V2.2.0

CHANGES.md

@@ -1,5 +1,19 @@
 # Changelog
 
+## 2.2.0
+* Add new ``github.add_repository_collaborator`` action which allows user to add a collaborator to repository.
+* Add new ``github.check_user_repository_collaborator`` action which allows user to check if an user is a collaborator's repository.
+* Add new ``github.get_repository_collaborators`` action which allows user to list the collaborators of repository.
+* Add new ``github.add_update_repository_team`` action which allows user to add a team to repository.
+* Add new ``github.check_team_permissions_for_repository`` action which allows user to check if a team has access to repository.
+* Add new ``github.create_organization_repository`` action which allows user to create an organization repository.
+* Add new ``github.create_repository_authenticated_user`` action which allows user to create an user repository.
+* Add new ``github.create_repository_from_template`` action which allows user to create a repository from template.
+* Bug fix on ``github.store_oauth_token.`` to api save the token correctly so that it can be read later.
+* Segure improvement on ``github.store_oauth_token.`` to encrypt de github token in web interface.
+* Add new ``github.create_branch``, ``github.get_branch``, ``github.delete_branch`` actions which allows user to create/get/delete a branch.
+* Add token to ``github.create_file``, ``github.create_pull``, ``github.update_file``.
+
 ## 2.1.1
 
 * Bug fix (#43) where the sensor will throw an exception if no events are returned from the GitHub api.

README.md

@@ -97,16 +97,27 @@ StackStorm webhook handler.
 ## Actions
 
 * ``add_comment`` - Add comment to the provided issue / pull request.
+* ``add_repository_collaborator`` - Add a collaborator to repository.
 * ``add_status`` - Add commit status to the provided commit.
+* ``add_update_repository_team`` - Add/Update a team to repository.
+* ``create_branch`` - Create new branch.
 * ``create_file`` - Create new file.
 * ``create_issue`` - Create a new issue.
+* ``create_repository_authenticated_user`` - Create an user repository.
+* ``create_repository_from_template`` - Create a repository from template.
+* ``create_organization_repository`` - Create an organization repository.
 * ``create_pull`` - Create a new Pull Request.
+* ``check_team_permissions_for_repository`` - Check if a team has access to repository.
+* ``check_user_repository_collaborator`` - Check if an user is a collaborator's repository.
+* ``delete_branch`` - Remove branch.
 * ``delete_branch_protection`` - Remove branch protection settings.
+* ``get_branch`` - Get branch.
 * ``get_branch_protection`` - Get branch protection settings.
 * ``get_contents`` - Get repository or file contents.
 * ``get_issue`` - Retrieve information about a particular issue. Note: You
   only need to specify authentication token in the config if you use this
   action with a private repository.
+* ``get_repository_collaborators`` - List the collaborators of repository.
 * ``list_issues`` - List all the issues for a particular repo (includes pull
   requests since pull requests are just a special type of issues).
 * ``list_pulls`` - List all pull requests for a particular repo.

actions/add_repository_collaborator.py

@@ -0,0 +1,26 @@
+from lib.base import BaseGithubAction
+
+__all__ = [
+    'AddRepositoryCollaboratorAction'
+]
+
+
+class AddRepositoryCollaboratorAction(BaseGithubAction):
+    def run(self, api_user, owner, repo, username, github_type, permission):
+
+        enterprise = self._is_enterprise(github_type)
+
+        if api_user:
+            self.token = self._get_user_token(api_user, enterprise)
+
+        payload = {"permission": permission}
+
+        response = self._request("PUT",
+                        "/repos/{}/{}/collaborators/{}".format(owner, repo, username),
+                        payload,
+                        self.token,
+                        enterprise)
+
+        results = {'response': response}
+
+        return results

actions/add_repository_collaborator.yaml

@@ -0,0 +1,44 @@
+---
+name: add_repository_collaborator
+runner_type: python-script
+pack: github
+description: >
+  Add a repository collaborator.
+  Example:
+    st2 run github.add_repository_collaborator owner="organization" repo="reponame" username="collaborator" api_user="token_name"
+enabled: true
+entry_point: add_repository_collaborator.py
+parameters:
+  api_user:
+    type: "string"
+    description: "The API user"
+    default: "{{action_context.api_user|default(None)}}"
+  owner:
+    type: "string"
+    description: "The account owner of the repository. The name is not case sensitive.."
+    required: true
+  repo:
+    type: "string"
+    description: "The name of the repository. The name is not case sensitive."
+    required: true
+  username:
+    type: "string"
+    description: "The handle for the GitHub user account."
+    required: true
+  github_type:
+    type: "string"
+    description: "The type of github installation to target, if unset will use the configured default."
+    enum:
+      - "online"
+      - "enterprise"
+    default: "enterprise"
+  permission:
+    type: "string"
+    description: "The permission to grant the collaborator. Only valid on organization-owned repositories. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any."
+    enum:
+      - "pull"
+      - "push"
+      - "admin"
+      - "maintain"
+      - "triage"
+    default: "push"

actions/add_update_repository_team.py

@@ -0,0 +1,27 @@
+from lib.base import BaseGithubAction
+
+__all__ = [
+    'AddUpdateRepositoryTeamAction'
+]
+
+
+class AddUpdateRepositoryTeamAction(BaseGithubAction):
+    def run(self, api_user, org, team_slug,
+            owner, repo, github_type, permission):
+
+        enterprise = self._is_enterprise(github_type)
+
+        if api_user:
+            self.token = self._get_user_token(api_user, enterprise)
+
+        payload = {"permission": permission}
+
+        response = self._request("PUT",
+                            "/orgs/{}/teams/{}/repos/{}/{}".format(org, team_slug, owner, repo),
+                            payload,
+                            self.token,
+                            enterprise)
+
+        results = {'response': response}
+
+        return results

actions/add_update_repository_team.yaml

@@ -0,0 +1,48 @@
+---
+name: add_update_repository_team
+runner_type: python-script
+pack: github
+description: >
+  Add or update repository team.
+  Example:
+    st2 run github.add_update_repository_team  organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name"
+enabled: true
+entry_point: add_update_repository_team.py
+parameters:
+  api_user:
+    type: "string"
+    description: "The API user"
+    default: "{{action_context.api_user|default(None)}}"
+  org:
+    type: "string"
+    description: "The organization name. The name is not case sensitive."
+    required: true
+  team_slug:
+    type: "string"
+    description: "The slug of the team name."
+    required: true
+  owner:
+    type: "string"
+    description: "The account owner of the repository. The name is not case sensitive."
+    required: true
+  repo:
+    type: "string"
+    description: "The name of the repository. The name is not case sensitive."
+    required: true
+  github_type:
+    type: "string"
+    description: "The type of github installation to target, if unset will use the configured default."
+    enum:
+      - "online"
+      - "enterprise"
+    default: "enterprise"
+  permission:
+    type: "string"
+    description: "The permission to grant the team on this repository. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any. If no permission is specified, the team's permission attribute will be used to determine what permission to grant the team on this repository."
+    enum:
+      - "pull"
+      - "push"
+      - "admin"
+      - "maintain"
+      - "triage"
+    default: "push"

actions/check_team_permissions_for_repository.py

@@ -0,0 +1,35 @@
+from lib.base import BaseGithubAction
+
+__all__ = [
+    'CheckTeamPermissionsForRepository'
+]
+
+
+class CheckTeamPermissionsForRepository(BaseGithubAction):
+    def run(self, api_user, org, team_slug, owner, repo, github_type):
+
+        enterprise = self._is_enterprise(github_type)
+
+        if api_user:
+            self.token = self._get_user_token(api_user, enterprise)
+
+        try:
+            self._request("GET",
+                          "/orgs/{}/teams/{}/repos/{}/{}".format(org, team_slug, owner, repo),
+                          {},
+                          self.token,
+                          enterprise)
+
+            results = {
+                'response': "The team {} has access to the repository {}".format(team_slug, repo)
+            }
+        except OSError as err:
+            raise err
+        except ValueError as err:
+            raise err
+        except Exception as err:
+            if str(err).find("404"):
+                results = {'response': "The team don't have access to the repository or not found"}
+            else:
+                raise err
+        return results

actions/check_team_permissions_for_repository.yaml

@@ -0,0 +1,38 @@
+---
+name: check_team_permissions_for_repository
+runner_type: python-script
+pack: github
+description: >
+  Check team permissions for a repository.
+  Example:
+    st2 run github.check_team_permissions_for_repository  organization="organization" owner="owner" repo="reponame" team_slug="team_id" api_user="token_name"
+enabled: true
+entry_point: check_team_permissions_for_repository.py
+parameters:
+  api_user:
+    type: "string"
+    description: "The API user"
+    default: "{{action_context.api_user|default(None)}}"
+  org:
+    type: "string"
+    description: "The organization name. The name is not case sensitive."
+    required: true
+  team_slug:
+    type: "string"
+    description: "The slug of the team name."
+    required: true
+  owner:
+    type: "string"
+    description: "The account owner of the repository. The name is not case sensitive."
+    required: true
+  repo:
+    type: "string"
+    description: "The name of the repository. The name is not case sensitive."
+    required: true
+  github_type:
+    type: "string"
+    description: "The type of github installation to target, if unset will use the configured default."
+    enum:
+      - "online"
+      - "enterprise"
+    default: "enterprise"

actions/check_user_repository_collaborator.py

@@ -0,0 +1,32 @@
+from lib.base import BaseGithubAction
+
+__all__ = [
+    'CheckIfUserIsRepositoryCollaborator'
+]
+
+
+class CheckIfUserIsRepositoryCollaborator(BaseGithubAction):
+    def run(self, api_user, owner, repo, username, github_type):
+
+        enterprise = self._is_enterprise(github_type)
+
+        if api_user:
+            self.token = self._get_user_token(api_user, enterprise)
+
+        try:
+            self._request("GET",
+                          "/repos/{}/{}/collaborators/{}".format(owner, repo, username),
+                          {},
+                          self.token,
+                          enterprise)
+            results = {'response': "The user {} is a Collaborator".format(username)}
+        except OSError as err:
+            raise err
+        except ValueError as err:
+            raise err
+        except Exception as err:
+            if str(err).find("404"):
+                results = {'response': "is not a Collaborator or not found"}
+            else:
+                raise err
+        return results

actions/check_user_repository_collaborator.yaml

@@ -0,0 +1,34 @@
+---
+name: check_user_repository_collaborator
+runner_type: python-script
+pack: github
+description: >
+  Check if a user is a repository collaborator.
+  Example:
+    st2 run github.check_user_repository_collaborator owner="organization" repo="reponame" username="collaborator" api_user="token_name"
+enabled: true
+entry_point: check_user_repository_collaborator.py
+parameters:
+  api_user:
+    type: "string"
+    description: "The API user"
+    default: "{{action_context.api_user|default(None)}}"
+  owner:
+    type: "string"
+    description: "The account owner of the repository. The name is not case sensitive."
+    required: true
+  repo:
+    type: "string"
+    description: "The name of the repository. The name is not case sensitive."
+    required: true
+  username:
+    type: "string"
+    description: "The handle for the GitHub user account."
+    required: true
+  github_type:
+    type: "string"
+    description: "The type of github installation to target, if unset will use the configured default."
+    enum:
+      - "online"
+      - "enterprise"
+    default: "enterprise"

actions/create_branch.py

@@ -0,0 +1,35 @@
+from lib.base import BaseGithubAction
+
+__all__ = [
+    'CreateBranchAction'
+]
+
+
+class CreateBranchAction(BaseGithubAction):
+    def run(self, api_user, new_branch, origin_ref, repository, github_type):
+
+        enterprise = self._is_enterprise(github_type)
+
+        if api_user:
+            self.token = self._get_user_token(api_user, enterprise)
+
+        # First, we have to get the sha1 for the given origin ref
+        response = self._request("GET", f"/repos/{repository}/git/ref/{origin_ref}",
+                                 {},
+                                 self.token,
+                                 enterprise)
+
+        if not response or not response['object']['sha']:
+            raise Exception(f"Could not get ref [{origin_ref}]. Response: {response}")
+
+        # Then, we create the branch based on the origin ref
+        payload = {"ref": f"refs/heads/{new_branch}",
+                "sha": response['object']['sha']}
+
+        response = self._request("POST",
+                                 f"/repos/{repository}/git/refs",
+                                 payload,
+                                 self.token,
+                                 enterprise)
+
+        return {'response': response}