Ejemplo n.º 1
0
func enforcePolicy(owner string, repo string, policyname string) error {
	policy, err := parseConfig(policyname)

	if err != nil {
		log.Error(fmt.Sprintf("Error parsing parsing policy '%s': ", policyname), err)
		return err
	}

	if policy.Forks != "" {
		if err := bbAPI.SetForks(owner, repo, policy.Forks); err != nil {
			log.Warning("Error fork policy: ", err)
			return err
		}
	}

	if policy.Private != nil {
		if err := bbAPI.SetPrivacy(owner, repo, *policy.Private); err != nil {
			log.Warning("Error setting privacy: ", err)
			return err
		}
	}

	if len(policy.DeployKeys) > 0 {
		if err := enforceDeployKeys(owner, repo, policy.DeployKeys); err != nil {
			log.Warning("Error setting deploy keys: ", err)
			return err
		}
	}

	if len(policy.PostHooks) > 0 {
		if err := enforcePOSTHooks(owner, repo, policy.PostHooks); err != nil {
			log.Warning("Error setting POST hooks: ", err)
			return err
		}
	}

	if policy.IssueTracker != nil {
		if err := bbAPI.SetIssueTracker(owner, repo, *policy.IssueTracker); err != nil {
			log.Warning("Error setting issue tracker: ", err)
			return err
		}
	}

	if err := enforceBranchManagement(owner, repo, policy.BranchManagement); err != nil {
		log.Warning("Error setting branch policies: ", err)
		return err
	}

	if err := enforceAccessManagement(owner, repo, policy.AccessManagement); err != nil {
		log.Warning("Error setting access policies: ", err)
		return err
	}

	return nil
}
Ejemplo n.º 2
0
func scanRepositories(bbUsername string) {
	var enforcementMatcher = regexp.MustCompile(`-enforce(?:=([a-zA-Z0-9]+))?`)

	var lastEtag string
	var changed bool

	for _ = range time.Tick(sleepTime) {
		var err error
		if changed, lastEtag, err = bbAPI.RepositoriesChanged(bbUsername, lastEtag); err != nil {
			log.Error(fmt.Sprintf("Error determining if repository list has changed (%s)", err))
			continue
		}

		if !changed {
			if *verbose {
				log.Info("No repository changes, sleeping.")
			}
			continue
		}

		log.Info("Repository list changed")

		repos, err := bbAPI.GetRepositories(bbUsername)

		if err != nil {
			log.Error("Error getting repository list", err)
			continue
		}

		for _, repo := range repos {
			if strings.Contains(repo.Description, "-noenforce") {
				if *verbose {
					log.Info(fmt.Sprintf("Skipping <%s> because of '-noenforce'\n", repo.FullName))
				}
				continue
			}

			if strings.Contains(repo.Description, "-enforced") {
				if *verbose {
					log.Info(fmt.Sprintf("Skipping <%s> because of '-enforced'\n", repo.FullName))
				}
				continue
			}

			matches := enforcementMatcher.FindStringSubmatch(repo.Description)

			enforcementPolicy := "default"
			if len(matches) > 0 {
				enforcementPolicy = matches[1]
			}

			log.Info(fmt.Sprintf("Enforcing repo '%s' with policy '%s'", repo.FullName, enforcementPolicy))

			parts := strings.Split(repo.FullName, "/")

			err := enforcePolicy(parts[0], parts[1], enforcementPolicy)

			if err != nil {
				log.Warning(fmt.Sprintf("Could not enforce policy '%s' on repo '%s'. Will be processed again next cycle. (%s)", enforcementPolicy, repo.FullName, err))
			} else {
				newDescription := strings.TrimSpace(fmt.Sprintf("%s\n\n-enforced", repo.Description))

				if err := bbAPI.SetDescription(parts[0], parts[1], newDescription); err != nil {
					log.Warning("Could not set description on repo '%s'. Will be processed again next cycle.", repo.FullName)
				}
			}
		}
	}
}