✨ 受保护的分支 API：保护仓库分支

2024-01-16 14:29:02 +08:00 · 2024-01-16 14:29:02 +08:00 · 2143aa297a
parent 6720210458
commit 2143aa297a
5 changed files with 360 additions and 50 deletions
--- a/README.md
+++ b/README.md
@ -566,18 +566,52 @@ COPYRIGHT:
    
    COMMANDS:
       list     列出受保护的分支
+       protect  保护仓库分支
       help, h  Shows a list of commands or help for one command
    
    OPTIONS:
-       --base-url value  实例地址，例如：https://gitlab.xuxiaowei.com.cn/api/v4 (default: "https://gitlab.com/api/v4") [%CI_API_V4_URL%]
-       --token value     your_access_token
-       --id value        项目 ID 或 URL 编码的路径
-       --search value    要搜索的受保护分支的名称或部分名称
-       --page value      页码（默认：1），中文文档 https://docs.gitlab.cn/jh/api/rest/index.html#pagination (default: 1)
-       --per-page value  每页列出的项目数（默认：20；最大：100），中文文档 https://docs.gitlab.cn/jh/api/rest/index.html#pagination (default: 20)
-       --print-json      打印 JSON (default: false)
-       --print-time      打印时间 (default: false)
-       --help, -h        show help
+       --base-url value                实例地址，例如：https://gitlab.xuxiaowei.com.cn/api/v4 (default: "https://gitlab.com/api/v4") [%CI_API_V4_URL%]
+       --token value                   your_access_token
+       --id value                      项目 ID 或 URL 编码的路径
+       --search value                  要搜索的受保护分支的名称或部分名称
+       --name value                    分支或通配符的名称
+       --push-access-level value       允许推送的访问级别（默认值：40，维护者角色），合法值：
+                                       0：NoPermissions
+                                       5：MinimalAccessPermissions
+                                       10：GuestPermissions
+                                       20：ReporterPermissions
+                                       30：DeveloperPermissions
+                                       40：MaintainerPermissions
+                                       50：OwnerPermissions
+                                       60：AdminPermissions
+                                        (default: 40)
+       --merge-access-level value      允许合并的访问级别（默认值：40，维护者角色），合法值：
+                                       0：NoPermissions
+                                       5：MinimalAccessPermissions
+                                       10：GuestPermissions
+                                       20：ReporterPermissions
+                                       30：DeveloperPermissions
+                                       40：MaintainerPermissions
+                                       50：OwnerPermissions
+                                       60：AdminPermissions
+                                        (default: 40)
+       --unprotect-access-level value  允许取消保护的访问级别（默认值：40，维护者角色），合法值：
+                                       0：NoPermissions
+                                       5：MinimalAccessPermissions
+                                       10：GuestPermissions
+                                       20：ReporterPermissions
+                                       30：DeveloperPermissions
+                                       40：MaintainerPermissions
+                                       50：OwnerPermissions
+                                       60：AdminPermissions
+                                        (default: 40)
+       --allow-force-push              启用后，可以推送到该分支的成员也可以强制推送 (default: false)
+       --code-owner-approval-required  如果分支在 CODEOWNERS https://docs.gitlab.cn/jh/user/project/codeowners/index.html 文件中，则阻止推送到此分支。（默认值：false） (default: false)
+       --page value                    页码（默认：1），中文文档 https://docs.gitlab.cn/jh/api/rest/index.html#pagination (default: 1)
+       --per-page value                每页列出的项目数（默认：20；最大：100），中文文档 https://docs.gitlab.cn/jh/api/rest/index.html#pagination (default: 20)
+       --print-json                    打印 JSON (default: false)
+       --print-time                    打印时间 (default: false)
+       --help, -h                      show help
    ```

 - mix-archive 归档（混合命令，多接口命令）
--- a/constant/common.go
+++ b/constant/common.go
@ -1,45 +1,51 @@
 package constant

 const (
-	Token                    = "token"
-	BaseUrl                  = "base-url"
-	BaseUrlDefault           = "https://gitlab.com/api/v4"
-	Id                       = "id"
-	JobIdRange               = "job-id-range"
-	IIdRange                 = "iid-range"
-	Repository               = "repository"
-	TagName                  = "tag-name"
-	JobId                    = "job-id"
-	ArtifactsName            = "artifacts-name"
-	Sort                     = "sort"
-	SortDefault              = "desc"
-	Page                     = "page"
-	PerPage                  = "per-page"
-	PrintJson                = "print-json"
-	PrintJsonDefault         = false
-	PrintTime                = "print-time"
-	PrintTimeDefault         = false
-	Scope                    = "scope"
-	IssueId                  = "issue-id"
-	IssueIdRange             = "issue-id-range"
-	Recursion                = "recursion"
-	Owned                    = "owned"
-	NamespaceSource          = "namespace-source"
-	NamespaceTarget          = "namespace-target"
-	ExportFolder             = "export-folder"
-	SkipProjectPath          = "skip-project-path"
-	SkipProjectWikiPath      = "skip-project-wiki-path"
-	AutoSkipExistFolder      = "auto-skip-exist-folder"
-	AllowFailure             = "allow-failure"
-	EnvName                  = "name"
-	EnvExternalUrl           = "external-url"
-	EnvTier                  = "tier"
-	VariableKey              = "key"
-	VariableValue            = "value"
-	VariableType             = "variable-type"
-	VariableProtected        = "protected"
-	VariableMasked           = "masked"
-	VariableRaw              = "raw"
-	VariableEnvironmentScope = "environment-scope"
-	ProtectedBranchesSearch  = "search"
+	Token                     = "token"
+	BaseUrl                   = "base-url"
+	BaseUrlDefault            = "https://gitlab.com/api/v4"
+	Id                        = "id"
+	JobIdRange                = "job-id-range"
+	IIdRange                  = "iid-range"
+	Repository                = "repository"
+	TagName                   = "tag-name"
+	JobId                     = "job-id"
+	ArtifactsName             = "artifacts-name"
+	Sort                      = "sort"
+	SortDefault               = "desc"
+	Page                      = "page"
+	PerPage                   = "per-page"
+	PrintJson                 = "print-json"
+	PrintJsonDefault          = false
+	PrintTime                 = "print-time"
+	PrintTimeDefault          = false
+	Scope                     = "scope"
+	IssueId                   = "issue-id"
+	IssueIdRange              = "issue-id-range"
+	Recursion                 = "recursion"
+	Owned                     = "owned"
+	NamespaceSource           = "namespace-source"
+	NamespaceTarget           = "namespace-target"
+	ExportFolder              = "export-folder"
+	SkipProjectPath           = "skip-project-path"
+	SkipProjectWikiPath       = "skip-project-wiki-path"
+	AutoSkipExistFolder       = "auto-skip-exist-folder"
+	AllowFailure              = "allow-failure"
+	EnvName                   = "name"
+	EnvExternalUrl            = "external-url"
+	EnvTier                   = "tier"
+	VariableKey               = "key"
+	VariableValue             = "value"
+	VariableType              = "variable-type"
+	VariableProtected         = "protected"
+	VariableMasked            = "masked"
+	VariableRaw               = "raw"
+	VariableEnvironmentScope  = "environment-scope"
+	ProtectedBranchesSearch   = "search"
+	BranchName                = "name"
+	PushAccessLevel           = "push-access-level"
+	MergeAccessLevel          = "merge-access-level"
+	UnprotectAccessLevel      = "unprotect-access-level"
+	AllowForcePush            = "allow-force-push"
+	CodeOwnerApprovalRequired = "code-owner-approval-required"
 )
--- a/flag/flag.go
+++ b/flag/flag.go
@ -334,3 +334,75 @@ func ProtectedBranchesSearch() cli.Flag {
 		Usage: "要搜索的受保护分支的名称或部分名称",
 	}
 }
+
+func BranchName(required bool) cli.Flag {
+	return &cli.StringFlag{
+		Name:     constant.BranchName,
+		Usage:    "分支或通配符的名称",
+		Required: required,
+	}
+}
+
+func PushAccessLevel() cli.Flag {
+	return &cli.IntFlag{
+		Name: constant.PushAccessLevel,
+		Usage: "允许推送的访问级别（默认值：40，维护者角色），合法值：\n\t" +
+			"0：NoPermissions\n\t" +
+			"5：MinimalAccessPermissions\n\t" +
+			"10：GuestPermissions\n\t" +
+			"20：ReporterPermissions\n\t" +
+			"30：DeveloperPermissions\n\t" +
+			"40：MaintainerPermissions\n\t" +
+			"50：OwnerPermissions\n\t" +
+			"60：AdminPermissions\n\t",
+		Value: 40,
+	}
+}
+
+func MergeAccessLevel() cli.Flag {
+	return &cli.IntFlag{
+		Name: constant.MergeAccessLevel,
+		Usage: "允许合并的访问级别（默认值：40，维护者角色），合法值：\n\t" +
+			"0：NoPermissions\n\t" +
+			"5：MinimalAccessPermissions\n\t" +
+			"10：GuestPermissions\n\t" +
+			"20：ReporterPermissions\n\t" +
+			"30：DeveloperPermissions\n\t" +
+			"40：MaintainerPermissions\n\t" +
+			"50：OwnerPermissions\n\t" +
+			"60：AdminPermissions\n\t",
+		Value: 40,
+	}
+}
+
+func UnprotectAccessLevel() cli.Flag {
+	return &cli.IntFlag{
+		Name: constant.UnprotectAccessLevel,
+		Usage: "允许取消保护的访问级别（默认值：40，维护者角色），合法值：\n\t" +
+			"0：NoPermissions\n\t" +
+			"5：MinimalAccessPermissions\n\t" +
+			"10：GuestPermissions\n\t" +
+			"20：ReporterPermissions\n\t" +
+			"30：DeveloperPermissions\n\t" +
+			"40：MaintainerPermissions\n\t" +
+			"50：OwnerPermissions\n\t" +
+			"60：AdminPermissions\n\t",
+		Value: 40,
+	}
+}
+
+func AllowForcePush() cli.Flag {
+	return &cli.BoolFlag{
+		Name:  constant.AllowForcePush,
+		Usage: "启用后，可以推送到该分支的成员也可以强制推送",
+		Value: false,
+	}
+}
+
+func CodeOwnerApprovalRequired() cli.Flag {
+	return &cli.BoolFlag{
+		Name:  constant.CodeOwnerApprovalRequired,
+		Usage: "如果分支在 CODEOWNERS https://docs.gitlab.cn/jh/user/project/codeowners/index.html 文件中，则阻止推送到此分支。（默认值：false）",
+		Value: false,
+	}
+}
--- a/protected_branches/protect.go
+++ b/protected_branches/protect.go
@ -0,0 +1,195 @@
+package protected_branches
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/urfave/cli/v2"
+	"github.com/xanzy/go-gitlab"
+	"github.com/xuxiaowei-com-cn/gitlab-go/constant"
+	"github.com/xuxiaowei-com-cn/gitlab-go/flag"
+	"log"
+)
+
+// Protect 保护仓库分支 https://docs.gitlab.cn/jh/api/protected_branches.html#%E4%BF%9D%E6%8A%A4%E4%BB%93%E5%BA%93%E5%88%86%E6%94%AF
+func Protect() *cli.Command {
+	return &cli.Command{
+		Name:  "protect",
+		Usage: "保护仓库分支",
+		Flags: append(flag.CommonTokenRequired(), flag.Id(true),
+			flag.BranchName(true), flag.PushAccessLevel(), flag.MergeAccessLevel(),
+			flag.UnprotectAccessLevel(), flag.AllowForcePush(), flag.CodeOwnerApprovalRequired(),
+			flag.PrintJson(), flag.PrintTime()),
+		Action: func(context *cli.Context) error {
+			var baseUrl = context.String(constant.BaseUrl)
+			var token = context.String(constant.Token)
+			var id = context.String(constant.Id)
+
+			var name = context.String(constant.BranchName)
+			var pushAccessLevel = context.Int(constant.PushAccessLevel)
+			var mergeAccessLevel = context.Int(constant.MergeAccessLevel)
+			var unprotectAccessLevel = context.Int(constant.UnprotectAccessLevel)
+			var allowForcePush = context.Bool(constant.AllowForcePush)
+			var codeOwnerApprovalRequired = context.Bool(constant.CodeOwnerApprovalRequired)
+
+			var printJson = context.Bool(constant.PrintJson)
+			var printTime = context.Bool(constant.PrintTime)
+
+			return ProtectRepositoryBranches(baseUrl, token, id, name,
+				pushAccessLevel, mergeAccessLevel, unprotectAccessLevel, allowForcePush, codeOwnerApprovalRequired,
+				printJson, printTime, false)
+		},
+	}
+}
+
+func ProtectRepositoryBranches(baseUrl string, token string, id interface{}, name string,
+	pushAccessLevel int, mergeAccessLevel int, unprotectAccessLevel int, allowForcePush bool, codeOwnerApprovalRequired bool,
+	printJson bool, printTime bool, allowFailure bool) error {
+	gitClient, err := gitlab.NewClient(token, gitlab.WithBaseURL(baseUrl))
+	if err != nil {
+		return err
+	}
+
+	var pushAccessLevelValue gitlab.AccessLevelValue
+	switch pushAccessLevel {
+	case 0, 5, 10, 20, 30, 40, 50, 60:
+		pushAccessLevelValue = gitlab.AccessLevelValue(pushAccessLevel)
+	default:
+		return errors.New(fmt.Sprintf("pushAccessLevel：%d 不合法", pushAccessLevel))
+	}
+
+	var mergeAccessLevelValue gitlab.AccessLevelValue
+	switch mergeAccessLevel {
+	case 0, 5, 10, 20, 30, 40, 50, 60:
+		mergeAccessLevelValue = gitlab.AccessLevelValue(mergeAccessLevel)
+	default:
+		return errors.New(fmt.Sprintf("mergeAccessLevel：%d 不合法", mergeAccessLevel))
+	}
+
+	var unprotectAccessLevelValue gitlab.AccessLevelValue
+	switch unprotectAccessLevel {
+	case 0, 5, 10, 20, 30, 40, 50, 60:
+		unprotectAccessLevelValue = gitlab.AccessLevelValue(unprotectAccessLevel)
+	default:
+		return errors.New(fmt.Sprintf("unprotectAccessLevel：%d 不合法", unprotectAccessLevel))
+	}
+
+	opt := &gitlab.ProtectRepositoryBranchesOptions{
+		Name:                 &name,
+		PushAccessLevel:      &pushAccessLevelValue,
+		MergeAccessLevel:     &mergeAccessLevelValue,
+		UnprotectAccessLevel: &unprotectAccessLevelValue,
+		AllowForcePush:       &allowForcePush,
+		//AllowedToPush:             &allowedToPush,
+		//AllowedToMerge:            &allowedToMerge,
+		//AllowedToUnprotect:        &allowedToUnprotect,
+		CodeOwnerApprovalRequired: &codeOwnerApprovalRequired,
+	}
+
+	protectedBranch, response, err := gitClient.ProtectedBranches.ProtectRepositoryBranches(id, opt)
+	if err != nil {
+		if allowFailure {
+			return nil
+		}
+		return err
+	}
+	log.Printf("Response StatusCode: %d\n", response.Response.StatusCode)
+
+	fmt.Println("")
+
+	if printJson {
+		if printTime {
+			jsonData, err := json.Marshal(protectedBranch)
+			if err != nil {
+				panic(err)
+			}
+
+			log.Printf("\n%s\n", string(jsonData))
+			fmt.Println("")
+
+		} else {
+			jsonData, err := json.Marshal(protectedBranch)
+			if err != nil {
+				panic(err)
+			}
+
+			fmt.Printf("%s\n", string(jsonData))
+			fmt.Println("")
+
+		}
+	} else {
+		if printTime {
+			log.Printf("ID: %d\n", protectedBranch.ID)
+			log.Printf("Name: %s\n", protectedBranch.Name)
+			log.Printf("AllowForcePush: %t\n", protectedBranch.AllowForcePush)
+			log.Printf("CodeOwnerApprovalRequired: %t\n", protectedBranch.CodeOwnerApprovalRequired)
+
+			log.Printf("PushAccessLevels: \n")
+			for index, branchAccessDescription := range protectedBranch.PushAccessLevels {
+				log.Printf("PushAccessLevels[%d] ID: %d\n", index, branchAccessDescription.ID)
+				log.Printf("PushAccessLevels[%d] AccessLevel: %d\n", index, branchAccessDescription.AccessLevel)
+				log.Printf("PushAccessLevels[%d] AccessLevelDescription: %s\n", index, branchAccessDescription.AccessLevelDescription)
+				log.Printf("PushAccessLevels[%d] UserID: %d\n", index, branchAccessDescription.UserID)
+				log.Printf("PushAccessLevels[%d] GroupID: %d\n", index, branchAccessDescription.GroupID)
+			}
+
+			log.Printf("MergeAccessLevels: \n")
+			for index, branchAccessDescription := range protectedBranch.MergeAccessLevels {
+				log.Printf("MergeAccessLevels[%d] ID: %d\n", index, branchAccessDescription.ID)
+				log.Printf("MergeAccessLevels[%d] AccessLevel: %d\n", index, branchAccessDescription.AccessLevel)
+				log.Printf("MergeAccessLevels[%d] AccessLevelDescription: %s\n", index, branchAccessDescription.AccessLevelDescription)
+				log.Printf("MergeAccessLevels[%d] UserID: %d\n", index, branchAccessDescription.UserID)
+				log.Printf("MergeAccessLevels[%d] GroupID: %d\n", index, branchAccessDescription.GroupID)
+			}
+
+			log.Printf("UnprotectAccessLevels: \n")
+			for index, branchAccessDescription := range protectedBranch.UnprotectAccessLevels {
+				log.Printf("UnprotectAccessLevels[%d] ID: %d\n", index, branchAccessDescription.ID)
+				log.Printf("UnprotectAccessLevels[%d] AccessLevel: %d\n", index, branchAccessDescription.AccessLevel)
+				log.Printf("UnprotectAccessLevels[%d] AccessLevelDescription: %s\n", index, branchAccessDescription.AccessLevelDescription)
+				log.Printf("UnprotectAccessLevels[%d] UserID: %d\n", index, branchAccessDescription.UserID)
+				log.Printf("UnprotectAccessLevels[%d] GroupID: %d\n", index, branchAccessDescription.GroupID)
+			}
+
+			fmt.Println("")
+
+		} else {
+			fmt.Printf("ID: %d\n", protectedBranch.ID)
+			fmt.Printf("Name: %s\n", protectedBranch.Name)
+			fmt.Printf("AllowForcePush: %t\n", protectedBranch.AllowForcePush)
+			fmt.Printf("CodeOwnerApprovalRequired: %t\n", protectedBranch.CodeOwnerApprovalRequired)
+
+			fmt.Printf("PushAccessLevels: \n")
+			for index, branchAccessDescription := range protectedBranch.PushAccessLevels {
+				fmt.Printf("PushAccessLevels[%d] ID: %d\n", index, branchAccessDescription.ID)
+				fmt.Printf("PushAccessLevels[%d] AccessLevel: %d\n", index, branchAccessDescription.AccessLevel)
+				fmt.Printf("PushAccessLevels[%d] AccessLevelDescription: %s\n", index, branchAccessDescription.AccessLevelDescription)
+				fmt.Printf("PushAccessLevels[%d] UserID: %d\n", index, branchAccessDescription.UserID)
+				fmt.Printf("PushAccessLevels[%d] GroupID: %d\n", index, branchAccessDescription.GroupID)
+			}
+
+			fmt.Printf("MergeAccessLevels: \n")
+			for index, branchAccessDescription := range protectedBranch.MergeAccessLevels {
+				fmt.Printf("MergeAccessLevels[%d] ID: %d\n", index, branchAccessDescription.ID)
+				fmt.Printf("MergeAccessLevels[%d] AccessLevel: %d\n", index, branchAccessDescription.AccessLevel)
+				fmt.Printf("MergeAccessLevels[%d] AccessLevelDescription: %s\n", index, branchAccessDescription.AccessLevelDescription)
+				fmt.Printf("MergeAccessLevels[%d] UserID: %d\n", index, branchAccessDescription.UserID)
+				fmt.Printf("MergeAccessLevels[%d] GroupID: %d\n", index, branchAccessDescription.GroupID)
+			}
+
+			fmt.Printf("UnprotectAccessLevels: \n")
+			for index, branchAccessDescription := range protectedBranch.UnprotectAccessLevels {
+				fmt.Printf("UnprotectAccessLevels[%d] ID: %d\n", index, branchAccessDescription.ID)
+				fmt.Printf("UnprotectAccessLevels[%d] AccessLevel: %d\n", index, branchAccessDescription.AccessLevel)
+				fmt.Printf("UnprotectAccessLevels[%d] AccessLevelDescription: %s\n", index, branchAccessDescription.AccessLevelDescription)
+				fmt.Printf("UnprotectAccessLevels[%d] UserID: %d\n", index, branchAccessDescription.UserID)
+				fmt.Printf("UnprotectAccessLevels[%d] GroupID: %d\n", index, branchAccessDescription.GroupID)
+			}
+
+			fmt.Println("")
+
+		}
+	}
+
+	return nil
+}
--- a/protected_branches/protected_branches.go
+++ b/protected_branches/protected_branches.go
@ -12,9 +12,12 @@ func ProtectedBranches() *cli.Command {
 		Aliases: []string{"pb"},
 		Usage:   "受保护的分支 API，中文文档：https://docs.gitlab.cn/jh/api/protected_branches.html",
 		Flags: append(flag.Common(), flag.Id(false), flag.ProtectedBranchesSearch(),
+			flag.BranchName(false), flag.PushAccessLevel(), flag.MergeAccessLevel(),
+			flag.UnprotectAccessLevel(), flag.AllowForcePush(), flag.CodeOwnerApprovalRequired(),
 			flag.Page(), flag.PerPage(), flag.PrintJson(), flag.PrintTime()),
 		Subcommands: []*cli.Command{
 			List(),
+			Protect(),
 		},
 	}
 }