Merge branch 'kaessert:main' into master

fairmoney · Apr 25, 2024 · 041dcf3 · 041dcf3
2 parents 966a87c + 6179da8
commit 041dcf3
Show file tree

Hide file tree

Showing 11 changed files with 1,311 additions and 5 deletions.
diff --git a/Makefile b/Makefile
@@ -93,7 +93,8 @@ dev: $(KIND) $(KUBECTL)
 	@$(KIND) create cluster --name=$(PROJECT_NAME)-dev
 	@$(KUBECTL) cluster-info --context kind-$(PROJECT_NAME)-dev
 	@$(INFO) Installing Crossplane CRDs
-	@$(KUBECTL) apply -k https://github.com/crossplane/crossplane//cluster?ref=master
+	# https://github.com/crossplane/crossplane/issues/5336
+	@$(KUBECTL) apply --server-side -k https://github.com/crossplane/crossplane//cluster?ref=master
 	@$(INFO) Installing Provider GitHub CRDs
 	@$(KUBECTL) apply -R -f package/crds
 	@$(INFO) Starting Provider GitHub controllers

diff --git a/README.md b/README.md
@@ -20,6 +20,8 @@ implements follwing objects with partial functionality:
   * team permissions
   * webhooks
   * branch protection rules
+  * Repository rules
+    * rulesets
 * Membership
   * role
 

diff --git a/apis/organizations/v1alpha1/repository_types.go b/apis/organizations/v1alpha1/repository_types.go
@@ -34,6 +34,9 @@ type RepositoryParameters struct {
 
 	BranchProtectionRules []BranchProtectionRule `json:"branchProtectionRules,omitempty"`
 
+	// RepositoryRules are the rules for the repository
+	RepositoryRules []RepositoryRuleset `json:"repositoryRules,omitempty"`
+
 	// Creates a new repository using a repository template
 	CreateFromTemplate *TemplateRepo `json:"createFromTemplate,omitempty"`
 
@@ -292,6 +295,120 @@ type BranchProtectionRestrictions struct {
 	Apps []string `json:"apps,omitempty"`
 }
 
+// RepositoryRuleset represents the rules for a repository
+type RepositoryRuleset struct {
+	// Name is the name of the ruleset
+	Name string `json:"name"`
+	// Enforcement is the enforcement level of the ruleset, can be one of: "disabled", "active"
+	// +optional
+	Enforcement *string `json:"enforcement,omitempty"`
+	// Target is the target of the ruleset, can be one of: "branch", "tag"
+	// +optional
+	Target *string `json:"target,omitempty"`
+	// BypassActors is the list of actors that can bypass the ruleset
+	// +optional
+	BypassActors []*RulesetByPassActors `json:"bypassActors"`
+	// Conditions is the conditions for the ruleset, which branches or tags are included or excluded from the ruleset
+	// +optional
+	Conditions *RulesetConditions `json:"conditions,omitempty"`
+	// Rules is the rules for the ruleset
+	// +optional
+	Rules *Rules `json:"rules,omitempty"`
+}
+
+type RulesetByPassActors struct {
+	// ActorId is the ID of the actor
+	// +optional
+	ActorId *int64 `json:"actorId,omitempty"`
+	// ActorType is the type of the actor, can be one of: Integration, OrganizationAdmin, RepositoryRole, Team
+	// +optional
+	ActorType *string `json:"actorType,omitempty"`
+	// BypassMode is the bypass mode of the actor, can be one of: "always", "pull_request"
+	// +optional
+	BypassMode *string `json:"bypassMode,omitempty"`
+}
+
+type RulesetConditions struct {
+	RefName *RulesetRefName `json:"refName,omitempty"`
+}
+
+type RulesetRefName struct {
+	// Include is the list of branches or tags to include
+	Include []string `json:"include"`
+	// Exclude is the list of branches or tags to exclude
+	Exclude []string `json:"exclude"`
+}
+
+type Rules struct {
+	// Creation restricts the creation of matching branches or tags that are set in Conditions
+	// +optional
+	Creation *bool `json:"creation,omitempty"`
+	// Deletion restricts the deletion of matching branches or tags that are set in Conditions
+	// +optional
+	Deletion *bool `json:"deletion,omitempty"`
+	// Update restricts the update of matching branches or tags that are set in Conditions
+	// +optional
+	Update *bool `json:"update,omitempty"`
+	// RequiredLinearHistory requires a linear commit history, which prevents merge commits.
+	// +optional
+	RequiredLinearHistory *bool `json:"requiredLinearHistory,omitempty"`
+	// RequiredDeployments requires that deployment to specific environments are successful before merging.
+	// +optional
+	RequiredDeployments *RulesRequiredDeployments `json:"requiredDeployments,omitempty"`
+	// RequiredSignatures requires signed commits.
+	// +optional
+	RequiredSignatures *bool `json:"requiredSignatures,omitempty"`
+	// PullRequest is the rules for pull requests
+	// +optional
+	PullRequest *RulesPullRequest `json:"pullRequest,omitempty"`
+	// RequiredStatusChecks requires status checks to pass before merging.
+	// +optional
+	RequiredStatusChecks *RulesRequiredStatusChecks `json:"requiredStatusChecks,omitempty"`
+	// NonFastForward restricts force pushes to matching branches or tags that are set in Conditions
+	// +optional
+	NonFastForward *bool `json:"nonFastForward,omitempty"`
+}
+
+type RulesRequiredDeployments struct {
+	// Environments is the list of environments that are required to be deployed to before merging
+	// +optional
+	Environments []string `json:"environments,omitempty"`
+}
+
+type RulesPullRequest struct {
+	// DismissStaleReviewsOnPush automatically dismiss approving reviews when someone pushes a new commit.
+	// +optional
+	DismissStaleReviewsOnPush *bool `json:"dismissStaleReviewsOnPush,omitempty"`
+	// RequireCodeOwnerReview requires the pull request to be approved by a code owner.
+	// +optional
+	RequireCodeOwnerReview *bool `json:"requireCodeOwnerReview,omitempty"`
+	// RequireLastPushApproval requires the most recent push to be approved by someone other than the person who pushed it.
+	// +optional
+	RequireLastPushApproval *bool `json:"requireLastPushApproval,omitempty"`
+	// RequiredApprovingReviewCount specifies the number of reviewers required to approve pull requests.
+	// +optional
+	RequiredApprovingReviewCount *int `json:"requiredApprovingReviewCount,omitempty"`
+	// RequiredReviewThreadResolution requires all conversations on code to be resolved before a pull request can be merged.
+	// +optional
+	RequiredReviewThreadResolution *bool `json:"requiredReviewThreadResolution,omitempty"`
+}
+
+type RulesRequiredStatusChecks struct {
+	// RequiredStatusChecks is the list of status checks to require in order to merge into this branch.
+	// +optional
+	RequiredStatusChecks []*RulesRequiredStatusChecksParameters `json:"requiredStatusChecks,omitempty"`
+	// StrictRequiredStatusChecksPolicy requires branches to be up-to-date before merging.
+	// +optional
+	StrictRequiredStatusChecksPolicy *bool `json:"strictRequiredStatusChecksPolicy,omitempty"`
+}
+type RulesRequiredStatusChecksParameters struct {
+	// Context is the name of the required check.
+	Context string `json:"context"`
+	// IntegrationId is the ID of integration that must provide this check.
+	// +optional
+	IntegrationId *int64 `json:"integrationId,omitempty"`
+}
+
 // TemplateRepo represents the configuration for creating a new repository from a template.
 type TemplateRepo struct {
 	// The account owner of the template repository. The name is not case-sensitive.