Add Gitlab Plugin boilerplate code (#40713)

This PR introduces the proto and compiled proto changes required to implement an Access Graph Gitlab plugin. Part of gravitational/access-graph#635 Signed-off-by: Tiago Silva <[email protected]>
gravitational · May 2, 2024 · eb0fc07 · eb0fc07
1 parent 3c6f0b3
commit eb0fc07
Show file tree

Hide file tree

Showing 3 changed files with 1,985 additions and 1,642 deletions.
diff --git a/api/proto/teleport/legacy/types/types.proto b/api/proto/teleport/legacy/types/types.proto
@@ -5594,6 +5594,8 @@ message PluginSpecV1 {
     PluginDiscordSettings discord = 9;
     // Settings for the ServiceNow plugin
     PluginServiceNowSettings serviceNow = 10;
+    // Settings for the Gitlab plugin.
+    PluginGitlabSettings gitlab = 12;
   }
 }
 
@@ -5603,6 +5605,13 @@ message PluginSlackAccessSettings {
   string fallback_channel = 1;
 }
 
+message PluginGitlabSettings {
+  option (gogoproto.equal) = true;
+
+  // APIEndpoint is the address of Gitlab API.
+  string api_endpoint = 1;
+}
+
 message PluginOpsgenieAccessSettings {
   option (gogoproto.equal) = true;
 

diff --git a/api/types/plugin.go b/api/types/plugin.go
@@ -50,6 +50,8 @@ const (
 	PluginTypeMattermost = "mattermost"
 	// PluginTypeDiscord indicates the Discord access plugin
 	PluginTypeDiscord = "discord"
+	// PluginTypeGitlab indicates the Gitlab access plugin
+	PluginTypeGitlab = "gitlab"
 )
 
 // PluginSubkind represents the type of the plugin, e.g., access request, MDM etc.
@@ -62,6 +64,8 @@ const (
 	PluginSubkindMDM = "mdm"
 	// PluginSubkindAccess represents access request plugins collectively
 	PluginSubkindAccess = "access"
+	// PluginSubkindAccessGraph represents access graph plugins collectively
+	PluginSubkindAccessGraph = "accessgraph"
 )
 
 // Plugin represents a plugin instance
@@ -263,7 +267,18 @@ func (p *PluginV1) CheckAndSetDefaults() error {
 		if staticCreds == nil {
 			return trace.BadParameter("ServiceNow plugin must be used with the static credentials ref type")
 		}
+	case *PluginSpecV1_Gitlab:
+		if settings.Gitlab == nil {
+			return trace.BadParameter("missing Gitlab settings")
+		}
+		if err := settings.Gitlab.Validate(); err != nil {
+			return trace.Wrap(err)
+		}
 
+		staticCreds := p.Credentials.GetStaticCredentialsRef()
+		if staticCreds == nil {
+			return trace.BadParameter("Gitlab plugin must be used with the static credentials ref type")
+		}
 	default:
 		return trace.BadParameter("settings are not set or have an unknown type")
 	}
@@ -422,6 +437,8 @@ func (p *PluginV1) GetType() PluginType {
 		return PluginTypeDiscord
 	case *PluginSpecV1_ServiceNow:
 		return PluginTypeServiceNow
+	case *PluginSpecV1_Gitlab:
+		return PluginTypeGitlab
 	default:
 		return PluginTypeUnknown
 	}
@@ -575,3 +592,12 @@ func (c *PluginOAuth2AccessTokenCredentials) CheckAndSetDefaults() error {
 func (c PluginStatusV1) GetCode() PluginStatusCode {
 	return c.Code
 }
+
+// CheckAndSetDefaults checks that the required fields for the Gitlab plugin are set.
+func (c *PluginGitlabSettings) Validate() error {
+	if c.ApiEndpoint == "" {
+		return trace.BadParameter("API endpoint must be set")
+	}
+
+	return nil
+}