github pack!\n', - branch='branch1', committer=COMMITTER, author=AUTHOR) + + GITHUB_TOKEN = os.environ.get("GITHUB_TOKEN") + GITHUB_ORG = os.environ.get("GITHUB_ORG") + GITHUB_REPO = os.environ.get("GITHUB_REPO") + COMMITTER = os.environ.get("COMMITTER", None) + AUTHOR = os.environ.get("AUTHOR", None) + + act = CreateFileAction(config={"token": GITHUB_TOKEN, "github_type": "online"}) + res = act.run( + user=GITHUB_ORG, + repo=GITHUB_REPO, + path="README5.md", + message="Test commit", + content="Super duper read me file, pushed from Stackstorm github pack!\n", + branch="branch1", + committer=COMMITTER, + author=AUTHOR, + github_type="online", + api_user="api_user", + ) import pprint + pp = pprint.PrettyPrinter(indent=4) pp.pprint(res) diff --git a/actions/update_branch_protection.py b/actions/update_branch_protection.py index 28f2bbd..b793e68 100644 --- a/actions/update_branch_protection.py +++ b/actions/update_branch_protection.py @@ -1,14 +1,20 @@ from lib.base import BaseGithubAction from github.GithubObject import NotSet -__all__ = [ - 'UpdateBranchProtectionAction' -] +__all__ = ["UpdateBranchProtectionAction"] class UpdateBranchProtectionAction(BaseGithubAction): - def run(self, user, repo, branch, required_status_checks, enforce_admins, - required_pull_request_reviews, restrictions): + def run( + self, + user, + repo, + branch, + required_status_checks, + enforce_admins, + required_pull_request_reviews, + restrictions, + ): user = self._client.get_user(user) repo = user.get_repo(repo) @@ -18,8 +24,8 @@ def run(self, user, repo, branch, required_status_checks, enforce_admins, strict = NotSet contexts = NotSet else: - strict = required_status_checks['strict'] - contexts = required_status_checks['contexts'] + strict = required_status_checks["strict"] + contexts = required_status_checks["contexts"] if not required_pull_request_reviews: dismissal_users = NotSet @@ -28,53 +34,70 @@ def run(self, user, repo, branch, required_status_checks, enforce_admins, require_code_owner_reviews = NotSet required_approving_review_count = NotSet else: - dismissal_users = required_pull_request_reviews['dismissal_users'] - dismissal_teams = required_pull_request_reviews['dismissal_teams'] - dismiss_stale_reviews = required_pull_request_reviews['dismiss_stale_reviews'] - require_code_owner_reviews = required_pull_request_reviews['require_code_owner_reviews'] + dismissal_users = required_pull_request_reviews["dismissal_users"] + dismissal_teams = required_pull_request_reviews["dismissal_teams"] + dismiss_stale_reviews = required_pull_request_reviews[ + "dismiss_stale_reviews" + ] + require_code_owner_reviews = required_pull_request_reviews[ + "require_code_owner_reviews" + ] required_approving_review_count = required_pull_request_reviews[ - 'required_approving_review_count'] + "required_approving_review_count" + ] if not restrictions: user_push_restrictions = NotSet team_push_restrictions = NotSet else: - user_push_restrictions = restrictions['user_push_restrictions'] - team_push_restrictions = restrictions['team_push_restrictions'] + user_push_restrictions = restrictions["user_push_restrictions"] + team_push_restrictions = restrictions["team_push_restrictions"] - branch.edit_protection(strict=strict, contexts=contexts, - enforce_admins=enforce_admins, - dismissal_users=dismissal_users, - dismissal_teams=dismissal_teams, - dismiss_stale_reviews=dismiss_stale_reviews, - require_code_owner_reviews=require_code_owner_reviews, - required_approving_review_count=required_approving_review_count, - user_push_restrictions=user_push_restrictions, - team_push_restrictions=team_push_restrictions) + branch.edit_protection( + strict=strict, + contexts=contexts, + enforce_admins=enforce_admins, + dismissal_users=dismissal_users, + dismissal_teams=dismissal_teams, + dismiss_stale_reviews=dismiss_stale_reviews, + require_code_owner_reviews=require_code_owner_reviews, + required_approving_review_count=required_approving_review_count, + user_push_restrictions=user_push_restrictions, + team_push_restrictions=team_push_restrictions, + ) return True -if __name__ == '__main__': +if __name__ == "__main__": import os - GITHUB_TOKEN = os.environ.get('GITHUB_TOKEN') - GITHUB_ORG = os.environ.get('GITHUB_ORG') - GITHUB_REPO = os.environ.get('GITHUB_REPO') - GITHUB_BRANCH = os.environ.get('GITHUB_BRANCH') + GITHUB_TOKEN = os.environ.get("GITHUB_TOKEN") + GITHUB_ORG = os.environ.get("GITHUB_ORG") + GITHUB_REPO = os.environ.get("GITHUB_REPO") + GITHUB_BRANCH = os.environ.get("GITHUB_BRANCH") # As produced by get_branch_protection action - BRANCH_PROTECTION = {'enforce_admins': True, - 'required_pull_request_reviews': None, - 'required_status_checks': {'contexts': [], 'strict': True}, - 'restrictions': None - } + BRANCH_PROTECTION = { + "enforce_admins": True, + "required_pull_request_reviews": None, + "required_status_checks": {"contexts": [], "strict": True}, + "restrictions": None, + } - act = UpdateBranchProtectionAction(config={'token': GITHUB_TOKEN, 'github_type': 'online'}) - res = act.run(user=GITHUB_ORG, repo=GITHUB_REPO, branch=GITHUB_BRANCH, - required_status_checks=BRANCH_PROTECTION['required_status_checks'], - enforce_admins=BRANCH_PROTECTION['enforce_admins'], - required_pull_request_reviews=BRANCH_PROTECTION['required_pull_request_reviews'], - restrictions=BRANCH_PROTECTION['restrictions']) + act = UpdateBranchProtectionAction( + config={"token": GITHUB_TOKEN, "github_type": "online"} + ) + res = act.run( + user=GITHUB_ORG, + repo=GITHUB_REPO, + branch=GITHUB_BRANCH, + required_status_checks=BRANCH_PROTECTION["required_status_checks"], + enforce_admins=BRANCH_PROTECTION["enforce_admins"], + required_pull_request_reviews=BRANCH_PROTECTION[ + "required_pull_request_reviews" + ], + restrictions=BRANCH_PROTECTION["restrictions"], + ) import pprint pp = pprint.PrettyPrinter(indent=4) diff --git a/actions/update_file.py b/actions/update_file.py index 6a8bada..57ef4fe 100644 --- a/actions/update_file.py +++ b/actions/update_file.py @@ -2,51 +2,72 @@ from lib.formatters import file_response_to_dict, decode_base64 from lib.utils import prep_github_params_for_file_ops -__all__ = [ - 'UpdateFileAction' -] +__all__ = ["UpdateFileAction"] class UpdateFileAction(BaseGithubAction): - def run(self, user, repo, path, message, content, sha, - api_user, github_type, branch=None, committer=None, - author=None, encoding=None): - - enterprise = self._is_enterprise(github_type) - - if api_user: - self.token = self._get_user_token(api_user, enterprise) - + def run( + self, + user, + repo, + path, + message, + content, + sha, + api_user, + github_type, + branch=None, + committer=None, + author=None, + encoding=None, + ): self._change_to_user_token_if_enterprise(api_user, github_type) - author, branch, committer = prep_github_params_for_file_ops(author, branch, committer) + author, branch, committer = prep_github_params_for_file_ops( + author, branch, committer + ) - if encoding and encoding == 'base64': + if encoding and encoding == "base64": content = decode_base64(content) user = self._client.get_user(user) repo = user.get_repo(repo) - api_response = repo.update_file(path=path, message=message, content=content, sha=sha, - branch=branch, committer=committer, author=author) + api_response = repo.update_file( + path=path, + message=message, + content=content, + sha=sha, + branch=branch, + committer=committer, + author=author, + ) result = file_response_to_dict(api_response) return result -if __name__ == '__main__': +if __name__ == "__main__": import os - GITHUB_TOKEN = os.environ.get('GITHUB_TOKEN') - GITHUB_ORG = os.environ.get('GITHUB_ORG') - GITHUB_REPO = os.environ.get('GITHUB_REPO') - COMMITTER = os.environ.get('COMMITTER', None) - AUTHOR = os.environ.get('AUTHOR', None) - - act = UpdateFileAction(config={'token': GITHUB_TOKEN, 'github_type': 'online'}) - res = act.run(user=GITHUB_ORG, repo=GITHUB_REPO, path='README.md', - message='Test commit, committer: {}, author: {}'.format(COMMITTER, AUTHOR), - content='Super duper read me file, pushed from Stackstorm github pack!\n' - '##new lines added!\n\n*YES*\nHOORAY!!!\nHELL YEAH!\n', - sha='058d97c135546cf5d1a029dabc16c22313a8c90b', - branch='branch1', committer=COMMITTER, author=AUTHOR) + GITHUB_TOKEN = os.environ.get("GITHUB_TOKEN") + GITHUB_ORG = os.environ.get("GITHUB_ORG") + GITHUB_REPO = os.environ.get("GITHUB_REPO") + COMMITTER = os.environ.get("COMMITTER", None) + AUTHOR = os.environ.get("AUTHOR", None) + + act = UpdateFileAction(config={"token": GITHUB_TOKEN, "github_type": "online"}) + res = act.run( + user=GITHUB_ORG, + repo=GITHUB_REPO, + path="README.md", + message="Test commit, committer: {}, author: {}".format(COMMITTER, AUTHOR), + content="Super duper read me file, pushed from Stackstorm github pack!\n" + "##new lines added!\n\n*YES*\nHOORAY!!!\nHELL YEAH!\n", + sha="058d97c135546cf5d1a029dabc16c22313a8c90b", + branch="branch1", + committer=COMMITTER, + author=AUTHOR, + github_type="online", + api_user="api_user", + ) import pprint pp = pprint.PrettyPrinter(indent=4) From 26fa095c4f37bdfea9be0ad9a51c6e992171ba20 Mon Sep 17 00:00:00 2001 From: MarlonHeiber Date: Thu, 21 Jul 2022 15:46:06 -0300 Subject: [PATCH 17/61] update readme --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/README.md b/README.md index 3bb3999..ed6674f 100644 --- a/README.md +++ b/README.md @@ -97,16 +97,27 @@ StackStorm webhook handler. ## Actions * ``add_comment`` - Add comment to the provided issue / pull request. +* ``add_repository_collaborator`` - Add a collaborator to repository. * ``add_status`` - Add commit status to the provided commit. +* ``add_update_repository_team`` - Add/Update a team to repository. +* ``create_branch`` - Create new branch. * ``create_file`` - Create new file. * ``create_issue`` - Create a new issue. +* ``create_repository_authenticated_user`` - Create an user repository. +* ``create_repository_from_template`` - Create a repository from template. +* ``create_organization_repository`` - Create an organization repository. * ``create_pull`` - Create a new Pull Request. +* ``check_team_permissions_for_repository`` - Check if a team has access to repository. +* ``check_user_repository_collaborator`` - Check if an user is a collaborator's repository. +* ``delete_branch`` - Remove branch. * ``delete_branch_protection`` - Remove branch protection settings. +* ``get_branch`` - Get branch. * ``get_branch_protection`` - Get branch protection settings. * ``get_contents`` - Get repository or file contents. * ``get_issue`` - Retrieve information about a particular issue. Note: You only need to specify authentication token in the config if you use this action with a private repository. +* ``get_repository_collaborators`` - List the collaborators of repository. * ``list_issues`` - List all the issues for a particular repo (includes pull requests since pull requests are just a special type of issues). * ``list_pulls`` - List all pull requests for a particular repo. From 9aa47de1ee035bc783a837de60210a89bf9f7b75 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Tue, 2 Aug 2022 11:46:21 -0300 Subject: [PATCH 18/61] adding missing actions :) --- actions/create_organization_repository.py | 51 +++++++++++ actions/create_organization_repository.yaml | 88 +++++++++++++++++++ .../create_repository_authenticated_user.py | 48 ++++++++++ .../create_repository_authenticated_user.yaml | 83 +++++++++++++++++ actions/create_repository_from_template.py | 35 ++++++++ actions/create_repository_from_template.yaml | 47 ++++++++++ 6 files changed, 352 insertions(+) create mode 100644 actions/create_organization_repository.py create mode 100644 actions/create_organization_repository.yaml create mode 100644 actions/create_repository_authenticated_user.py create mode 100644 actions/create_repository_authenticated_user.yaml create mode 100644 actions/create_repository_from_template.py create mode 100644 actions/create_repository_from_template.yaml diff --git a/actions/create_organization_repository.py b/actions/create_organization_repository.py new file mode 100644 index 0000000..bbcd898 --- /dev/null +++ b/actions/create_organization_repository.py @@ -0,0 +1,51 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateOrganizationRepositoryAction' +] + + +class CreateOrganizationRepositoryAction(BaseGithubAction): + def run(self, api_user, org, name, description, github_type, homepage, private, visibility, + has_issues, has_projects, has_wiki, is_template, team_id, auto_init, + gitignore_template, license_template, allow_squash_merge, allow_merge_commit, + allow_rebase_merge, allow_auto_merge, delete_branch_on_merge): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = {"name": name, + "description": description, + "homepage": homepage, + "private": private, + "visibility": visibility, + "has_issues": has_issues, + "has_projects": has_projects, + "has_wiki": has_wiki, + "is_template": is_template, + "team_id": team_id, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + "allow_squash_merge": allow_squash_merge, + "allow_merge_commit": allow_merge_commit, + "allow_rebase_merge": allow_rebase_merge, + "allow_auto_merge": allow_auto_merge, + "delete_branch_on_merge": delete_branch_on_merge} + + response = self._request("POST", + "/orgs/{}/repos".format(org), + payload, + self.token, + enterprise) + + results = {'owner': response['owner']['login']} + results['response'] = response + + return results diff --git a/actions/create_organization_repository.yaml b/actions/create_organization_repository.yaml new file mode 100644 index 0000000..e114396 --- /dev/null +++ b/actions/create_organization_repository.yaml @@ -0,0 +1,88 @@ +--- +name: create_organization_repository +runner_type: python-script +pack: github +description: > + Creates a Github repository fot an organization. + Example: + st2 run github.create_organization_repository org="organization" name="reponame" description="test github.create_repository" private=true visibility="private" api_user="token_name" +enabled: true +entry_point: create_organization_repository.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + org: + type: "string" + description: "GitHub Organization." + required: true + name: + type: "string" + description: "The name of the repository." + required: true + description: + type: "string" + description: "A short description of the repository." + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + homepage: + type: "string" + description: "A URL with more information about the repository." + private: + type: "boolean" + description: "Whether the repository is private." + default: true + visibility: + type: "string" + description: "Can be public or private. If your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+, visibility can also be internal. Note: For GitHub Enterprise Server and GitHub AE, this endpoint will only list repositories available to all users on the enterprise." + enum: + - "private" + - "public" + - "internal" + default: "private" + has_issues: + type: "boolean" + description: "Whether issues are enabled." + has_projects: + type: "boolean" + description: "Whether projects are enabled." + has_wiki: + type: "boolean" + description: "Whether the wiki is enabled." + is_template: + type: "boolean" + description: "Whether this repository acts as a template that can be used to generate new repositories." + default: false + team_id: + type: "integer" + description: "The id of the team that will be granted access to this repository. This is only valid when creating a repository in an organization." + auto_init: + type: "boolean" + description: "Whether the repository is initialized with a minimal README." + gitignore_template: + type: "string" + description: "The desired language or platform to apply to the .gitignore." + license_template: + type: "string" + description: "The license keyword of the open source license for this repository." + allow_squash_merge: + type: "boolean" + description: "Whether to allow squash merges for pull requests." + allow_merge_commit: + type: "boolean" + description: "Whether to allow merge commits for pull requests." + allow_rebase_merge: + type: "boolean" + description: "Whether to allow rebase merges for pull requests." + allow_auto_merge: + type: "boolean" + description: "Whether to allow Auto-merge to be used on pull requests." + delete_branch_on_merge: + type: "boolean" + description: "Whether to delete head branches when pull requests are merged" diff --git a/actions/create_repository_authenticated_user.py b/actions/create_repository_authenticated_user.py new file mode 100644 index 0000000..c97c8eb --- /dev/null +++ b/actions/create_repository_authenticated_user.py @@ -0,0 +1,48 @@ + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateRepositoryAuthenticatedUserAction' +] + +class CreateRepositoryAuthenticatedUserAction(BaseGithubAction): + def run(self, api_user, user, name, description, github_type, homepage, private, + has_issues, has_projects, has_wiki, team_id, auto_init, gitignore_template, + license_template, allow_squash_merge, allow_merge_commit, allow_rebase_merge, + allow_auto_merge, delete_branch_on_merge, has_downloads, is_template, ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "user": user, + "name": name, + "description": description, + "homepage": homepage, + "private": private, + "has_issues": has_issues, + "has_projects": has_projects, + "has_wiki": has_wiki, + "team_id": team_id, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + "allow_squash_merge": allow_squash_merge, + "allow_merge_commit": allow_merge_commit, + "allow_rebase_merge": allow_rebase_merge, + "allow_auto_merge": allow_auto_merge, + "delete_branch_on_merge": delete_branch_on_merge, + "has_downloads": has_downloads, + "is_template": is_template} + + response = self._request("POST", + "/user/repos", + payload, + self.token, + enterprise) + + results = {'owner': response['owner']['login']} + results['response'] = response + + return results diff --git a/actions/create_repository_authenticated_user.yaml b/actions/create_repository_authenticated_user.yaml new file mode 100644 index 0000000..1f0d7b7 --- /dev/null +++ b/actions/create_repository_authenticated_user.yaml @@ -0,0 +1,83 @@ +--- +name: create_repository_authenticated_user +runner_type: python-script +pack: github +description: > + Creates a Github repository fot the authenticated user. + Example: + st2 run github.create_repository_authenticated_user user="user" name="reponame" description="test github.create_repository" private=false api_user="token_name" +enabled: true +entry_point: create_repository_authenticated_user.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + user: + type: "string" + description: "GitHub User." + required: true + name: + type: "string" + description: "The name of the repository." + required: true + description: + type: "string" + description: "A short description of the repository." + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "online" + homepage: + type: "string" + description: "A URL with more information about the repository." + private: + type: "boolean" + description: "Whether the repository is private." + default: true + has_issues: + type: "boolean" + description: "Whether issues are enabled." + has_projects: + type: "boolean" + description: "Whether projects are enabled." + has_wiki: + type: "boolean" + description: "Whether the wiki is enabled." + team_id: + type: "integer" + description: "The id of the team that will be granted access to this repository. This is only valid when creating a repository in an organization." + auto_init: + type: "boolean" + description: "Whether the repository is initialized with a minimal README." + gitignore_template: + type: "string" + description: "The desired language or platform to apply to the .gitignore." + license_template: + type: "string" + description: "The license keyword of the open source license for this repository." + allow_squash_merge: + type: "boolean" + description: "Whether to allow squash merges for pull requests." + allow_merge_commit: + type: "boolean" + description: "Whether to allow merge commits for pull requests." + allow_rebase_merge: + type: "boolean" + description: "Whether to allow rebase merges for pull requests." + allow_auto_merge: + type: "boolean" + description: "Whether to allow Auto-merge to be used on pull requests." + delete_branch_on_merge: + type: "boolean" + description: "Whether to delete head branches when pull requests are merged" + has_downloads: + type: "boolean" + description: "Whether downloads are enabled." + is_template: + type: "boolean" + description: "Whether this repository acts as a template that can be used to generate new repositories." + default: false diff --git a/actions/create_repository_from_template.py b/actions/create_repository_from_template.py new file mode 100644 index 0000000..c056e7d --- /dev/null +++ b/actions/create_repository_from_template.py @@ -0,0 +1,35 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateRepositoryFromTemplateAction' +] + +class CreateRepositoryFromTemplateAction(BaseGithubAction): + def run(self, api_user, github_type, template_owner,template_repo, + owner, name, description, include_all_branches, private): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "owner": owner, + "name": name, + "description": description, + "include_all_branches": include_all_branches, + "private": private} + + response = self._request("POST", + "/repos/{}/{}/generate".format(template_owner, template_repo), + payload, + self.token, + enterprise) + + results = {'owner': response['owner']['login']} + results['response'] = response + + return results diff --git a/actions/create_repository_from_template.yaml b/actions/create_repository_from_template.yaml new file mode 100644 index 0000000..4913201 --- /dev/null +++ b/actions/create_repository_from_template.yaml @@ -0,0 +1,47 @@ +--- +name: create_repository_from_template +runner_type: python-script +pack: github +description: > + Creates a Github repository fot an organization. + Example: + st2 run github.create_repository_from_template owner="organization" name="reponame" description="test github.create_repository" private=true template_owner="gittemplate" template_repo="gitrepo" api_user="token_name" +enabled: true +entry_point: create_repository_from_template.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + template_owner: + type: "string" + description: "The template owner." + template_repo: + type: "string" + description: "The template repository." + owner: + type: "string" + description: "The organization or person who will own the new repository. To create a new repository in an organization, the authenticated user must be a member of the specified organization." + required: true + name: + type: "string" + description: "The name of the repository." + required: true + description: + type: "string" + description: "A short description of the repository." + include_all_branches: + type: "boolean" + description: "Set to true to include the directory structure and files from all branches in the template repository, and not just the default branch. Default: false." + default: false + private: + type: "boolean" + description: "Either true to create a new private repository or false to create a new public one." + default: true From a9410eeb6ef73d18b5dbb7fc9735561b30ae7aad Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Tue, 2 Aug 2022 12:27:43 -0300 Subject: [PATCH 19/61] adding missing actions :) --- actions/create_organization_repository.py | 51 +++++++++++ actions/create_organization_repository.yaml | 88 +++++++++++++++++++ .../create_repository_authenticated_user.py | 48 ++++++++++ .../create_repository_authenticated_user.yaml | 83 +++++++++++++++++ actions/create_repository_from_template.py | 35 ++++++++ actions/create_repository_from_template.yaml | 47 ++++++++++ 6 files changed, 352 insertions(+) create mode 100644 actions/create_organization_repository.py create mode 100644 actions/create_organization_repository.yaml create mode 100644 actions/create_repository_authenticated_user.py create mode 100644 actions/create_repository_authenticated_user.yaml create mode 100644 actions/create_repository_from_template.py create mode 100644 actions/create_repository_from_template.yaml diff --git a/actions/create_organization_repository.py b/actions/create_organization_repository.py new file mode 100644 index 0000000..bbcd898 --- /dev/null +++ b/actions/create_organization_repository.py @@ -0,0 +1,51 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateOrganizationRepositoryAction' +] + + +class CreateOrganizationRepositoryAction(BaseGithubAction): + def run(self, api_user, org, name, description, github_type, homepage, private, visibility, + has_issues, has_projects, has_wiki, is_template, team_id, auto_init, + gitignore_template, license_template, allow_squash_merge, allow_merge_commit, + allow_rebase_merge, allow_auto_merge, delete_branch_on_merge): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = {"name": name, + "description": description, + "homepage": homepage, + "private": private, + "visibility": visibility, + "has_issues": has_issues, + "has_projects": has_projects, + "has_wiki": has_wiki, + "is_template": is_template, + "team_id": team_id, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + "allow_squash_merge": allow_squash_merge, + "allow_merge_commit": allow_merge_commit, + "allow_rebase_merge": allow_rebase_merge, + "allow_auto_merge": allow_auto_merge, + "delete_branch_on_merge": delete_branch_on_merge} + + response = self._request("POST", + "/orgs/{}/repos".format(org), + payload, + self.token, + enterprise) + + results = {'owner': response['owner']['login']} + results['response'] = response + + return results diff --git a/actions/create_organization_repository.yaml b/actions/create_organization_repository.yaml new file mode 100644 index 0000000..e114396 --- /dev/null +++ b/actions/create_organization_repository.yaml @@ -0,0 +1,88 @@ +--- +name: create_organization_repository +runner_type: python-script +pack: github +description: > + Creates a Github repository fot an organization. + Example: + st2 run github.create_organization_repository org="organization" name="reponame" description="test github.create_repository" private=true visibility="private" api_user="token_name" +enabled: true +entry_point: create_organization_repository.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + org: + type: "string" + description: "GitHub Organization." + required: true + name: + type: "string" + description: "The name of the repository." + required: true + description: + type: "string" + description: "A short description of the repository." + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + homepage: + type: "string" + description: "A URL with more information about the repository." + private: + type: "boolean" + description: "Whether the repository is private." + default: true + visibility: + type: "string" + description: "Can be public or private. If your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+, visibility can also be internal. Note: For GitHub Enterprise Server and GitHub AE, this endpoint will only list repositories available to all users on the enterprise." + enum: + - "private" + - "public" + - "internal" + default: "private" + has_issues: + type: "boolean" + description: "Whether issues are enabled." + has_projects: + type: "boolean" + description: "Whether projects are enabled." + has_wiki: + type: "boolean" + description: "Whether the wiki is enabled." + is_template: + type: "boolean" + description: "Whether this repository acts as a template that can be used to generate new repositories." + default: false + team_id: + type: "integer" + description: "The id of the team that will be granted access to this repository. This is only valid when creating a repository in an organization." + auto_init: + type: "boolean" + description: "Whether the repository is initialized with a minimal README." + gitignore_template: + type: "string" + description: "The desired language or platform to apply to the .gitignore." + license_template: + type: "string" + description: "The license keyword of the open source license for this repository." + allow_squash_merge: + type: "boolean" + description: "Whether to allow squash merges for pull requests." + allow_merge_commit: + type: "boolean" + description: "Whether to allow merge commits for pull requests." + allow_rebase_merge: + type: "boolean" + description: "Whether to allow rebase merges for pull requests." + allow_auto_merge: + type: "boolean" + description: "Whether to allow Auto-merge to be used on pull requests." + delete_branch_on_merge: + type: "boolean" + description: "Whether to delete head branches when pull requests are merged" diff --git a/actions/create_repository_authenticated_user.py b/actions/create_repository_authenticated_user.py new file mode 100644 index 0000000..c97c8eb --- /dev/null +++ b/actions/create_repository_authenticated_user.py @@ -0,0 +1,48 @@ + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateRepositoryAuthenticatedUserAction' +] + +class CreateRepositoryAuthenticatedUserAction(BaseGithubAction): + def run(self, api_user, user, name, description, github_type, homepage, private, + has_issues, has_projects, has_wiki, team_id, auto_init, gitignore_template, + license_template, allow_squash_merge, allow_merge_commit, allow_rebase_merge, + allow_auto_merge, delete_branch_on_merge, has_downloads, is_template, ): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "user": user, + "name": name, + "description": description, + "homepage": homepage, + "private": private, + "has_issues": has_issues, + "has_projects": has_projects, + "has_wiki": has_wiki, + "team_id": team_id, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + "allow_squash_merge": allow_squash_merge, + "allow_merge_commit": allow_merge_commit, + "allow_rebase_merge": allow_rebase_merge, + "allow_auto_merge": allow_auto_merge, + "delete_branch_on_merge": delete_branch_on_merge, + "has_downloads": has_downloads, + "is_template": is_template} + + response = self._request("POST", + "/user/repos", + payload, + self.token, + enterprise) + + results = {'owner': response['owner']['login']} + results['response'] = response + + return results diff --git a/actions/create_repository_authenticated_user.yaml b/actions/create_repository_authenticated_user.yaml new file mode 100644 index 0000000..1f0d7b7 --- /dev/null +++ b/actions/create_repository_authenticated_user.yaml @@ -0,0 +1,83 @@ +--- +name: create_repository_authenticated_user +runner_type: python-script +pack: github +description: > + Creates a Github repository fot the authenticated user. + Example: + st2 run github.create_repository_authenticated_user user="user" name="reponame" description="test github.create_repository" private=false api_user="token_name" +enabled: true +entry_point: create_repository_authenticated_user.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + user: + type: "string" + description: "GitHub User." + required: true + name: + type: "string" + description: "The name of the repository." + required: true + description: + type: "string" + description: "A short description of the repository." + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "online" + homepage: + type: "string" + description: "A URL with more information about the repository." + private: + type: "boolean" + description: "Whether the repository is private." + default: true + has_issues: + type: "boolean" + description: "Whether issues are enabled." + has_projects: + type: "boolean" + description: "Whether projects are enabled." + has_wiki: + type: "boolean" + description: "Whether the wiki is enabled." + team_id: + type: "integer" + description: "The id of the team that will be granted access to this repository. This is only valid when creating a repository in an organization." + auto_init: + type: "boolean" + description: "Whether the repository is initialized with a minimal README." + gitignore_template: + type: "string" + description: "The desired language or platform to apply to the .gitignore." + license_template: + type: "string" + description: "The license keyword of the open source license for this repository." + allow_squash_merge: + type: "boolean" + description: "Whether to allow squash merges for pull requests." + allow_merge_commit: + type: "boolean" + description: "Whether to allow merge commits for pull requests." + allow_rebase_merge: + type: "boolean" + description: "Whether to allow rebase merges for pull requests." + allow_auto_merge: + type: "boolean" + description: "Whether to allow Auto-merge to be used on pull requests." + delete_branch_on_merge: + type: "boolean" + description: "Whether to delete head branches when pull requests are merged" + has_downloads: + type: "boolean" + description: "Whether downloads are enabled." + is_template: + type: "boolean" + description: "Whether this repository acts as a template that can be used to generate new repositories." + default: false diff --git a/actions/create_repository_from_template.py b/actions/create_repository_from_template.py new file mode 100644 index 0000000..c056e7d --- /dev/null +++ b/actions/create_repository_from_template.py @@ -0,0 +1,35 @@ +import time +import datetime + + +from lib.base import BaseGithubAction + +__all__ = [ + 'CreateRepositoryFromTemplateAction' +] + +class CreateRepositoryFromTemplateAction(BaseGithubAction): + def run(self, api_user, github_type, template_owner,template_repo, + owner, name, description, include_all_branches, private): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + payload = { "owner": owner, + "name": name, + "description": description, + "include_all_branches": include_all_branches, + "private": private} + + response = self._request("POST", + "/repos/{}/{}/generate".format(template_owner, template_repo), + payload, + self.token, + enterprise) + + results = {'owner': response['owner']['login']} + results['response'] = response + + return results diff --git a/actions/create_repository_from_template.yaml b/actions/create_repository_from_template.yaml new file mode 100644 index 0000000..4913201 --- /dev/null +++ b/actions/create_repository_from_template.yaml @@ -0,0 +1,47 @@ +--- +name: create_repository_from_template +runner_type: python-script +pack: github +description: > + Creates a Github repository fot an organization. + Example: + st2 run github.create_repository_from_template owner="organization" name="reponame" description="test github.create_repository" private=true template_owner="gittemplate" template_repo="gitrepo" api_user="token_name" +enabled: true +entry_point: create_repository_from_template.py +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + template_owner: + type: "string" + description: "The template owner." + template_repo: + type: "string" + description: "The template repository." + owner: + type: "string" + description: "The organization or person who will own the new repository. To create a new repository in an organization, the authenticated user must be a member of the specified organization." + required: true + name: + type: "string" + description: "The name of the repository." + required: true + description: + type: "string" + description: "A short description of the repository." + include_all_branches: + type: "boolean" + description: "Set to true to include the directory structure and files from all branches in the template repository, and not just the default branch. Default: false." + default: false + private: + type: "boolean" + description: "Either true to create a new private repository or false to create a new public one." + default: true From 9476365bc3dfee56e7814709f18ac38fdc5ea8e2 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Tue, 2 Aug 2022 13:13:58 -0300 Subject: [PATCH 20/61] minor merge adjustments --- actions/lib/base.py | 6 +++--- actions/store_oauth_token.py | 2 ++ actions/store_oauth_token.yaml | 1 + pack.yaml | 2 +- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/actions/lib/base.py b/actions/lib/base.py index 8a3a419..9169096 100644 --- a/actions/lib/base.py +++ b/actions/lib/base.py @@ -100,7 +100,7 @@ def _get_user_token(self, user, enterprise): else: token_name = "token_" - token = self.action_service.get_value(token_name + user) + token = self.action_service.get_value(token_name + user, local=False, decrypt=True) # if a token is not returned, try using reversing changes made by # GitHub Enterprise during LDAP sync'ing. @@ -147,8 +147,8 @@ def _request(self, method, uri, payload, token, enterprise): r.raise_for_status() except requests.exceptions.HTTPError: raise Exception( - "ERROR: '{}'ing to '{}' - status code: {} payload: {}".format( - method, url, r.status_code, json.dumps(payload))) + "ERROR: '{}'ing to '{}' - status code: {} payload: {} response: {}".format( + method, url, r.status_code, json.dumps(payload), r.json())) except requests.exceptions.ConnectionError as e: raise Exception("Could not connect to: {} : {}".format(url, e)) else: diff --git a/actions/store_oauth_token.py b/actions/store_oauth_token.py index ac0429c..3599d97 100644 --- a/actions/store_oauth_token.py +++ b/actions/store_oauth_token.py @@ -28,6 +28,8 @@ def run(self, user, token, github_type): self.action_service.set_value( name=value_name, + local=False, + encrypt=True, value=token.strip()) return results diff --git a/actions/store_oauth_token.yaml b/actions/store_oauth_token.yaml index 8bed971..2448e9f 100644 --- a/actions/store_oauth_token.yaml +++ b/actions/store_oauth_token.yaml @@ -13,6 +13,7 @@ parameters: type: "string" description: "The GitHub OAuth token" required: true + secret: true github_type: type: "string" description: "The type of github installation to target, if unset will use the configured default." diff --git a/pack.yaml b/pack.yaml index 53013e4..b991709 100644 --- a/pack.yaml +++ b/pack.yaml @@ -8,7 +8,7 @@ keywords: - git - scm - serverless -version: 2.1.1 +version: 2.2.0 python_versions: - "3" author : StackStorm, Inc. From 5830938c1b53826f14cbbc9a4b4e09e76f462fe0 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 11 Aug 2022 09:36:39 -0300 Subject: [PATCH 21/61] adding environment creation functionality --- CHANGES.md | 1 + actions/add_update_repository_environment.py | 60 +++++++++ .../add_update_repository_environment.yaml | 73 +++++++++++ actions/add_update_repository_team.yaml | 2 +- .../result_successful.json | 73 +++++++++++ tests/github_base_action_test_case.py | 19 +++ ...ction_add_update_repository_environment.py | 119 ++++++++++++++++++ 7 files changed, 346 insertions(+), 1 deletion(-) create mode 100644 actions/add_update_repository_environment.py create mode 100644 actions/add_update_repository_environment.yaml create mode 100644 tests/fixtures/add_update_repository_environment/result_successful.json create mode 100644 tests/test_action_add_update_repository_environment.py diff --git a/CHANGES.md b/CHANGES.md index d9a59a8..63c6ca5 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -9,6 +9,7 @@ * Add new ``github.create_organization_repository`` action which allows user to create an organization repository. * Add new ``github.create_repository_authenticated_user`` action which allows user to create an user repository. * Add new ``github.create_repository_from_template`` action which allows user to create a repository from template. +* Add new ``github.add_update_repository_environment`` action which allows user to create a repository deployment environment. * Bug fix on ``github.store_oauth_token.`` to api save the token correctly so that it can be read later. * Segure improvement on ``github.store_oauth_token.`` to encrypt de github token in web interface. * Add new ``github.create_branch``, ``github.get_branch``, ``github.delete_branch`` actions which allows user to create/get/delete a branch. diff --git a/actions/add_update_repository_environment.py b/actions/add_update_repository_environment.py new file mode 100644 index 0000000..d031f27 --- /dev/null +++ b/actions/add_update_repository_environment.py @@ -0,0 +1,60 @@ +from lib.base import BaseGithubAction + +__all__ = [ + 'AddUpdateRepositoryEnvironmentAction' +] + + +class AddUpdateRepositoryEnvironmentAction(BaseGithubAction): + + def _get_team_id(self, enterprise, org, name): + self.logger.debug("Getting team ID for name [%s]", name) + response = self._request("GET", + f"/orgs/{org}/teams/{name}", + None, + self.token, + enterprise) + self.logger.debug("Found ID [%d] for name [%s]", response["id"], name) + return response["id"] + + def run(self, api_user, environment, + owner, repo, github_type, reviewers, wait_timer, deployment_branch_policy): + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, enterprise) + + # Transforming team slug names in IDs + for reviewer in reviewers: + type = reviewer.get("type", None) + name = reviewer.get("name", None) + if type == "Team" and name: + del reviewer["name"] + reviewer["id"] = self._get_team_id(enterprise, owner, name) + elif type == "User" and name: + raise NotImplementedError("Providing reviewer of type user without ID is not implemented!") + + payload = { + "wait_timer": int(wait_timer), + "reviewers": reviewers, + "deployment_branch_policy": deployment_branch_policy + } + + self.logger.info( + "Adding/Updating environment [%s] with parameters [%s] for repo [%s/%s] with user [%s]", + environment, payload, owner, repo, api_user) + + try: + response = self._request("PUT", + f"/repos/{owner}/{repo}/environments/{environment}", + payload, + self.token, + enterprise) + results = {'response': response} + return results + except Exception as e: + self.logger.error("Could not add/update environment, error: %s", repr(e)) + return (False, "Could not add/update environment, error: %s" % repr(e)) + + return (False, "Could not add/update environment for unknown reason!") diff --git a/actions/add_update_repository_environment.yaml b/actions/add_update_repository_environment.yaml new file mode 100644 index 0000000..96a52ce --- /dev/null +++ b/actions/add_update_repository_environment.yaml @@ -0,0 +1,73 @@ +--- +name: add_update_repository_environment +# https://docs.github.com/en/enterprise-server@3.2/rest/deployments/environments +runner_type: python-script +pack: github +description: > + Add or update a repository environment. + Example: + st2 run github.add_update_repository_environment organization="organization" owner="owner" repo="reponame" reviewers="< array of reviewers >" api_user="token_name" +enabled: true +entry_point: add_update_repository_environment.py +parameters: + # Repository parameters + owner: + type: "string" + description: "The account owner of the repository. The name is not case sensitive.." + required: true + repo: + type: "string" + description: "The name of the repository. The name is not case sensitive." + required: true + # Authentication parameters + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + enum: + - "online" + - "enterprise" + default: "enterprise" + # Call-specific parameters :) + environment: + type: string + description: "The name of the environment" + required: true + wait_timer: + type: number + description: "The amount of time to delay a job after the job is initially triggered. The time (in minutes) must be an integer between 0 and 43,200 (30 days)." + required: false + default: 0 + reviewers: + type: array + description: "The people or teams that may review jobs that reference the environment. You can list up to six users or teams as reviewers. The reviewers must have at least read access to the repository. Only one of the required reviewers needs to approve the job for it to proceed." + required: false + items: + type: object + properties: + type: + type: string + required: true + id: + type: number + required: false + name: + type: string + required: false + deployment_branch_policy: + type: object + description: "The type of deployment branch policy for this environment. To allow all branches to deploy, set to null." + required: false + default: null + properties: + protected_branches: + type: boolean + required: true + description: Whether only branches with branch protection rules can deploy to this environment. If protected_branches is true, custom_branch_policies must be false; if protected_branches is false, custom_branch_policies must be true. + custom_branch_policies: + type: boolean + required: true + description: Whether only branches that match the specified name patterns can deploy to this environment. If custom_branch_policies is true, protected_branches must be false; if custom_branch_policies is false, protected_branches must be true. diff --git a/actions/add_update_repository_team.yaml b/actions/add_update_repository_team.yaml index fd5fef0..cafedc5 100644 --- a/actions/add_update_repository_team.yaml +++ b/actions/add_update_repository_team.yaml @@ -45,4 +45,4 @@ parameters: - "admin" - "maintain" - "triage" - default: "push" \ No newline at end of file + default: "pull" \ No newline at end of file diff --git a/tests/fixtures/add_update_repository_environment/result_successful.json b/tests/fixtures/add_update_repository_environment/result_successful.json new file mode 100644 index 0000000..879c49d --- /dev/null +++ b/tests/fixtures/add_update_repository_environment/result_successful.json @@ -0,0 +1,73 @@ +{ + "id": 123, + "node_id": "MDExOkVudmlyb25tZW50MTYxMDg4MDY4", + "name": "staging", + "url": "https://api.github.com/repos/github/hello-world/environments/staging", + "html_url": "https://github.com/github/hello-world/deployments/activity_log?environments_filter=staging", + "created_at": "2020-11-23T22:00:40Z", + "updated_at": "2020-11-23T22:00:40Z", + "protection_rules": [ + { + "id": 33, + "node_id": "MDQ6R2F0ZTM3MzY=", + "type": "wait_timer", + "wait_timer": 30 + }, + { + "id": 44, + "node_id": "MDQ6R2F0ZTM3NTU=", + "type": "required_reviewers", + "reviewers": [ + { + "type": "User", + "reviewer": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + } + }, + { + "type": "Team", + "reviewer": { + "id": 1, + "node_id": "MDQ6VGVhbTE=", + "url": "https://api.github.com/teams/1", + "html_url": "https://github.com/orgs/github/teams/justice-league", + "name": "Justice League", + "slug": "justice-league", + "description": "A great team.", + "privacy": "closed", + "permission": "admin", + "members_url": "https://api.github.com/teams/1/members{/member}", + "repositories_url": "https://api.github.com/teams/1/repos", + "parent": null + } + } + ] + }, + { + "id": 55, + "node_id": "MDQ6R2F0ZTM3NTY=", + "type": "branch_policy" + } + ], + "deployment_branch_policy": { + "protected_branches": false, + "custom_branch_policies": true + } + } \ No newline at end of file diff --git a/tests/github_base_action_test_case.py b/tests/github_base_action_test_case.py index e33c9c3..f580b4c 100644 --- a/tests/github_base_action_test_case.py +++ b/tests/github_base_action_test_case.py @@ -13,7 +13,9 @@ # See the License for the specific language governing permissions and import yaml +import json # from mock import MagicMock +from lib.base import BaseGithubAction from st2tests.base import BaseActionTestCase @@ -21,6 +23,17 @@ class GitHubBaseActionTestCase(BaseActionTestCase): __test__ = False + + + + def _mock_request(self, method, uri, data, *args, **kwargs): + # Defaults to using old request :) + return self.oldRequest(method, uri, data, *args, **kwargs) + + def tearDown(self): + super(GitHubBaseActionTestCase, self).tearDown() + BaseGithubAction._request = self.oldRequest + def setUp(self): super(GitHubBaseActionTestCase, self).setUp() @@ -29,8 +42,14 @@ def setUp(self): self._enterprise_default_config = self.load_yaml( 'full-enterprise.yaml') + self.oldRequest = BaseGithubAction._request + BaseGithubAction._request = self._mock_request + + def load_yaml(self, filename): return yaml.safe_load(self.get_fixture_content(filename)) + def load_json(self, filename): + return json.loads(self.get_fixture_content(filename)) @property def blank_config(self): diff --git a/tests/test_action_add_update_repository_environment.py b/tests/test_action_add_update_repository_environment.py new file mode 100644 index 0000000..c314652 --- /dev/null +++ b/tests/test_action_add_update_repository_environment.py @@ -0,0 +1,119 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +# from mock import MagicMock + +from github_base_action_test_case import GitHubBaseActionTestCase +import mock +import requests +import json + + +from add_update_repository_environment import AddUpdateRepositoryEnvironmentAction + + +class AddUpdateRepositoryEnvironmentActionTestCase(GitHubBaseActionTestCase): + __test__ = True + action_cls = AddUpdateRepositoryEnvironmentAction + + expectedCreateEnvPayload = None + + def _mock_request(self, method, uri, data, *args, **kwargs): + if uri == "/repos/org/repo/environments/env-test": + self.assertEquals(data, self.expectedCreateEnvPayload) + return self.load_json('add_update_repository_environment/result_successful.json') + + if uri == "/orgs/org/teams/test-team": + self.assertEquals(data, None) + return { + 'id': 123 + } + + return super()._mock_request(method, uri, data, *args, **kwargs) + + def test_successful(self): + + action = self.get_action_instance(self.full_config) + self.assertIsInstance(action, self.action_cls) + + expected_results = { + 'response': self.load_json('add_update_repository_environment/result_successful.json') + } + self.expectedCreateEnvPayload = ( + { + "wait_timer": 0, + "reviewers": [ + { + "type": "Team", + "id": 123 + } + ], + "deployment_branch_policy": None + }) + + results = action.run( + api_user="test", + environment="env-test", + owner="org", + repo="repo", + github_type="online", + reviewers=[ + { + "type": "Team", + "id": 123 + } + ], + wait_timer=0, + deployment_branch_policy=None + ) + + self.assertEquals(results, expected_results) + + def test_successful_team_with_name(self): + + action = self.get_action_instance(self.full_config) + self.assertIsInstance(action, self.action_cls) + + expected_results = { + 'response': self.load_json('add_update_repository_environment/result_successful.json') + } + self.expectedCreateEnvPayload = ( + { + "wait_timer": 0, + "reviewers": [ + { + "type": "Team", + "id": 123 + } + ], + "deployment_branch_policy": None + }) + + results = action.run( + api_user="test", + environment="env-test", + owner="org", + repo="repo", + github_type="online", + reviewers=[ + { + "type": "Team", + "name": "test-team" + } + ], + wait_timer=0, + deployment_branch_policy=None + ) + + self.assertEquals(results, expected_results) From 0a8f5eab3c484d928cdf830b7885db8c939fa552 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 16:28:08 -0300 Subject: [PATCH 22/61] removing unnecessary lint-config changes --- lint-configs/.gitignore | 63 ------------------------- lint-configs/README.md | 30 ------------ lint-configs/python/.flake8 | 18 ------- lint-configs/python/.flake8-exchange | 18 ------- lint-configs/python/.flake8-oss | 18 ------- lint-configs/python/.flake8-proprietary | 17 ------- lint-configs/python/.pylintrc | 31 ------------ lint-configs/python/.pylintrc-exchange | 32 ------------- lint-configs/python/.pylintrc-pack-ci | 33 ------------- 9 files changed, 260 deletions(-) delete mode 100644 lint-configs/.gitignore delete mode 100644 lint-configs/README.md delete mode 100644 lint-configs/python/.flake8 delete mode 100644 lint-configs/python/.flake8-exchange delete mode 100644 lint-configs/python/.flake8-oss delete mode 100644 lint-configs/python/.flake8-proprietary delete mode 100644 lint-configs/python/.pylintrc delete mode 100644 lint-configs/python/.pylintrc-exchange delete mode 100644 lint-configs/python/.pylintrc-pack-ci diff --git a/lint-configs/.gitignore b/lint-configs/.gitignore deleted file mode 100644 index a044288..0000000 --- a/lint-configs/.gitignore +++ /dev/null @@ -1,63 +0,0 @@ -# Byte-compiled / optimized / DLL files -__pycache__/ -*.py[cod] - -# C extensions -*.so - -# Distribution / packaging -.Python -env/ -build/ -develop-eggs/ -dist/ -downloads/ -eggs/ -lib/ -lib64/ -parts/ -sdist/ -var/ -*.egg-info/ -.installed.cfg -*.egg - -# PyInstaller -# Usually these files are written by a python script from a template -# before PyInstaller builds the exe, so as to inject date/other infos into it. -*.manifest -*.spec - -# Installer logs -pip-log.txt -pip-delete-this-directory.txt - -# Unit test / coverage reports -htmlcov/ -.tox/ -.coverage -.cache -nosetests.xml -coverage.xml - -# Translations -*.mo -*.pot - -# Django stuff: -*.log - -# Sphinx documentation -docs/_build/ - -# PyBuilder -target/ - -# Virtual Environments -.venv - -# Temporary Files -*.swp - -# Visual Studio Code -.vscode/ diff --git a/lint-configs/README.md b/lint-configs/README.md deleted file mode 100644 index ff83c74..0000000 --- a/lint-configs/README.md +++ /dev/null @@ -1,30 +0,0 @@ -# StackStorm Lint Configs - -This repository contains lint configs for different programming languages and -tools (flake8, pylint, etc.) used by different StackStorm repositories. - -Configs are grouped in sub-directories by programming language. - -## Usage - -To use those configs, add this repository as a git subtree to the repository -where you want to utilize those configs. After that is done, update make -targets (or similar) to correctly pass path to the configs to the tools -in question. - -```bash -git subtree add --prefix lint-configs https://github.com/StackStorm/lint-configs.git master --squash -``` - -To use it (example with pylint) - -```bash -pylint -E --rcfile=./lint-configs/python/.pylintrc -... -``` - -And once you want to pull changes / updates from the lint-configs repository: - -```bash -git subtree pull --prefix lint-configs https://github.com/StackStorm/lint-configs.git master --squash -``` diff --git a/lint-configs/python/.flake8 b/lint-configs/python/.flake8 deleted file mode 100644 index f3cc01b..0000000 --- a/lint-configs/python/.flake8 +++ /dev/null @@ -1,18 +0,0 @@ -[flake8] -max-line-length = 100 -# L102 - apache license header -enable-extensions = L101,L102 -ignore = E128,E402,E722,W504 -exclude=*.egg/*,build,dist - -# Configuration for flake8-copyright extension -copyright-check = True -copyright-min-file-size = 1 - -# Settings for flake8-license -license-type = apache - -# NOTE: This requires flake8 >= 3.0.0 to work correctly. -# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones -# listed above as part of ignore list -select = E,F,W,C,L diff --git a/lint-configs/python/.flake8-exchange b/lint-configs/python/.flake8-exchange deleted file mode 100644 index f3cc01b..0000000 --- a/lint-configs/python/.flake8-exchange +++ /dev/null @@ -1,18 +0,0 @@ -[flake8] -max-line-length = 100 -# L102 - apache license header -enable-extensions = L101,L102 -ignore = E128,E402,E722,W504 -exclude=*.egg/*,build,dist - -# Configuration for flake8-copyright extension -copyright-check = True -copyright-min-file-size = 1 - -# Settings for flake8-license -license-type = apache - -# NOTE: This requires flake8 >= 3.0.0 to work correctly. -# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones -# listed above as part of ignore list -select = E,F,W,C,L diff --git a/lint-configs/python/.flake8-oss b/lint-configs/python/.flake8-oss deleted file mode 100644 index 86e3658..0000000 --- a/lint-configs/python/.flake8-oss +++ /dev/null @@ -1,18 +0,0 @@ -[flake8] -max-line-length = 100 -# L102 - apache license header -enable-extensions = L101,L102 -ignore = E128,E402,E722,W504 -exclude=*.egg/*,build,dist - -# Configuration for flake8-copyright extension -copyright-check = False -copyright-min-file-size = 1 - -# Settings for flake8-license -license-type = apache - -# NOTE: This requires flake8 >= 3.0.0 to work correctly. -# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones -# listed above as part of ignore list -select = E,F,W,C,L diff --git a/lint-configs/python/.flake8-proprietary b/lint-configs/python/.flake8-proprietary deleted file mode 100644 index afb1456..0000000 --- a/lint-configs/python/.flake8-proprietary +++ /dev/null @@ -1,17 +0,0 @@ -[flake8] -max-line-length = 100 -# L101 - proprietary license header -enable-extensions = L101,L102 -ignore = E128,E402,E722,W504 -exclude=*.egg/*,build,dist - -# Configuration for flake8-copyright extension -copyright-check = True -copyright-min-file-size = 1 - -license-type = proprietary - -# NOTE: This requires flake8 >= 3.0.0 to work correctly. -# If old version is used (< 3.0.0), it will select all the errors and it wont ignore ones -# listed above as part of ignore list -select = E,F,W,C,L diff --git a/lint-configs/python/.pylintrc b/lint-configs/python/.pylintrc deleted file mode 100644 index e25a0f7..0000000 --- a/lint-configs/python/.pylintrc +++ /dev/null @@ -1,31 +0,0 @@ -[MESSAGES CONTROL] -# C0111 Missing docstring -# I0011 Warning locally suppressed using disable-msg -# I0012 Warning locally suppressed using disable-msg -# W0704 Except doesn't do anything Used when an except clause does nothing but "pass" and there is no "else" clause -# W0142 Used * or * magic* Used when a function or method is called using *args or **kwargs to dispatch arguments. -# W0212 Access to a protected member %s of a client class -# W0232 Class has no __init__ method Used when a class has no __init__ method, neither its parent classes. -# W0613 Unused argument %r Used when a function or method argument is not used. -# W0702 No exception's type specified Used when an except clause doesn't specify exceptions type to catch. -# R0201 Method could be a function -# W0614 Unused import XYZ from wildcard import -# R0914 Too many local variables -# R0912 Too many branches -# R0915 Too many statements -# R0913 Too many arguments -# R0904 Too many public methods -# E0211: Method has no argument -# E1128: Assigning to function call which only returns None Used when an assignment is done on a function call but the inferred function returns nothing but None. -# E1129: Context manager ‘%s’ doesn’t implement __enter__ and __exit__. Used when an instance in a with statement doesn’t implement the context manager protocol(__enter__/__exit__). -disable=C0103,C0111,I0011,I0012,W0704,W0142,W0212,W0232,W0613,W0702,R0201,W0614,R0914,R0912,R0915,R0913,R0904,R0801,not-context-manager,assignment-from-none - -[TYPECHECK] -# Note: This modules are manipulated during the runtime so we can't detect all the properties during -# static analysis -ignored-modules=distutils,eventlet.green.subprocess,six,six.moves - -[FORMAT] -max-line-length=100 -max-module-lines=1000 -indent-string=' ' diff --git a/lint-configs/python/.pylintrc-exchange b/lint-configs/python/.pylintrc-exchange deleted file mode 100644 index 988e222..0000000 --- a/lint-configs/python/.pylintrc-exchange +++ /dev/null @@ -1,32 +0,0 @@ -[MESSAGES CONTROL] -# C0111 Missing docstring -# I0011 Warning locally suppressed using disable-msg -# I0012 Warning locally suppressed using disable-msg -# W0704 Except doesn't do anything Used when an except clause does nothing but "pass" and there is no "else" clause -# W0142 Used * or * magic* Used when a function or method is called using *args or **kwargs to dispatch arguments. -# W0212 Access to a protected member %s of a client class -# W0232 Class has no __init__ method Used when a class has no __init__ method, neither its parent classes. -# W0613 Unused argument %r Used when a function or method argument is not used. -# W0702 No exception's type specified Used when an except clause doesn't specify exceptions type to catch. -# R0201 Method could be a function -# W0614 Unused import XYZ from wildcard import -# R0914 Too many local variables -# R0912 Too many branches -# R0915 Too many statements -# R0913 Too many arguments -# R0904 Too many public methods -# E0211: Method has no argument -# E1128: Assigning to function call which only returns None Used when an assignment is done on a function call but the inferred function returns nothing but None. -# E1129: Context manager ‘%s’ doesn’t implement __enter__ and __exit__. Used when an instance in a with statement doesn’t implement the context manager protocol(__enter__/__exit__). -disable=C0103,C0111,I0011,I0012,W0704,W0142,W0212,W0232,W0613,W0702,R0201,W0614,R0914,R0912,R0915,R0913,R0904,R0801,not-context-manager,assignment-from-none - -[TYPECHECK] -# Note: This modules are manipulated during the runtime so we can't detect all the properties during -# static analysis -# The lib package is automatically added to PYTHONPATH by ST2 for Python actions -ignored-modules=distutils,eventlet.green.subprocess,six,six.moves,lib - -[FORMAT] -max-line-length=100 -max-module-lines=1000 -indent-string=' ' diff --git a/lint-configs/python/.pylintrc-pack-ci b/lint-configs/python/.pylintrc-pack-ci deleted file mode 100644 index a6c1de2..0000000 --- a/lint-configs/python/.pylintrc-pack-ci +++ /dev/null @@ -1,33 +0,0 @@ -[MESSAGES CONTROL] -# C0111 Missing docstring -# I0011 Warning locally suppressed using disable-msg -# I0012 Warning locally suppressed using disable-msg -# W0704 Except doesn't do anything Used when an except clause does nothing but "pass" and there is no "else" clause -# W0142 Used * or * magic* Used when a function or method is called using *args or **kwargs to dispatch arguments. -# W0212 Access to a protected member %s of a client class -# W0232 Class has no __init__ method Used when a class has no __init__ method, neither its parent classes. -# W0511 Used when a warning note as FIXME or XXX is detected. -# W0613 Unused argument %r Used when a function or method argument is not used. -# W0702 No exception's type specified Used when an except clause doesn't specify exceptions type to catch. -# R0201 Method could be a function -# W0614 Unused import XYZ from wildcard import -# W0621 Redefining name %r from outer scope (line %s) Used when a variable’s name hide a name defined in the outer scope. -# R0914 Too many local variables -# R0912 Too many branches -# R0915 Too many statements -# R0913 Too many arguments -# R0904 Too many public methods -# E0211: Method has no argument -# E1128: Assigning to function call which only returns None Used when an assignment is done on a function call but the inferred function returns nothing but None. -# E1129: Context manager ‘%s’ doesn’t implement __enter__ and __exit__. Used when an instance in a with statement doesn’t implement the context manager protocol(__enter__/__exit__). -disable=C0103,C0111,I0011,I0012,W0704,W0142,W0212,W0232,W0511,W0613,W0702,R0201,W0614,W0621,R0914,R0912,R0915,R0913,R0904,R0801,not-context-manager,assignment-from-none - -[TYPECHECK] -# Note: This modules are manipulated during the runtime so we can't detect all the properties during -# static analysis -ignored-modules=distutils,eventlet.green.subprocess,six,six.moves,st2common - -[FORMAT] -max-line-length=100 -max-module-lines=1000 -indent-string=' ' From 50ba270271573878c3f6117f83ac750ccf8d2a35 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 16:29:02 -0300 Subject: [PATCH 23/61] Update CHANGES.md Co-authored-by: Amanda McGuinness --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 63c6ca5..815ccc5 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -11,7 +11,7 @@ * Add new ``github.create_repository_from_template`` action which allows user to create a repository from template. * Add new ``github.add_update_repository_environment`` action which allows user to create a repository deployment environment. * Bug fix on ``github.store_oauth_token.`` to api save the token correctly so that it can be read later. -* Segure improvement on ``github.store_oauth_token.`` to encrypt de github token in web interface. +* Security improvement on ``github.store_oauth_token.`` to encrypt the github token in web interface. * Add new ``github.create_branch``, ``github.get_branch``, ``github.delete_branch`` actions which allows user to create/get/delete a branch. * Add token to ``github.create_file``, ``github.create_pull``, ``github.update_file``. From 980ec066d6ef3d3943609c79f0771899cdc82e4f Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 17:12:29 -0300 Subject: [PATCH 24/61] adjusting add/update environment documentation --- actions/add_update_repository_environment.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/actions/add_update_repository_environment.yaml b/actions/add_update_repository_environment.yaml index 96a52ce..3ea1c0f 100644 --- a/actions/add_update_repository_environment.yaml +++ b/actions/add_update_repository_environment.yaml @@ -6,14 +6,14 @@ pack: github description: > Add or update a repository environment. Example: - st2 run github.add_update_repository_environment organization="organization" owner="owner" repo="reponame" reviewers="< array of reviewers >" api_user="token_name" + st2 run github.add_update_repository_environment owner="owner" repo="reponame" environment="test" reviewers='[{"type": "Team", "name": "test-team"}]' api_user="test" github_type=online enabled: true entry_point: add_update_repository_environment.py parameters: # Repository parameters owner: type: "string" - description: "The account owner of the repository. The name is not case sensitive.." + description: "The account owner of the repository. The name is not case sensitive." required: true repo: type: "string" @@ -43,6 +43,7 @@ parameters: default: 0 reviewers: type: array + default: [] description: "The people or teams that may review jobs that reference the environment. You can list up to six users or teams as reviewers. The reviewers must have at least read access to the repository. Only one of the required reviewers needs to approve the job for it to proceed." required: false items: @@ -51,7 +52,12 @@ parameters: type: type: string required: true + enum: + - "User" + - "Team" id: + # Note, you MUST provide a id if the type is User.. otherwise you may provide the team name, and the script + # will detect the ID type: number required: false name: From 96030fd8db3477c878f04a19ead0d023d85cf59e Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 17:12:34 -0300 Subject: [PATCH 25/61] adjusting typos --- actions/add_repository_collaborator.yaml | 2 +- actions/add_update_repository_team.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/add_repository_collaborator.yaml b/actions/add_repository_collaborator.yaml index 76b6808..2c8800e 100644 --- a/actions/add_repository_collaborator.yaml +++ b/actions/add_repository_collaborator.yaml @@ -15,7 +15,7 @@ parameters: default: "{{action_context.api_user|default(None)}}" owner: type: "string" - description: "The account owner of the repository. The name is not case sensitive.." + description: "The account owner of the repository. The name is not case sensitive." required: true repo: type: "string" diff --git a/actions/add_update_repository_team.yaml b/actions/add_update_repository_team.yaml index cafedc5..935507f 100644 --- a/actions/add_update_repository_team.yaml +++ b/actions/add_update_repository_team.yaml @@ -5,7 +5,7 @@ pack: github description: > Add or update repository team. Example: - st2 run github.add_update_repository_team organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" + st2 run github.add_update_repository_team org="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" enabled: true entry_point: add_update_repository_team.py parameters: From 38e62385f8aea507b4b987a36f9e61046b708560 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 17:16:40 -0300 Subject: [PATCH 26/61] fixing typo --- actions/check_team_permissions_for_repository.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/check_team_permissions_for_repository.yaml b/actions/check_team_permissions_for_repository.yaml index 7802865..4b9ce03 100644 --- a/actions/check_team_permissions_for_repository.yaml +++ b/actions/check_team_permissions_for_repository.yaml @@ -5,7 +5,7 @@ pack: github description: > Check team permissions for a repository. Example: - st2 run github.check_team_permissions_for_repository organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" + st2 run github.check_team_permissions_for_repository org="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" enabled: true entry_point: check_team_permissions_for_repository.py parameters: From 5e12799e77cf48593d1a2675342940122d48bd23 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 17:24:12 -0300 Subject: [PATCH 27/61] making github_type usage/doc uniform --- actions/add_repository_collaborator.yaml | 7 +++---- actions/add_update_repository_environment.yaml | 7 +++---- actions/add_update_repository_team.yaml | 7 +++---- actions/check_team_permissions_for_repository.yaml | 7 +++---- actions/check_user_repository_collaborator.yaml | 7 +++---- actions/create_branch.yaml | 3 +-- actions/create_deployment.yaml | 6 ++++-- actions/create_deployment_status.yaml | 6 ++++-- actions/create_file.yaml | 5 ++--- actions/create_organization_repository.yaml | 7 +++---- actions/create_pull.yaml | 3 +-- actions/create_release.yaml | 6 ++++-- actions/create_repository_authenticated_user.yaml | 7 +++---- actions/create_repository_from_template.yaml | 7 +++---- actions/delete_branch.yaml | 3 +-- actions/get_branch.yaml | 3 +-- actions/get_clone_stats.yaml | 6 ++++-- actions/get_deployment_statuses.yaml | 6 ++++-- actions/get_repository_collaborators.yaml | 7 +++---- actions/get_traffic_stats.yaml | 6 ++++-- actions/get_user.yaml | 6 ++++-- actions/latest_release.yaml | 6 ++++-- actions/list_deployments.yaml | 6 ++++-- actions/list_releases.yaml | 6 ++++-- actions/store_oauth_token.yaml | 6 ++++-- actions/update_file.yaml | 3 +-- 26 files changed, 78 insertions(+), 71 deletions(-) diff --git a/actions/add_repository_collaborator.yaml b/actions/add_repository_collaborator.yaml index 2c8800e..c022551 100644 --- a/actions/add_repository_collaborator.yaml +++ b/actions/add_repository_collaborator.yaml @@ -27,11 +27,10 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" + - enterprise + - online permission: type: "string" description: "The permission to grant the collaborator. Only valid on organization-owned repositories. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any." diff --git a/actions/add_update_repository_environment.yaml b/actions/add_update_repository_environment.yaml index 3ea1c0f..b91ad74 100644 --- a/actions/add_update_repository_environment.yaml +++ b/actions/add_update_repository_environment.yaml @@ -26,11 +26,10 @@ parameters: default: "{{action_context.api_user|default(None)}}" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" + - enterprise + - online # Call-specific parameters :) environment: type: string diff --git a/actions/add_update_repository_team.yaml b/actions/add_update_repository_team.yaml index 935507f..c51c61b 100644 --- a/actions/add_update_repository_team.yaml +++ b/actions/add_update_repository_team.yaml @@ -31,11 +31,10 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" + - enterprise + - online permission: type: "string" description: "The permission to grant the team on this repository. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any. If no permission is specified, the team's permission attribute will be used to determine what permission to grant the team on this repository." diff --git a/actions/check_team_permissions_for_repository.yaml b/actions/check_team_permissions_for_repository.yaml index 4b9ce03..1973cf6 100644 --- a/actions/check_team_permissions_for_repository.yaml +++ b/actions/check_team_permissions_for_repository.yaml @@ -31,8 +31,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" \ No newline at end of file + - enterprise + - online \ No newline at end of file diff --git a/actions/check_user_repository_collaborator.yaml b/actions/check_user_repository_collaborator.yaml index 7d14c81..32a505c 100644 --- a/actions/check_user_repository_collaborator.yaml +++ b/actions/check_user_repository_collaborator.yaml @@ -27,8 +27,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" \ No newline at end of file + - enterprise + - online \ No newline at end of file diff --git a/actions/create_branch.yaml b/actions/create_branch.yaml index e3e03b0..712dae0 100644 --- a/actions/create_branch.yaml +++ b/actions/create_branch.yaml @@ -25,8 +25,7 @@ parameters: description: "The branch to be created from the given ref" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: enterprise + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - enterprise - online diff --git a/actions/create_deployment.yaml b/actions/create_deployment.yaml index be6dcea..1d454e2 100644 --- a/actions/create_deployment.yaml +++ b/actions/create_deployment.yaml @@ -31,5 +31,7 @@ parameters: default: "" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online \ No newline at end of file diff --git a/actions/create_deployment_status.yaml b/actions/create_deployment_status.yaml index 616b69c..31906ee 100644 --- a/actions/create_deployment_status.yaml +++ b/actions/create_deployment_status.yaml @@ -32,5 +32,7 @@ parameters: default: "" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online \ No newline at end of file diff --git a/actions/create_file.yaml b/actions/create_file.yaml index ddadda1..bbb4a4a 100644 --- a/actions/create_file.yaml +++ b/actions/create_file.yaml @@ -48,12 +48,11 @@ parameters: api_user: type: "string" - description: "The" + description: "The API user" default: "{{action_context.api_user|default(None)}}" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - enterprise - online \ No newline at end of file diff --git a/actions/create_organization_repository.yaml b/actions/create_organization_repository.yaml index e114396..a40960a 100644 --- a/actions/create_organization_repository.yaml +++ b/actions/create_organization_repository.yaml @@ -26,11 +26,10 @@ parameters: description: "A short description of the repository." github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" + - enterprise + - online homepage: type: "string" description: "A URL with more information about the repository." diff --git a/actions/create_pull.yaml b/actions/create_pull.yaml index ca10588..85b7e26 100644 --- a/actions/create_pull.yaml +++ b/actions/create_pull.yaml @@ -38,8 +38,7 @@ parameters: default: "{{action_context.api_user|default(None)}}" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - enterprise - online diff --git a/actions/create_release.yaml b/actions/create_release.yaml index 7142b59..b9042e6 100644 --- a/actions/create_release.yaml +++ b/actions/create_release.yaml @@ -45,5 +45,7 @@ parameters: immutable: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/create_repository_authenticated_user.yaml b/actions/create_repository_authenticated_user.yaml index 1f0d7b7..db5bd06 100644 --- a/actions/create_repository_authenticated_user.yaml +++ b/actions/create_repository_authenticated_user.yaml @@ -26,11 +26,10 @@ parameters: description: "A short description of the repository." github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "online" + - enterprise + - online homepage: type: "string" description: "A URL with more information about the repository." diff --git a/actions/create_repository_from_template.yaml b/actions/create_repository_from_template.yaml index 4913201..d196d1c 100644 --- a/actions/create_repository_from_template.yaml +++ b/actions/create_repository_from_template.yaml @@ -15,11 +15,10 @@ parameters: default: "{{action_context.api_user|default(None)}}" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" + - enterprise + - online template_owner: type: "string" description: "The template owner." diff --git a/actions/delete_branch.yaml b/actions/delete_branch.yaml index a605ef3..4cfcf3a 100644 --- a/actions/delete_branch.yaml +++ b/actions/delete_branch.yaml @@ -21,8 +21,7 @@ parameters: description: "The branch to be created from the given ref" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: enterprise + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - enterprise - online diff --git a/actions/get_branch.yaml b/actions/get_branch.yaml index be6755d..33159f4 100644 --- a/actions/get_branch.yaml +++ b/actions/get_branch.yaml @@ -21,8 +21,7 @@ parameters: description: "The name of the branch to fetch details for" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: enterprise + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - enterprise - online diff --git a/actions/get_clone_stats.yaml b/actions/get_clone_stats.yaml index 6b684c5..6b66161 100644 --- a/actions/get_clone_stats.yaml +++ b/actions/get_clone_stats.yaml @@ -11,5 +11,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/get_deployment_statuses.yaml b/actions/get_deployment_statuses.yaml index 127bc27..3950a1f 100644 --- a/actions/get_deployment_statuses.yaml +++ b/actions/get_deployment_statuses.yaml @@ -19,5 +19,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/get_repository_collaborators.yaml b/actions/get_repository_collaborators.yaml index 455b9a3..f8f2729 100644 --- a/actions/get_repository_collaborators.yaml +++ b/actions/get_repository_collaborators.yaml @@ -39,8 +39,7 @@ parameters: default: 1 github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - - "online" - - "enterprise" - default: "enterprise" \ No newline at end of file + - enterprise + - online \ No newline at end of file diff --git a/actions/get_traffic_stats.yaml b/actions/get_traffic_stats.yaml index a091ba7..3b42c2d 100644 --- a/actions/get_traffic_stats.yaml +++ b/actions/get_traffic_stats.yaml @@ -11,5 +11,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/get_user.yaml b/actions/get_user.yaml index acb15f7..e64eb4f 100644 --- a/actions/get_user.yaml +++ b/actions/get_user.yaml @@ -15,5 +15,7 @@ parameters: default: "{{action_context.api_user|default(None)}}" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/latest_release.yaml b/actions/latest_release.yaml index bfa8608..daf2f62 100644 --- a/actions/latest_release.yaml +++ b/actions/latest_release.yaml @@ -15,5 +15,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/list_deployments.yaml b/actions/list_deployments.yaml index 93dbfc1..e89e9b9 100644 --- a/actions/list_deployments.yaml +++ b/actions/list_deployments.yaml @@ -15,5 +15,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/list_releases.yaml b/actions/list_releases.yaml index 950c78d..824aa1f 100644 --- a/actions/list_releases.yaml +++ b/actions/list_releases.yaml @@ -15,5 +15,7 @@ parameters: required: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/store_oauth_token.yaml b/actions/store_oauth_token.yaml index 2448e9f..b4bb8bb 100644 --- a/actions/store_oauth_token.yaml +++ b/actions/store_oauth_token.yaml @@ -16,5 +16,7 @@ parameters: secret: true github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" + enum: + - enterprise + - online diff --git a/actions/update_file.yaml b/actions/update_file.yaml index de31537..1845a51 100644 --- a/actions/update_file.yaml +++ b/actions/update_file.yaml @@ -55,8 +55,7 @@ parameters: default: "{{action_context.api_user|default(None)}}" github_type: type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ + description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" enum: - enterprise - online From 6e253b5fc737bd3de02640480179dec9f1afafbe Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Thu, 10 Nov 2022 17:43:45 -0300 Subject: [PATCH 28/61] fixing typos :) --- actions/create_pull.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/create_pull.yaml b/actions/create_pull.yaml index 85b7e26..a8ea3d1 100644 --- a/actions/create_pull.yaml +++ b/actions/create_pull.yaml @@ -34,7 +34,7 @@ parameters: required: true api_user: type: "string" - description: "The" + description: "The API user" default: "{{action_context.api_user|default(None)}}" github_type: type: "string" From c22ec01078af7b84ba9a3ae51de69a66d35b4494 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:17:26 -0300 Subject: [PATCH 29/61] adding missing action to doc --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ed6674f..ce4cb4f 100644 --- a/README.md +++ b/README.md @@ -98,6 +98,7 @@ StackStorm webhook handler. * ``add_comment`` - Add comment to the provided issue / pull request. * ``add_repository_collaborator`` - Add a collaborator to repository. +* ``add_update_repository_environment`` - Add a deployment environment to a repository. * ``add_status`` - Add commit status to the provided commit. * ``add_update_repository_team`` - Add/Update a team to repository. * ``create_branch`` - Create new branch. From bf0756864c63e1976e3e29c7898f6c60e150e0cc Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:17:41 -0300 Subject: [PATCH 30/61] fixing tpos --- actions/create_repository_authenticated_user.yaml | 2 +- actions/create_repository_from_template.yaml | 2 +- actions/get_user.yaml | 2 +- actions/update_file.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/actions/create_repository_authenticated_user.yaml b/actions/create_repository_authenticated_user.yaml index db5bd06..4ed9dc0 100644 --- a/actions/create_repository_authenticated_user.yaml +++ b/actions/create_repository_authenticated_user.yaml @@ -3,7 +3,7 @@ name: create_repository_authenticated_user runner_type: python-script pack: github description: > - Creates a Github repository fot the authenticated user. + Creates a Github repository for the authenticated user. Example: st2 run github.create_repository_authenticated_user user="user" name="reponame" description="test github.create_repository" private=false api_user="token_name" enabled: true diff --git a/actions/create_repository_from_template.yaml b/actions/create_repository_from_template.yaml index d196d1c..afaeeb8 100644 --- a/actions/create_repository_from_template.yaml +++ b/actions/create_repository_from_template.yaml @@ -3,7 +3,7 @@ name: create_repository_from_template runner_type: python-script pack: github description: > - Creates a Github repository fot an organization. + Creates a Github repository from a template repository Example: st2 run github.create_repository_from_template owner="organization" name="reponame" description="test github.create_repository" private=true template_owner="gittemplate" template_repo="gitrepo" api_user="token_name" enabled: true diff --git a/actions/get_user.yaml b/actions/get_user.yaml index e64eb4f..86b9b7e 100644 --- a/actions/get_user.yaml +++ b/actions/get_user.yaml @@ -11,7 +11,7 @@ parameters: required: true token_user: type: "string" - description: "The" + description: "The API user" default: "{{action_context.api_user|default(None)}}" github_type: type: "string" diff --git a/actions/update_file.yaml b/actions/update_file.yaml index 1845a51..2835b20 100644 --- a/actions/update_file.yaml +++ b/actions/update_file.yaml @@ -51,7 +51,7 @@ parameters: required: false api_user: type: "string" - description: "The" + description: "The API user" default: "{{action_context.api_user|default(None)}}" github_type: type: "string" From 8591b3003b509616c54e8e4b6d8dde9b6fa67692 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:24:51 -0300 Subject: [PATCH 31/61] typo --- actions/check_team_permissions_for_repository.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/check_team_permissions_for_repository.py b/actions/check_team_permissions_for_repository.py index 9499686..baf127e 100644 --- a/actions/check_team_permissions_for_repository.py +++ b/actions/check_team_permissions_for_repository.py @@ -29,7 +29,7 @@ def run(self, api_user, org, team_slug, owner, repo, github_type): raise err except Exception as err: if str(err).find("404"): - results = {'response': "The team don't have access to the repository or not found"} + results = {'response': "The team doesn't have access to the repository or was not found"} else: raise err return results From eb49fa10b645cc13e04821b386d70ebd6f3271e8 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:26:21 -0300 Subject: [PATCH 32/61] description --- actions/check_team_permissions_for_repository.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/check_team_permissions_for_repository.yaml b/actions/check_team_permissions_for_repository.yaml index 1973cf6..ce96781 100644 --- a/actions/check_team_permissions_for_repository.yaml +++ b/actions/check_team_permissions_for_repository.yaml @@ -3,7 +3,7 @@ name: check_team_permissions_for_repository runner_type: python-script pack: github description: > - Check team permissions for a repository. + Check if the given team has access to a repository. Example: st2 run github.check_team_permissions_for_repository org="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name" enabled: true From f95d241cd6b98cd374258d260e6141387e03e625 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:27:38 -0300 Subject: [PATCH 33/61] adjusting text --- actions/check_user_repository_collaborator.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/check_user_repository_collaborator.py b/actions/check_user_repository_collaborator.py index 50826b6..408d95d 100644 --- a/actions/check_user_repository_collaborator.py +++ b/actions/check_user_repository_collaborator.py @@ -19,14 +19,14 @@ def run(self, api_user, owner, repo, username, github_type): {}, self.token, enterprise) - results = {'response': "The user {} is a Collaborator".format(username)} + results = {'response': f"The user {username} is a Collaborator"} except OSError as err: raise err except ValueError as err: raise err except Exception as err: if str(err).find("404"): - results = {'response': "is not a Collaborator or not found"} + results = {'response': f"The user {username} is not a Collaborator or not found"} else: raise err return results From 0b91d7ebf063b411e869f950acc2ca38d461f54d Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:33:47 -0300 Subject: [PATCH 34/61] adjusting doc --- actions/create_branch.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/create_branch.yaml b/actions/create_branch.yaml index 712dae0..03afd8f 100644 --- a/actions/create_branch.yaml +++ b/actions/create_branch.yaml @@ -4,7 +4,7 @@ runner_type: "python-script" description: > Create a new branch for a GitHub repository Example: - st2 run github.create_branch repository="reponame" origin_ref="heads/" new_branch="branch_name" api_user="token_name" + st2 run github.create_branch repository="owner/reponame" origin_ref="heads/" new_branch="branch_name" api_user="token_name" enabled: true entry_point: "create_branch.py" parameters: From 84e5c1d7f1233ce73384b2545aa09991556f38a0 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 11:39:02 -0300 Subject: [PATCH 35/61] adjusting action --- actions/create_repository_authenticated_user.py | 5 ++--- actions/create_repository_authenticated_user.yaml | 6 +----- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/actions/create_repository_authenticated_user.py b/actions/create_repository_authenticated_user.py index c97c8eb..66c9da0 100644 --- a/actions/create_repository_authenticated_user.py +++ b/actions/create_repository_authenticated_user.py @@ -6,7 +6,7 @@ ] class CreateRepositoryAuthenticatedUserAction(BaseGithubAction): - def run(self, api_user, user, name, description, github_type, homepage, private, + def run(self, api_user, name, description, github_type, homepage, private, has_issues, has_projects, has_wiki, team_id, auto_init, gitignore_template, license_template, allow_squash_merge, allow_merge_commit, allow_rebase_merge, allow_auto_merge, delete_branch_on_merge, has_downloads, is_template, ): @@ -16,8 +16,7 @@ def run(self, api_user, user, name, description, github_type, homepage, private, if api_user: self.token = self._get_user_token(api_user, enterprise) - payload = { "user": user, - "name": name, + payload = { "name": name, "description": description, "homepage": homepage, "private": private, diff --git a/actions/create_repository_authenticated_user.yaml b/actions/create_repository_authenticated_user.yaml index 4ed9dc0..20189a8 100644 --- a/actions/create_repository_authenticated_user.yaml +++ b/actions/create_repository_authenticated_user.yaml @@ -5,7 +5,7 @@ pack: github description: > Creates a Github repository for the authenticated user. Example: - st2 run github.create_repository_authenticated_user user="user" name="reponame" description="test github.create_repository" private=false api_user="token_name" + st2 run github.create_repository_authenticated_user name="reponame" description="test github.create_repository" private=false api_user="token_name" enabled: true entry_point: create_repository_authenticated_user.py parameters: @@ -13,10 +13,6 @@ parameters: type: "string" description: "The API user" default: "{{action_context.api_user|default(None)}}" - user: - type: "string" - description: "GitHub User." - required: true name: type: "string" description: "The name of the repository." From 89fb9a67cc17c361feb04e4deaba999d4f9648c8 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 12:43:59 -0300 Subject: [PATCH 36/61] typo --- actions/delete_branch.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/delete_branch.yaml b/actions/delete_branch.yaml index 4cfcf3a..a68ea5f 100644 --- a/actions/delete_branch.yaml +++ b/actions/delete_branch.yaml @@ -4,7 +4,7 @@ runner_type: "python-script" description: > Deletes a branch from a GitHub repository Example: - st2 run github.delete_branch repository="reponame" branch="branch_name" api_user="token_name" + st2 run github.delete_branch repository="org/reponame" branch="branch_name" api_user="token_name" enabled: true entry_point: "delete_branch.py" parameters: @@ -18,7 +18,7 @@ parameters: required: true branch: type: "string" - description: "The branch to be created from the given ref" + description: "The branch to be deleted from the given ref" github_type: type: "string" description: "The type of github API to target, if unset will use the configured pack default. Enterprise means self-hosted API, e.g. github.your-company.com. Online means api.github.com" From 4187e34abe4f66b72123c3674e21d00d9f09245b Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 12:44:44 -0300 Subject: [PATCH 37/61] adjusting docs --- actions/delete_branch.yaml | 2 +- actions/get_branch.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/delete_branch.yaml b/actions/delete_branch.yaml index a68ea5f..b89082f 100644 --- a/actions/delete_branch.yaml +++ b/actions/delete_branch.yaml @@ -4,7 +4,7 @@ runner_type: "python-script" description: > Deletes a branch from a GitHub repository Example: - st2 run github.delete_branch repository="org/reponame" branch="branch_name" api_user="token_name" + st2 run github.delete_branch repository="owner/reponame" branch="branch_name" api_user="token_name" enabled: true entry_point: "delete_branch.py" parameters: diff --git a/actions/get_branch.yaml b/actions/get_branch.yaml index 33159f4..5c1135f 100644 --- a/actions/get_branch.yaml +++ b/actions/get_branch.yaml @@ -4,7 +4,7 @@ runner_type: "python-script" description: > Gets branch details from a GitHub repository Example: - st2 run github.get_branch repository="reponame" branch="branch_name" api_user="token_name" + st2 run github.get_branch repository="owner/reponame" branch="branch_name" api_user="token_name" enabled: true entry_point: "get_branch.py" parameters: From 343e7f5f5c1b36e30833878f385a93a763b03c22 Mon Sep 17 00:00:00 2001 From: Guilherme Pim Date: Fri, 11 Nov 2022 12:48:25 -0300 Subject: [PATCH 38/61] update changelog --- CHANGES.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index b21f517..2dc78a1 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -10,8 +10,8 @@ * Add new ``github.create_repository_authenticated_user`` action which allows user to create a user repository. * Add new ``github.create_repository_from_template`` action which allows user to create a repository from a template repository. * Add new ``github.add_update_repository_environment`` action which allows user to create a repository deployment environment. -* Bug fix on ``github.store_oauth_token.`` to save the token correctly so that it can be read later. -* Security improvement on ``github.store_oauth_token.`` to hide the github token in web interface. +* Bug fix on ``github.store_oauth_token`` to save the token correctly so that it can be read later. +* Security improvement on ``github.store_oauth_token`` to encrypt the github token and hide it in web interface. * Add new ``github.create_branch``, ``github.get_branch``, ``github.delete_branch`` actions which allow user to create/get/delete a branch. * Add token to ``github.create_file``, ``github.create_pull``, ``github.update_file``. From 0f0b00baa394756f00fa66dd0e5bff0ac48c8b66 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 15:28:09 +1100 Subject: [PATCH 39/61] Adding code scanning alerts. --- actions/list_open_code_scanning_alerts.py | 56 +++++++++++++++++++++ actions/list_open_code_scanning_alerts.yaml | 23 +++++++++ 2 files changed, 79 insertions(+) create mode 100644 actions/list_open_code_scanning_alerts.py create mode 100644 actions/list_open_code_scanning_alerts.yaml diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py new file mode 100644 index 0000000..91759b7 --- /dev/null +++ b/actions/list_open_code_scanning_alerts.py @@ -0,0 +1,56 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +from lib.base import BaseGithubAction + + +class ListOpenCodeScanningAlerts(BaseGithubAction): + def run(self, api_user, user,repository, github_type): + results = [] + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, + enterprise) + page=1 + paginate = True + alerts = [] + while paginate: + response = self._request("GET", + "/repos/{}/{}/code-scanning/alerts?state=open&per_page=10&page={}".format(user,repository,page), + None, + self.token, + enterprise) + if len(response) == 0: + paginate = False + else: + alerts += response + page += 1 + + + for alert in alerts: + results.append( + {'alert_number': alert['number'], + 'created_at': alert['created_at'], + 'updated_at': alert['updated_at'], + 'tool_name': alert['tool']['name'], + 'tool_version': alert['tool']['version'], + 'rule_severity': alert['rule']['severity'], + 'rule_name': alert['rule']['name'], + 'rule_description': alert['rule']['description'], + 'html_url': alert['html_url'] + }) + + return results diff --git a/actions/list_open_code_scanning_alerts.yaml b/actions/list_open_code_scanning_alerts.yaml new file mode 100644 index 0000000..7d4b042 --- /dev/null +++ b/actions/list_open_code_scanning_alerts.yaml @@ -0,0 +1,23 @@ +--- +name: "list_open_code_scanning_alerts" +runner_type: "python-script" +description: "List Code Scanning Alerts for a GitHub repository" +enabled: true +entry_point: "list_open_code_scanning_alerts.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + user: + type: "string" + description: "User / organization name." + required: true + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ From 10e4841c59fc4077041b9f6f6d6717c0b81e92f0 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 18:42:15 +1100 Subject: [PATCH 40/61] Remove alex.py --- alex.py | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 alex.py diff --git a/alex.py b/alex.py new file mode 100644 index 0000000..31b358c --- /dev/null +++ b/alex.py @@ -0,0 +1,9 @@ +from github import Github + +DEFAULT_API_URL = 'https://api.github.com' + +client = Github('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', base_url=DEFAULT_API_URL) + +repo= client.get_organization('doshii-io').get_repo('doshii-connect').get_codescan_alerts() + +print(dir(repo)) \ No newline at end of file From 337ac4fe09c36cd80fe276d5f0f6ae34e7aee645 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 19:57:07 +1100 Subject: [PATCH 41/61] Adding ability to update a code scanning alert. --- actions/list_open_code_scanning_alerts.py | 2 +- actions/update_code_scanning_alert.py | 46 ++++++++++++++++++++ actions/update_code_scanning_alert.yaml | 41 +++++++++++++++++ actions/update_open_code_scanning_alert.py | 46 ++++++++++++++++++++ actions/update_open_code_scanning_alert.yaml | 41 +++++++++++++++++ pack.yaml | 2 +- 6 files changed, 176 insertions(+), 2 deletions(-) create mode 100644 actions/update_code_scanning_alert.py create mode 100644 actions/update_code_scanning_alert.yaml create mode 100644 actions/update_open_code_scanning_alert.py create mode 100644 actions/update_open_code_scanning_alert.yaml diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 91759b7..898b039 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -29,7 +29,7 @@ def run(self, api_user, user,repository, github_type): alerts = [] while paginate: response = self._request("GET", - "/repos/{}/{}/code-scanning/alerts?state=open&per_page=10&page={}".format(user,repository,page), + "/repos/{}/{}/code-scanning/alerts?state=open&per_page=20&page={}".format(user,repository,page), None, self.token, enterprise) diff --git a/actions/update_code_scanning_alert.py b/actions/update_code_scanning_alert.py new file mode 100644 index 0000000..e5aaeb7 --- /dev/null +++ b/actions/update_code_scanning_alert.py @@ -0,0 +1,46 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +from lib.base import BaseGithubAction + + +class UpdateOpenCodeScanningAlert(BaseGithubAction): + def run(self, api_user, user,repository, github_type, alert_number, state, dismissed_reason=None, dismissed_comment=None): + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, + enterprise) + payload = { + "state": state + } + if state == 'dismissed': + payload.update({ + "dismissed_reason": dismissed_reason, + "dismissed_comment": dismissed_comment + }) + + response = self._request("PATCH", + "/repos/{}/{}/code-scanning/alerts/{}".format(user,repository,alert_number), + payload, + self.token, + enterprise) + + results = { + "alert_number" : response['number'], + "state": response['state'], + "html_url": response['html_url'] + } + + return results diff --git a/actions/update_code_scanning_alert.yaml b/actions/update_code_scanning_alert.yaml new file mode 100644 index 0000000..17718ad --- /dev/null +++ b/actions/update_code_scanning_alert.yaml @@ -0,0 +1,41 @@ +--- +name: "update_code_scanning_alert" +runner_type: "python-script" +description: "Update Code Scanning Alert for a GitHub repository" +enabled: true +entry_point: "update_code_scanning_alert.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + user: + type: "string" + description: "User / organization name." + required: true + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ + alert_number: + type: "string" + description: "The alert number" + required: true + state: + type: "string" + description: "The state to update." + enum: + - open + - dismissed + dismissed_reason: + type: "string" + description: "The reason for dismissal, if the state is dismissed" + default: ~ + dismissed_comment: + type: "string" + description: "Comment for any additional information for the dismissal" + default: ~ diff --git a/actions/update_open_code_scanning_alert.py b/actions/update_open_code_scanning_alert.py new file mode 100644 index 0000000..e5aaeb7 --- /dev/null +++ b/actions/update_open_code_scanning_alert.py @@ -0,0 +1,46 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +from lib.base import BaseGithubAction + + +class UpdateOpenCodeScanningAlert(BaseGithubAction): + def run(self, api_user, user,repository, github_type, alert_number, state, dismissed_reason=None, dismissed_comment=None): + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, + enterprise) + payload = { + "state": state + } + if state == 'dismissed': + payload.update({ + "dismissed_reason": dismissed_reason, + "dismissed_comment": dismissed_comment + }) + + response = self._request("PATCH", + "/repos/{}/{}/code-scanning/alerts/{}".format(user,repository,alert_number), + payload, + self.token, + enterprise) + + results = { + "alert_number" : response['number'], + "state": response['state'], + "html_url": response['html_url'] + } + + return results diff --git a/actions/update_open_code_scanning_alert.yaml b/actions/update_open_code_scanning_alert.yaml new file mode 100644 index 0000000..2ed6a92 --- /dev/null +++ b/actions/update_open_code_scanning_alert.yaml @@ -0,0 +1,41 @@ +--- +name: "update_open_code_scanning_alert" +runner_type: "python-script" +description: "Update Code Scanning Alert for a GitHub repository" +enabled: true +entry_point: "update_open_code_scanning_alert.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + user: + type: "string" + description: "User / organization name." + required: true + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ + alert_number: + type: "string" + description: "The alert number" + required: true + state: + type: "string" + description: "The state to update." + enum: + - open + - dismissed + dismissed_reason: + type: "string" + description: "The reason for dismissal, if the state is dismissed" + default: ~ + dismissed_comment: + type: "string" + description: "Comment for any additional information for the dismissal" + default: ~ diff --git a/pack.yaml b/pack.yaml index b991709..4ca81c6 100644 --- a/pack.yaml +++ b/pack.yaml @@ -8,7 +8,7 @@ keywords: - git - scm - serverless -version: 2.2.0 +version: 2.3.0 python_versions: - "3" author : StackStorm, Inc. From d2a9d0126fe11f280a9b63b39ab6679b67746967 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 20:33:47 +1100 Subject: [PATCH 42/61] Adding 'list dependabot' alerts action --- actions/list_open_dependabot_alerts.py | 57 ++++++++++++++++++++++++ actions/list_open_dependabot_alerts.yaml | 23 ++++++++++ 2 files changed, 80 insertions(+) create mode 100644 actions/list_open_dependabot_alerts.py create mode 100644 actions/list_open_dependabot_alerts.yaml diff --git a/actions/list_open_dependabot_alerts.py b/actions/list_open_dependabot_alerts.py new file mode 100644 index 0000000..d9853fb --- /dev/null +++ b/actions/list_open_dependabot_alerts.py @@ -0,0 +1,57 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +from lib.base import BaseGithubAction + + +class ListOpenDependabotAlerts(BaseGithubAction): + def run(self, api_user, user,repository, github_type): + results = [] + + enterprise = self._is_enterprise(github_type) + + if api_user: + self.token = self._get_user_token(api_user, + enterprise) + page=1 + paginate = True + alerts = [] + while paginate: + response = self._request("GET", + "/repos/{}/{}/dependabot/alerts?state=open&per_page=20&page={}".format(user,repository,page), + None, + self.token, + enterprise) + if len(response) == 0: + paginate = False + else: + alerts += response + page += 1 + + + for alert in alerts: + results.append( + {'alert_number': alert['number'], + 'created_at': alert['created_at'], + 'updated_at': alert['updated_at'], + 'scope': alert['dependency']['scope'], + 'dependency_name': alert['dependency']['package']['name'], + 'severity': alert['security_advisory']['severity'], + 'cve_id': alert['security_advisory']['cve_id'], + 'summary': alert['security_advisory']['summary'], + 'description': alert['security_advisory']['description'], + 'html_url': alert['html_url'] + }) + + return results diff --git a/actions/list_open_dependabot_alerts.yaml b/actions/list_open_dependabot_alerts.yaml new file mode 100644 index 0000000..b80a795 --- /dev/null +++ b/actions/list_open_dependabot_alerts.yaml @@ -0,0 +1,23 @@ +--- +name: "list_open_dependabot_alerts" +runner_type: "python-script" +description: "List Dependabot Alerts for a GitHub repository" +enabled: true +entry_point: "list_open_dependabot_alerts.py" +parameters: + api_user: + type: "string" + description: "The API user" + default: "{{action_context.api_user|default(None)}}" + user: + type: "string" + description: "User / organization name." + required: true + repository: + type: "string" + description: "The full (Organization|User)/repository path" + required: true + github_type: + type: "string" + description: "The type of github installation to target, if unset will use the configured default." + default: ~ From 5e4247678957e0e1a031c3f59f97ed5216ab71d5 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 20:55:39 +1100 Subject: [PATCH 43/61] Changing to have security alerts updates possible with same code for either dependabot or code_scanning --- actions/update_open_code_scanning_alert.py | 46 ------------------- actions/update_open_code_scanning_alert.yaml | 41 ----------------- ...ning_alert.py => update_security_alert.py} | 6 +-- ..._alert.yaml => update_security_alert.yaml} | 12 +++-- alex.py | 9 ---- 5 files changed, 12 insertions(+), 102 deletions(-) delete mode 100644 actions/update_open_code_scanning_alert.py delete mode 100644 actions/update_open_code_scanning_alert.yaml rename actions/{update_code_scanning_alert.py => update_security_alert.py} (88%) rename actions/{update_code_scanning_alert.yaml => update_security_alert.yaml} (78%) delete mode 100644 alex.py diff --git a/actions/update_open_code_scanning_alert.py b/actions/update_open_code_scanning_alert.py deleted file mode 100644 index e5aaeb7..0000000 --- a/actions/update_open_code_scanning_alert.py +++ /dev/null @@ -1,46 +0,0 @@ -# Licensed to the StackStorm, Inc ('StackStorm') under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and - -from lib.base import BaseGithubAction - - -class UpdateOpenCodeScanningAlert(BaseGithubAction): - def run(self, api_user, user,repository, github_type, alert_number, state, dismissed_reason=None, dismissed_comment=None): - enterprise = self._is_enterprise(github_type) - - if api_user: - self.token = self._get_user_token(api_user, - enterprise) - payload = { - "state": state - } - if state == 'dismissed': - payload.update({ - "dismissed_reason": dismissed_reason, - "dismissed_comment": dismissed_comment - }) - - response = self._request("PATCH", - "/repos/{}/{}/code-scanning/alerts/{}".format(user,repository,alert_number), - payload, - self.token, - enterprise) - - results = { - "alert_number" : response['number'], - "state": response['state'], - "html_url": response['html_url'] - } - - return results diff --git a/actions/update_open_code_scanning_alert.yaml b/actions/update_open_code_scanning_alert.yaml deleted file mode 100644 index 2ed6a92..0000000 --- a/actions/update_open_code_scanning_alert.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -name: "update_open_code_scanning_alert" -runner_type: "python-script" -description: "Update Code Scanning Alert for a GitHub repository" -enabled: true -entry_point: "update_open_code_scanning_alert.py" -parameters: - api_user: - type: "string" - description: "The API user" - default: "{{action_context.api_user|default(None)}}" - user: - type: "string" - description: "User / organization name." - required: true - repository: - type: "string" - description: "The full (Organization|User)/repository path" - required: true - github_type: - type: "string" - description: "The type of github installation to target, if unset will use the configured default." - default: ~ - alert_number: - type: "string" - description: "The alert number" - required: true - state: - type: "string" - description: "The state to update." - enum: - - open - - dismissed - dismissed_reason: - type: "string" - description: "The reason for dismissal, if the state is dismissed" - default: ~ - dismissed_comment: - type: "string" - description: "Comment for any additional information for the dismissal" - default: ~ diff --git a/actions/update_code_scanning_alert.py b/actions/update_security_alert.py similarity index 88% rename from actions/update_code_scanning_alert.py rename to actions/update_security_alert.py index e5aaeb7..7764200 100644 --- a/actions/update_code_scanning_alert.py +++ b/actions/update_security_alert.py @@ -15,8 +15,8 @@ from lib.base import BaseGithubAction -class UpdateOpenCodeScanningAlert(BaseGithubAction): - def run(self, api_user, user,repository, github_type, alert_number, state, dismissed_reason=None, dismissed_comment=None): +class UpdateSecurityAlert(BaseGithubAction): + def run(self, api_user, user,repository, github_type, alert_type,alert_number, state, dismissed_reason=None, dismissed_comment=None): enterprise = self._is_enterprise(github_type) if api_user: @@ -32,7 +32,7 @@ def run(self, api_user, user,repository, github_type, alert_number, state, dismi }) response = self._request("PATCH", - "/repos/{}/{}/code-scanning/alerts/{}".format(user,repository,alert_number), + "/repos/{}/{}/{}/alerts/{}".format(user,repository,alert_type,alert_number), payload, self.token, enterprise) diff --git a/actions/update_code_scanning_alert.yaml b/actions/update_security_alert.yaml similarity index 78% rename from actions/update_code_scanning_alert.yaml rename to actions/update_security_alert.yaml index 17718ad..3c3aba0 100644 --- a/actions/update_code_scanning_alert.yaml +++ b/actions/update_security_alert.yaml @@ -1,9 +1,9 @@ --- -name: "update_code_scanning_alert" +name: "update_security_alert" runner_type: "python-script" -description: "Update Code Scanning Alert for a GitHub repository" +description: "Update Code Scanning or Dependabot Alert for a GitHub repository" enabled: true -entry_point: "update_code_scanning_alert.py" +entry_point: "update_security_alert.py" parameters: api_user: type: "string" @@ -21,6 +21,12 @@ parameters: type: "string" description: "The type of github installation to target, if unset will use the configured default." default: ~ + alert_type: + type: "string" + description: "The type of alert" + enum: + - code_scanning + - dependabot alert_number: type: "string" description: "The alert number" diff --git a/alex.py b/alex.py deleted file mode 100644 index 31b358c..0000000 --- a/alex.py +++ /dev/null @@ -1,9 +0,0 @@ -from github import Github - -DEFAULT_API_URL = 'https://api.github.com' - -client = Github('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', base_url=DEFAULT_API_URL) - -repo= client.get_organization('doshii-io').get_repo('doshii-connect').get_codescan_alerts() - -print(dir(repo)) \ No newline at end of file From e8ceb1da260e7950448b76ac3002dab443b10a0d Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 21:12:50 +1100 Subject: [PATCH 44/61] Performing cleanups and adding tests. --- actions/update_security_alert.py | 6 ++--- actions/update_security_alert.yaml | 2 +- ...t_action_list_open_code_scanning_alerts.py | 24 +++++++++++++++++++ ...test_action_list_open_dependabot_alerts.py | 24 +++++++++++++++++++ tests/test_action_update_security_alert.py | 24 +++++++++++++++++++ 5 files changed, 76 insertions(+), 4 deletions(-) create mode 100644 tests/test_action_list_open_code_scanning_alerts.py create mode 100644 tests/test_action_list_open_dependabot_alerts.py create mode 100644 tests/test_action_update_security_alert.py diff --git a/actions/update_security_alert.py b/actions/update_security_alert.py index 7764200..9bba484 100644 --- a/actions/update_security_alert.py +++ b/actions/update_security_alert.py @@ -38,9 +38,9 @@ def run(self, api_user, user,repository, github_type, alert_type,alert_number, s enterprise) results = { - "alert_number" : response['number'], - "state": response['state'], - "html_url": response['html_url'] + 'alert_number' : response['number'], + 'state': response['state'], + 'html_url': response['html_url'] } return results diff --git a/actions/update_security_alert.yaml b/actions/update_security_alert.yaml index 3c3aba0..b4769fb 100644 --- a/actions/update_security_alert.yaml +++ b/actions/update_security_alert.yaml @@ -39,7 +39,7 @@ parameters: - dismissed dismissed_reason: type: "string" - description: "The reason for dismissal, if the state is dismissed" + description: "The reason for dismissal, if the state is dismissed. For dependabot: one of fix_started, inaccurate, no_bandwidth, not_used, tolerable_risk. For code_scanning: one of false positive, won't fix, used in tests." default: ~ dismissed_comment: type: "string" diff --git a/tests/test_action_list_open_code_scanning_alerts.py b/tests/test_action_list_open_code_scanning_alerts.py new file mode 100644 index 0000000..1dd7285 --- /dev/null +++ b/tests/test_action_list_open_code_scanning_alerts.py @@ -0,0 +1,24 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +# from mock import MagicMock + +from github_base_action_test_case import GitHubBaseActionTestCase + +from list_open_code_scanning_alerts import ListOpenCodeScanningAlerts + + +class ListOpenCodeScanningAlertsActionTestCase(GitHubBaseActionTestCase): + __test__ = True + action_cls = ListOpenCodeScanningAlerts diff --git a/tests/test_action_list_open_dependabot_alerts.py b/tests/test_action_list_open_dependabot_alerts.py new file mode 100644 index 0000000..b1d8dfe --- /dev/null +++ b/tests/test_action_list_open_dependabot_alerts.py @@ -0,0 +1,24 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +# from mock import MagicMock + +from github_base_action_test_case import GitHubBaseActionTestCase + +from list_open_dependabot_alerts import ListOpenDependabotAlerts + + +class ListOpenDependabotAlertsActionTestCase(GitHubBaseActionTestCase): + __test__ = True + action_cls = ListOpenDependabotAlerts diff --git a/tests/test_action_update_security_alert.py b/tests/test_action_update_security_alert.py new file mode 100644 index 0000000..2a70f60 --- /dev/null +++ b/tests/test_action_update_security_alert.py @@ -0,0 +1,24 @@ +# Licensed to the StackStorm, Inc ('StackStorm') under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +# from mock import MagicMock + +from github_base_action_test_case import GitHubBaseActionTestCase + +from update_security_alert import UpdateSecurityAlert + + +class UpdateSecurityAlertActionTestCase(GitHubBaseActionTestCase): + __test__ = True + action_cls = UpdateSecurityAlert From 144926690357fdd736d3d5433713544d0e7dc9cd Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 21:24:50 +1100 Subject: [PATCH 45/61] Adding to the changelog. --- CHANGES.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 2dc78a1..ce0b20c 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,4 +1,8 @@ # Changelog +## 2.3.0 +* Add new ``github.update_security_alert`` action to update either dependabot or code scanning alerts. +* Add new ``github.list_open_code_scanning_alerts`` action to list open code scanning alerts for a repository. +* Add new ``github.list_open_dependabot_alerts`` action to list open dependabot alerts for a repository. ## 2.2.0 * Add new ``github.add_repository_collaborator`` action which allows user to add a collaborator to repository. From ad18e600a46627451b1e267a5bd6da5fb5130d6c Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 21:47:21 +1100 Subject: [PATCH 46/61] correcting some styling --- actions/list_open_code_scanning_alerts.py | 8 ++++---- actions/list_open_dependabot_alerts.py | 8 ++++---- actions/update_security_alert.py | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 898b039..5469ddc 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -16,7 +16,7 @@ class ListOpenCodeScanningAlerts(BaseGithubAction): - def run(self, api_user, user,repository, github_type): + def run(self, api_user, user, repository, github_type): results = [] enterprise = self._is_enterprise(github_type) @@ -24,12 +24,13 @@ def run(self, api_user, user,repository, github_type): if api_user: self.token = self._get_user_token(api_user, enterprise) - page=1 + page = 1 paginate = True alerts = [] while paginate: response = self._request("GET", - "/repos/{}/{}/code-scanning/alerts?state=open&per_page=20&page={}".format(user,repository,page), + "/repos/{}/{}/code-scanning/alerts?state=open&per_page=20&page={}" + .format(user, repository, page), None, self.token, enterprise) @@ -39,7 +40,6 @@ def run(self, api_user, user,repository, github_type): alerts += response page += 1 - for alert in alerts: results.append( {'alert_number': alert['number'], diff --git a/actions/list_open_dependabot_alerts.py b/actions/list_open_dependabot_alerts.py index d9853fb..343a9e4 100644 --- a/actions/list_open_dependabot_alerts.py +++ b/actions/list_open_dependabot_alerts.py @@ -16,7 +16,7 @@ class ListOpenDependabotAlerts(BaseGithubAction): - def run(self, api_user, user,repository, github_type): + def run(self, api_user, user, repository, github_type): results = [] enterprise = self._is_enterprise(github_type) @@ -24,12 +24,13 @@ def run(self, api_user, user,repository, github_type): if api_user: self.token = self._get_user_token(api_user, enterprise) - page=1 + page = 1 paginate = True alerts = [] while paginate: response = self._request("GET", - "/repos/{}/{}/dependabot/alerts?state=open&per_page=20&page={}".format(user,repository,page), + "/repos/{}/{}/dependabot/alerts?state=open&per_page=20&page={}" + .format(user, repository, page), None, self.token, enterprise) @@ -39,7 +40,6 @@ def run(self, api_user, user,repository, github_type): alerts += response page += 1 - for alert in alerts: results.append( {'alert_number': alert['number'], diff --git a/actions/update_security_alert.py b/actions/update_security_alert.py index 9bba484..f9f49bc 100644 --- a/actions/update_security_alert.py +++ b/actions/update_security_alert.py @@ -16,19 +16,19 @@ class UpdateSecurityAlert(BaseGithubAction): - def run(self, api_user, user,repository, github_type, alert_type,alert_number, state, dismissed_reason=None, dismissed_comment=None): + def run(self, api_user, user, repository, github_type, alert_type, alert_number, state, dismissed_reason = None, dismissed_comment = None): enterprise = self._is_enterprise(github_type) if api_user: self.token = self._get_user_token(api_user, enterprise) payload = { - "state": state + 'state': state } if state == 'dismissed': payload.update({ - "dismissed_reason": dismissed_reason, - "dismissed_comment": dismissed_comment + 'dismissed_reason': dismissed_reason, + 'dismissed_comment': dismissed_comment }) response = self._request("PATCH", From 2887896b2c41d58f2065ca0bb0ce715c9fffd38d Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 21:52:06 +1100 Subject: [PATCH 47/61] style cleanup --- actions/add_update_repository_environment.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/actions/add_update_repository_environment.py b/actions/add_update_repository_environment.py index d031f27..b96ebce 100644 --- a/actions/add_update_repository_environment.py +++ b/actions/add_update_repository_environment.py @@ -13,7 +13,7 @@ def _get_team_id(self, enterprise, org, name): f"/orgs/{org}/teams/{name}", None, self.token, - enterprise) + enterprise) self.logger.debug("Found ID [%d] for name [%s]", response["id"], name) return response["id"] @@ -33,7 +33,8 @@ def run(self, api_user, environment, del reviewer["name"] reviewer["id"] = self._get_team_id(enterprise, owner, name) elif type == "User" and name: - raise NotImplementedError("Providing reviewer of type user without ID is not implemented!") + raise NotImplementedError("Providing reviewer of type user without \ + ID is not implemented!") payload = { "wait_timer": int(wait_timer), @@ -42,7 +43,7 @@ def run(self, api_user, environment, } self.logger.info( - "Adding/Updating environment [%s] with parameters [%s] for repo [%s/%s] with user [%s]", + "Adding/Updating environment [%s] with parameters [%s] for repo [%s/%s] with user [%s]", environment, payload, owner, repo, api_user) try: From c0c70a8cd497abe55118d84ca742bc3a8f42dd38 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 22:56:03 +1100 Subject: [PATCH 48/61] more style cleanups --- .../check_team_permissions_for_repository.py | 3 +- actions/create_organization_repository.py | 4 -- .../create_repository_authenticated_user.py | 43 ++++++++++--------- actions/create_repository_from_template.py | 17 +++----- actions/list_open_code_scanning_alerts.py | 3 +- actions/update_security_alert.py | 7 +-- 6 files changed, 37 insertions(+), 40 deletions(-) diff --git a/actions/check_team_permissions_for_repository.py b/actions/check_team_permissions_for_repository.py index baf127e..99c668e 100644 --- a/actions/check_team_permissions_for_repository.py +++ b/actions/check_team_permissions_for_repository.py @@ -29,7 +29,8 @@ def run(self, api_user, org, team_slug, owner, repo, github_type): raise err except Exception as err: if str(err).find("404"): - results = {'response': "The team doesn't have access to the repository or was not found"} + results = {'response': "The team doesn't have access to \ + the repository or was not found"} else: raise err return results diff --git a/actions/create_organization_repository.py b/actions/create_organization_repository.py index bbcd898..81ed3fd 100644 --- a/actions/create_organization_repository.py +++ b/actions/create_organization_repository.py @@ -1,7 +1,3 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ diff --git a/actions/create_repository_authenticated_user.py b/actions/create_repository_authenticated_user.py index 66c9da0..918b27d 100644 --- a/actions/create_repository_authenticated_user.py +++ b/actions/create_repository_authenticated_user.py @@ -5,10 +5,11 @@ 'CreateRepositoryAuthenticatedUserAction' ] + class CreateRepositoryAuthenticatedUserAction(BaseGithubAction): - def run(self, api_user, name, description, github_type, homepage, private, - has_issues, has_projects, has_wiki, team_id, auto_init, gitignore_template, - license_template, allow_squash_merge, allow_merge_commit, allow_rebase_merge, + def run(self, api_user, name, description, github_type, homepage, private, + has_issues, has_projects, has_wiki, team_id, auto_init, gitignore_template, + license_template, allow_squash_merge, allow_merge_commit, allow_rebase_merge, allow_auto_merge, delete_branch_on_merge, has_downloads, is_template, ): enterprise = self._is_enterprise(github_type) @@ -16,24 +17,24 @@ def run(self, api_user, name, description, github_type, homepage, private, if api_user: self.token = self._get_user_token(api_user, enterprise) - payload = { "name": name, - "description": description, - "homepage": homepage, - "private": private, - "has_issues": has_issues, - "has_projects": has_projects, - "has_wiki": has_wiki, - "team_id": team_id, - "auto_init": auto_init, - "gitignore_template": gitignore_template, - "license_template": license_template, - "allow_squash_merge": allow_squash_merge, - "allow_merge_commit": allow_merge_commit, - "allow_rebase_merge": allow_rebase_merge, - "allow_auto_merge": allow_auto_merge, - "delete_branch_on_merge": delete_branch_on_merge, - "has_downloads": has_downloads, - "is_template": is_template} + payload = {"name": name, + "description": description, + "homepage": homepage, + "private": private, + "has_issues": has_issues, + "has_projects": has_projects, + "has_wiki": has_wiki, + "team_id": team_id, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + "allow_squash_merge": allow_squash_merge, + "allow_merge_commit": allow_merge_commit, + "allow_rebase_merge": allow_rebase_merge, + "allow_auto_merge": allow_auto_merge, + "delete_branch_on_merge": delete_branch_on_merge, + "has_downloads": has_downloads, + "is_template": is_template} response = self._request("POST", "/user/repos", diff --git a/actions/create_repository_from_template.py b/actions/create_repository_from_template.py index c056e7d..7ebf051 100644 --- a/actions/create_repository_from_template.py +++ b/actions/create_repository_from_template.py @@ -1,15 +1,12 @@ -import time -import datetime - - from lib.base import BaseGithubAction __all__ = [ 'CreateRepositoryFromTemplateAction' ] + class CreateRepositoryFromTemplateAction(BaseGithubAction): - def run(self, api_user, github_type, template_owner,template_repo, + def run(self, api_user, github_type, template_owner, template_repo, owner, name, description, include_all_branches, private): enterprise = self._is_enterprise(github_type) @@ -17,11 +14,11 @@ def run(self, api_user, github_type, template_owner,template_repo, if api_user: self.token = self._get_user_token(api_user, enterprise) - payload = { "owner": owner, - "name": name, - "description": description, - "include_all_branches": include_all_branches, - "private": private} + payload = {"owner": owner, + "name": name, + "description": description, + "include_all_branches": include_all_branches, + "private": private} response = self._request("POST", "/repos/{}/{}/generate".format(template_owner, template_repo), diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 5469ddc..53584a9 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -29,7 +29,8 @@ def run(self, api_user, user, repository, github_type): alerts = [] while paginate: response = self._request("GET", - "/repos/{}/{}/code-scanning/alerts?state=open&per_page=20&page={}" + "/repos/{}/{}/code-scanning/alerts\ + ?state=open&per_page=20&page={}" .format(user, repository, page), None, self.token, diff --git a/actions/update_security_alert.py b/actions/update_security_alert.py index f9f49bc..875f41b 100644 --- a/actions/update_security_alert.py +++ b/actions/update_security_alert.py @@ -16,7 +16,8 @@ class UpdateSecurityAlert(BaseGithubAction): - def run(self, api_user, user, repository, github_type, alert_type, alert_number, state, dismissed_reason = None, dismissed_comment = None): + def run(self, api_user, user, repository, github_type, alert_type, + alert_number, state, dismissed_reason=None, dismissed_comment=None): enterprise = self._is_enterprise(github_type) if api_user: @@ -32,13 +33,13 @@ def run(self, api_user, user, repository, github_type, alert_type, alert_number, }) response = self._request("PATCH", - "/repos/{}/{}/{}/alerts/{}".format(user,repository,alert_type,alert_number), + "/repos/{}/{}/{}/alerts/{}".format(user, repository, alert_type, alert_number), payload, self.token, enterprise) results = { - 'alert_number' : response['number'], + 'alert_number': response['number'], 'state': response['state'], 'html_url': response['html_url'] } From 099b1a0e5e5779eb3fc731cd645b5f9f574bfdb3 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 23:02:00 +1100 Subject: [PATCH 49/61] tests need cleanup too. --- tests/github_base_action_test_case.py | 5 +---- tests/test_action_add_update_repository_environment.py | 4 ---- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/tests/github_base_action_test_case.py b/tests/github_base_action_test_case.py index f580b4c..298d762 100644 --- a/tests/github_base_action_test_case.py +++ b/tests/github_base_action_test_case.py @@ -23,9 +23,6 @@ class GitHubBaseActionTestCase(BaseActionTestCase): __test__ = False - - - def _mock_request(self, method, uri, data, *args, **kwargs): # Defaults to using old request :) return self.oldRequest(method, uri, data, *args, **kwargs) @@ -44,10 +41,10 @@ def setUp(self): self.oldRequest = BaseGithubAction._request BaseGithubAction._request = self._mock_request - def load_yaml(self, filename): return yaml.safe_load(self.get_fixture_content(filename)) + def load_json(self, filename): return json.loads(self.get_fixture_content(filename)) diff --git a/tests/test_action_add_update_repository_environment.py b/tests/test_action_add_update_repository_environment.py index c314652..ac2a20e 100644 --- a/tests/test_action_add_update_repository_environment.py +++ b/tests/test_action_add_update_repository_environment.py @@ -15,10 +15,6 @@ # from mock import MagicMock from github_base_action_test_case import GitHubBaseActionTestCase -import mock -import requests -import json - from add_update_repository_environment import AddUpdateRepositoryEnvironmentAction From 027fa0c83403639c404c4b63d46df1525b25adf4 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 23:20:30 +1100 Subject: [PATCH 50/61] updating failing tests to use Decrypt = True, as necessary now. --- tests/test_action_store_oauth_token.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/test_action_store_oauth_token.py b/tests/test_action_store_oauth_token.py index 728dd98..42a92c6 100644 --- a/tests/test_action_store_oauth_token.py +++ b/tests/test_action_store_oauth_token.py @@ -33,7 +33,7 @@ def test_run_uses_online(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat")) + action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) def test_run_uses_enterprise(self): expected = {'github_type': "enterprise"} @@ -45,7 +45,7 @@ def test_run_uses_enterprise(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_enterprise_octocat")) + action.action_service.get_value("token_enterprise_octocat", Local=False, Decrypt=True)) def test_run_token_string_whitespace_start(self): expected = {'github_type': "online"} @@ -57,7 +57,7 @@ def test_run_token_string_whitespace_start(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat")) + action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) def test_run_token_string_whitespace_end(self): expected = {'github_type': "online"} @@ -69,7 +69,7 @@ def test_run_token_string_whitespace_end(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat")) + action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) def test_run_token_string_whitespace_both(self): expected = {'github_type': "online"} @@ -81,4 +81,4 @@ def test_run_token_string_whitespace_both(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat")) + action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) From 736062fa66533b89ec980292e9580afa1df6c126 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 23:23:34 +1100 Subject: [PATCH 51/61] fixing styling. --- tests/test_action_store_oauth_token.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/test_action_store_oauth_token.py b/tests/test_action_store_oauth_token.py index 42a92c6..f223ab3 100644 --- a/tests/test_action_store_oauth_token.py +++ b/tests/test_action_store_oauth_token.py @@ -33,7 +33,8 @@ def test_run_uses_online(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) + action.action_service.get_value("token_octocat", + Local=False, Decrypt=True)) def test_run_uses_enterprise(self): expected = {'github_type': "enterprise"} @@ -45,7 +46,8 @@ def test_run_uses_enterprise(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_enterprise_octocat", Local=False, Decrypt=True)) + action.action_service.get_value("token_enterprise_octocat", + Local=False, Decrypt=True)) def test_run_token_string_whitespace_start(self): expected = {'github_type': "online"} @@ -57,7 +59,8 @@ def test_run_token_string_whitespace_start(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) + action.action_service.get_value("token_octocat", + Local=False, Decrypt=True)) def test_run_token_string_whitespace_end(self): expected = {'github_type': "online"} @@ -69,7 +72,8 @@ def test_run_token_string_whitespace_end(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) + action.action_service.get_value("token_octocat", + Local=False, Decrypt=True)) def test_run_token_string_whitespace_both(self): expected = {'github_type': "online"} @@ -81,4 +85,5 @@ def test_run_token_string_whitespace_both(self): self.assertEqual(results, expected) self.assertEqual("foo", - action.action_service.get_value("token_octocat", Local=False, Decrypt=True)) + action.action_service.get_value("token_octocat", + Local=False, Decrypt=True)) From ff917810b975425298bba84a6d48fb06652a05b0 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Thu, 9 Feb 2023 23:29:03 +1100 Subject: [PATCH 52/61] incorrect capitalization of letters. --- tests/test_action_store_oauth_token.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/test_action_store_oauth_token.py b/tests/test_action_store_oauth_token.py index f223ab3..eb622f5 100644 --- a/tests/test_action_store_oauth_token.py +++ b/tests/test_action_store_oauth_token.py @@ -34,7 +34,7 @@ def test_run_uses_online(self): self.assertEqual(results, expected) self.assertEqual("foo", action.action_service.get_value("token_octocat", - Local=False, Decrypt=True)) + local=False, decrypt=True)) def test_run_uses_enterprise(self): expected = {'github_type': "enterprise"} @@ -47,7 +47,7 @@ def test_run_uses_enterprise(self): self.assertEqual(results, expected) self.assertEqual("foo", action.action_service.get_value("token_enterprise_octocat", - Local=False, Decrypt=True)) + local=False, decrypt=True)) def test_run_token_string_whitespace_start(self): expected = {'github_type': "online"} @@ -60,7 +60,7 @@ def test_run_token_string_whitespace_start(self): self.assertEqual(results, expected) self.assertEqual("foo", action.action_service.get_value("token_octocat", - Local=False, Decrypt=True)) + local=False, decrypt=True)) def test_run_token_string_whitespace_end(self): expected = {'github_type': "online"} @@ -73,7 +73,7 @@ def test_run_token_string_whitespace_end(self): self.assertEqual(results, expected) self.assertEqual("foo", action.action_service.get_value("token_octocat", - Local=False, Decrypt=True)) + local=False, decrypt=True)) def test_run_token_string_whitespace_both(self): expected = {'github_type': "online"} @@ -86,4 +86,4 @@ def test_run_token_string_whitespace_both(self): self.assertEqual(results, expected) self.assertEqual("foo", action.action_service.get_value("token_octocat", - Local=False, Decrypt=True)) + local=False, decrypt=True)) From 2ec3edae35cea2b46ecd101f4b2fc85ad125b1e5 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Fri, 10 Feb 2023 01:09:40 +1100 Subject: [PATCH 53/61] broken string as a result of clean ups of style. --- actions/list_open_code_scanning_alerts.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 53584a9..8fbe418 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -29,8 +29,8 @@ def run(self, api_user, user, repository, github_type): alerts = [] while paginate: response = self._request("GET", - "/repos/{}/{}/code-scanning/alerts\ - ?state=open&per_page=20&page={}" + "/repos/{}/{}/code-scanning/alerts" \ + "?state=open&per_page=20&page={}" .format(user, repository, page), None, self.token, From 029e5d29f7a0c49fcec8159806d3bd00ffffeb80 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Fri, 10 Feb 2023 01:14:22 +1100 Subject: [PATCH 54/61] more corrections on split string. --- actions/add_update_repository_environment.py | 4 ++-- actions/check_team_permissions_for_repository.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/actions/add_update_repository_environment.py b/actions/add_update_repository_environment.py index b96ebce..ac73fec 100644 --- a/actions/add_update_repository_environment.py +++ b/actions/add_update_repository_environment.py @@ -33,8 +33,8 @@ def run(self, api_user, environment, del reviewer["name"] reviewer["id"] = self._get_team_id(enterprise, owner, name) elif type == "User" and name: - raise NotImplementedError("Providing reviewer of type user without \ - ID is not implemented!") + raise NotImplementedError("Providing reviewer of type user without " \ + "ID is not implemented!") payload = { "wait_timer": int(wait_timer), diff --git a/actions/check_team_permissions_for_repository.py b/actions/check_team_permissions_for_repository.py index 99c668e..7e41003 100644 --- a/actions/check_team_permissions_for_repository.py +++ b/actions/check_team_permissions_for_repository.py @@ -29,8 +29,8 @@ def run(self, api_user, org, team_slug, owner, repo, github_type): raise err except Exception as err: if str(err).find("404"): - results = {'response': "The team doesn't have access to \ - the repository or was not found"} + results = {'response': "The team doesn't have access to " \ + "the repository or was not found"} else: raise err return results From 68760a8fe9558c32a819dde843405d0f9818a13f Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Fri, 10 Feb 2023 02:04:46 +1100 Subject: [PATCH 55/61] the backslash is redundant. --- actions/add_update_repository_environment.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/add_update_repository_environment.py b/actions/add_update_repository_environment.py index ac73fec..dca0960 100644 --- a/actions/add_update_repository_environment.py +++ b/actions/add_update_repository_environment.py @@ -33,7 +33,7 @@ def run(self, api_user, environment, del reviewer["name"] reviewer["id"] = self._get_team_id(enterprise, owner, name) elif type == "User" and name: - raise NotImplementedError("Providing reviewer of type user without " \ + raise NotImplementedError("Providing reviewer of type user without " "ID is not implemented!") payload = { From 79faaed64bd62881d3f88048a973677023c26997 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Fri, 10 Feb 2023 09:51:53 +1100 Subject: [PATCH 56/61] backslash not necessary --- actions/list_open_code_scanning_alerts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 8fbe418..3c6afd7 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -29,7 +29,7 @@ def run(self, api_user, user, repository, github_type): alerts = [] while paginate: response = self._request("GET", - "/repos/{}/{}/code-scanning/alerts" \ + "/repos/{}/{}/code-scanning/alerts" "?state=open&per_page=20&page={}" .format(user, repository, page), None, From ebf0be1af5e06c4fe2a21d2d4a06d473f81b1fa1 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Fri, 10 Feb 2023 09:55:37 +1100 Subject: [PATCH 57/61] backslash redundant. --- actions/check_team_permissions_for_repository.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/check_team_permissions_for_repository.py b/actions/check_team_permissions_for_repository.py index 7e41003..efcc56b 100644 --- a/actions/check_team_permissions_for_repository.py +++ b/actions/check_team_permissions_for_repository.py @@ -29,7 +29,7 @@ def run(self, api_user, org, team_slug, owner, repo, github_type): raise err except Exception as err: if str(err).find("404"): - results = {'response': "The team doesn't have access to " \ + results = {'response': "The team doesn't have access to " "the repository or was not found"} else: raise err From e5bd3bcea341214e8c53d951bdb077535392be59 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Mon, 13 Feb 2023 19:49:20 +1100 Subject: [PATCH 58/61] it shoul dbe security_severity_level for rule_severity. --- actions/list_open_code_scanning_alerts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 3c6afd7..217625f 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -48,7 +48,7 @@ def run(self, api_user, user, repository, github_type): 'updated_at': alert['updated_at'], 'tool_name': alert['tool']['name'], 'tool_version': alert['tool']['version'], - 'rule_severity': alert['rule']['severity'], + 'rule_severity': alert['security_severity_level'], 'rule_name': alert['rule']['name'], 'rule_description': alert['rule']['description'], 'html_url': alert['html_url'] From 2782fce49b9ffde2686cabfcedf8e47c255a8e58 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Mon, 13 Feb 2023 19:51:48 +1100 Subject: [PATCH 59/61] missing 'rule' key --- actions/list_open_code_scanning_alerts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 217625f..f4327b7 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -48,7 +48,7 @@ def run(self, api_user, user, repository, github_type): 'updated_at': alert['updated_at'], 'tool_name': alert['tool']['name'], 'tool_version': alert['tool']['version'], - 'rule_severity': alert['security_severity_level'], + 'rule_severity': alert['rule']['security_severity_level'], 'rule_name': alert['rule']['name'], 'rule_description': alert['rule']['description'], 'html_url': alert['html_url'] From 01e79f22997b14df92a0350180522604887ae9f3 Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Mon, 13 Feb 2023 20:03:27 +1100 Subject: [PATCH 60/61] need a default value. If severity does not exist, list as low. --- actions/list_open_code_scanning_alerts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index f4327b7..70f90a3 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -48,7 +48,7 @@ def run(self, api_user, user, repository, github_type): 'updated_at': alert['updated_at'], 'tool_name': alert['tool']['name'], 'tool_version': alert['tool']['version'], - 'rule_severity': alert['rule']['security_severity_level'], + 'rule_severity': alert['rule'].get('security_severity_level','low'), 'rule_name': alert['rule']['name'], 'rule_description': alert['rule']['description'], 'html_url': alert['html_url'] From bbbd3b0bd2667c79eebcfc1c6480d646a70bce5d Mon Sep 17 00:00:00 2001 From: alexdoshii Date: Mon, 13 Feb 2023 20:07:02 +1100 Subject: [PATCH 61/61] missing whitespace --- actions/list_open_code_scanning_alerts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/list_open_code_scanning_alerts.py b/actions/list_open_code_scanning_alerts.py index 70f90a3..4a09044 100644 --- a/actions/list_open_code_scanning_alerts.py +++ b/actions/list_open_code_scanning_alerts.py @@ -48,7 +48,7 @@ def run(self, api_user, user, repository, github_type): 'updated_at': alert['updated_at'], 'tool_name': alert['tool']['name'], 'tool_version': alert['tool']['version'], - 'rule_severity': alert['rule'].get('security_severity_level','low'), + 'rule_severity': alert['rule'].get('security_severity_level', 'low'), 'rule_name': alert['rule']['name'], 'rule_description': alert['rule']['description'], 'html_url': alert['html_url']