Skip to content

Commit

Permalink
upgrade@8325835147
Browse files Browse the repository at this point in the history
  • Loading branch information
galargh committed Mar 18, 2024
1 parent 59188b4 commit 62f2c26
Show file tree
Hide file tree
Showing 6 changed files with 103 additions and 42 deletions.
10 changes: 10 additions & 0 deletions .github/workflows/labels.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,14 @@ on:
targets:
description: 'The target repositories to sync labels to (comma-separated)'
required: true
add:
description: 'Whether to add labels to the target repositories'
required: false
default: true
remove:
description: 'Whether to remove labels from the target repositories'
required: false
default: false

defaults:
run:
Expand Down Expand Up @@ -37,3 +45,5 @@ jobs:
env:
SOURCE_REPOSITORY: ${{ github.event.inputs.source }}
TARGET_REPOSITORIES: ${{ github.event.inputs.targets }}
ADD_LABELS: ${{ github.event.inputs.add }}
REMOVE_LABELS: ${{ github.event.inputs.remove }}
67 changes: 45 additions & 22 deletions scripts/src/actions/shared/describe-access-changes.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,57 +25,70 @@ function getAccessSummaryFrom(source: State | Config): AccessSummary {
const archivedRepositories = source
.getResources(Repository)
.filter(repository => repository.archived)
.map(repository => repository.name)
.map(repository => repository.name.toLowerCase())

const usernames = new Set<string>([
...members.map(member => member.username),
...repositoryCollaborators.map(collaborator => collaborator.username)
...members.map(member => member.username.toLowerCase()),
...repositoryCollaborators.map(collaborator =>
collaborator.username.toLowerCase()
)
])

const accessSummary: AccessSummary = {}
const permissions = ['admin', 'maintain', 'push', 'triage', 'pull']

for (const username of usernames) {
const role = members.find(member => member.username === username)?.role
const role = members.find(
member => member.username.toLowerCase() === username
)?.role
const teams = teamMembers
.filter(teamMember => teamMember.username === username)
.map(teamMember => teamMember.team)
.filter(teamMember => teamMember.username.toLowerCase() === username)
.map(teamMember => teamMember.team.toLowerCase())
const repositoryCollaborator = repositoryCollaborators
.filter(
repositoryCollaborator => repositoryCollaborator.username === username
repositoryCollaborator =>
repositoryCollaborator.username.toLowerCase() === username
)
.filter(
repositoryCollaborator =>
!archivedRepositories.includes(repositoryCollaborator.repository)
!archivedRepositories.includes(
repositoryCollaborator.repository.toLowerCase()
)
)
const teamRepository = teamRepositories
.filter(teamRepository => teams.includes(teamRepository.team))
.filter(teamRepository =>
teams.includes(teamRepository.team.toLowerCase())
)
.filter(
teamRepository =>
!archivedRepositories.includes(teamRepository.repository)
!archivedRepositories.includes(
teamRepository.repository.toLowerCase()
)
)

const repositories: Record<string, {permission: string}> = {}

for (const rc of repositoryCollaborator) {
repositories[rc.repository] = repositories[rc.repository] ?? {}
const repository = rc.repository.toLowerCase()
repositories[repository] = repositories[repository] ?? {}
if (
!repositories[rc.repository].permission ||
!repositories[repository].permission ||
permissions.indexOf(rc.permission) <
permissions.indexOf(repositories[rc.repository].permission)
permissions.indexOf(repositories[repository].permission)
) {
repositories[rc.repository].permission = rc.permission
repositories[repository].permission = rc.permission
}
}

for (const tr of teamRepository) {
repositories[tr.repository] = repositories[tr.repository] ?? {}
const repository = tr.repository.toLowerCase()
repositories[repository] = repositories[repository] ?? {}
if (
!repositories[tr.repository].permission ||
!repositories[repository].permission ||
permissions.indexOf(tr.permission) <
permissions.indexOf(repositories[tr.repository].permission)
permissions.indexOf(repositories[repository].permission)
) {
repositories[tr.repository].permission = tr.permission
repositories[repository].permission = tr.permission
}
}

Expand Down Expand Up @@ -134,9 +147,17 @@ export async function describeAccessChanges(): Promise<string> {
switch (change.kind) {
case 'E':
if (path[1] === 'role') {
lines.push(
` - will have the role in the organization change from ${change.lhs} to ${change.rhs}`
)
if (change.lhs === undefined) {
lines.push(
` - will join the organization as a ${change.rhs} (remind them to accept the email invitation)`
)
} else if (change.rhs === undefined) {
lines.push(` - will leave the organization`)
} else {
lines.push(
` - will have the role in the organization change from ${change.lhs} to ${change.rhs}`
)
}
} else {
lines.push(
` - will have the permission to ${path[2]} change from ${change.lhs} to ${change.rhs}`
Expand All @@ -158,7 +179,9 @@ export async function describeAccessChanges(): Promise<string> {
}
}
} else {
lines.push(` - will gain ${change.rhs} permission to ${path[2]}`)
lines.push(
` - will gain ${change.rhs.permission} permission to ${path[2]}`
)
}
break
case 'D':
Expand Down
34 changes: 19 additions & 15 deletions scripts/src/actions/sync-labels.ts
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ async function sync() {
const targetRepos = process.env.TARGET_REPOSITORIES?.split(',')?.map(r =>
r.trim()
)
const addLabels = process.env.ADD_LABELS == 'true'
const removeLabels = process.env.REMOVE_LABELS == 'true'

if (!sourceRepo) {
throw new Error('SOURCE_REPOSITORY environment variable not set')
Expand All @@ -84,24 +86,26 @@ async function sync() {
.join(', ')}`
)

// for each label in the repo, check if it exists in js-libp2p
for (const label of targetLabels) {
if (!sourceLabels.find(l => l.name === label.name)) {
core.info(`Removing ${label.name} label from ${repo} repository`)
await removeLabel(repo, label.name)
if (removeLabels) {
for (const label of targetLabels) {
if (!sourceLabels.find(l => l.name === label.name)) {
core.info(`Removing ${label.name} label from ${repo} repository`)
await removeLabel(repo, label.name)
}
}
}

// for each label in js-libp2p, check if it exists in the repo
for (const label of sourceLabels) {
if (!targetLabels.some(l => l.name === label.name)) {
core.info(`Adding ${label.name} label to ${repo} repository`)
await addLabel(
repo,
label.name,
label.color,
label.description || undefined
)
if (addLabels) {
for (const label of sourceLabels) {
if (!targetLabels.some(l => l.name === label.name)) {
core.info(`Adding ${label.name} label to ${repo} repository`)
await addLabel(
repo,
label.name,
label.color,
label.description || undefined
)
}
}
}
}
Expand Down
22 changes: 22 additions & 0 deletions terraform/bootstrap/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 3 additions & 1 deletion terraform/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -169,11 +169,13 @@ locals {
try(config.archived, false) ? {
source = "state"
index = repository
archived = config.archived
} : {
source = "config"
index = repository
archived = config.archived
}
] : item.index => local.sources[item.source].github_repository.this[item.index]
] : item.index => merge(local.sources[item.source].github_repository.this[item.index], { archived = item.archived })
}
"github_repository_collaborator" = {
for item in flatten([
Expand Down
8 changes: 4 additions & 4 deletions terraform/resources.tf
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ resource "github_branch_protection" "this" {

pattern = each.value.pattern

repository_id = try(each.value.repository_id, github_repository.this[lower(each.value.repository)].node_id)
repository_id = lookup(each.value, "repository_id", lookup(lookup(github_repository.this, lower(lookup(each.value, "repository", "")), {}), "node_id", null))

allows_deletions = try(each.value.allows_deletions, null)
allows_force_pushes = try(each.value.allows_force_pushes, null)
Expand Down Expand Up @@ -169,7 +169,7 @@ resource "github_team_repository" "this" {
repository = each.value.repository
permission = each.value.permission

team_id = try(each.value.team_id, github_team.this[lower(each.value.team)].id)
team_id = lookup(each.value, "team_id", lookup(lookup(github_team.this, lower(lookup(each.value, "team", "")), {}), "id", null))

lifecycle {
ignore_changes = []
Expand All @@ -182,7 +182,7 @@ resource "github_team_membership" "this" {
username = each.value.username
role = each.value.role

team_id = try(each.value.team_id, github_team.this[lower(each.value.team)].id)
team_id = lookup(each.value, "team_id", lookup(lookup(github_team.this, lower(lookup(each.value, "team", "")), {}), "id", null))

lifecycle {
ignore_changes = []
Expand All @@ -197,7 +197,7 @@ resource "github_repository_file" "this" {
content = each.value.content
# Since 5.25.0 the branch attribute defaults to the default branch of the repository
# branch = try(each.value.branch, null)
branch = try(each.value.branch, github_repository.this[each.value.repository].default_branch)
branch = lookup(each.value, "branch", lookup(lookup(github_repository.this, each.value.repository, {}), "default_branch", null))
overwrite_on_create = try(each.value.overwrite_on_create, true)
# Keep the defaults from 4.x
commit_author = try(each.value.commit_author, "GitHub")
Expand Down

0 comments on commit 62f2c26

Please sign in to comment.