github

package

v0.26.0 Latest Latest Go to latest Published: Apr 17, 2024 License: Apache-2.0 Imports: 44 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift-pipelines/pipelines-as-code

Links

Open Source Insights

Documentation ¶

Index ¶

func ConfigureRepository(ctx context.Context, run *params.Run, req *http.Request, payload string, ...) (bool, bool, error)
func ListRepos(ctx context.Context, v *Provider) ([]string, error)
func ScopeTokenToListOfRepos(ctx context.Context, vcx provider.Interface, pacInfo *info.PacOpts, ...) (string, error)
type Payload
type Provider
- func New() *Provider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConfigureRepository ¶ added in v0.13.0

func ConfigureRepository(ctx context.Context, run *params.Run, req *http.Request, payload string, pacInfo *info.PacOpts, logger *zap.SugaredLogger) (bool, bool, error)

func ListRepos ¶ added in v0.17.0

func ListRepos(ctx context.Context, v *Provider) ([]string, error)

ListRepos lists all the repos for a particular token.

func ScopeTokenToListOfRepos ¶ added in v0.19.0

func ScopeTokenToListOfRepos(ctx context.Context, vcx provider.Interface, pacInfo *info.PacOpts, repo *v1alpha1.Repository, run *params.Run,
	event *info.Event, eventEmitter *events.EventEmitter, logger *zap.SugaredLogger,
) (string, error)

Types ¶

type Payload ¶ added in v0.22.5

type Payload struct {
	Installation struct {
		ID *int64 `json:"id"`
	} `json:"installation"`
}

type Provider ¶

type Provider struct {
	Client *github.Client
	Logger *zap.SugaredLogger
	Run    *params.Run

	Token, APIURL *string
	ApplicationID *int64

	RepositoryIDs []int64
	// contains filtered or unexported fields
}

func New ¶ added in v0.13.1

func New() *Provider

func (*Provider) CheckPolicyAllowing ¶ added in v0.20.0

func (v *Provider) CheckPolicyAllowing(ctx context.Context, event *info.Event, allowedTeams []string) (bool, string)

CheckPolicyAllowing check that policy is allowing the event to be processed we check the membership of the team allowed if the team is not found we explicitly disallow the policy, user have to correct the setting.

func (*Provider) CreateStatus ¶

func (v *Provider) CreateStatus(ctx context.Context, runevent *info.Event, statusOpts provider.StatusOpts) error

func (*Provider) CreateToken ¶ added in v0.19.0

func (v *Provider) CreateToken(ctx context.Context, repository []string, event *info.Event) (string, error)

func (*Provider) Detect ¶

func (v *Provider) Detect(req *http.Request, payload string, logger *zap.SugaredLogger) (bool, bool, *zap.SugaredLogger, string, error)

Detect processes event and detect if it is a github event, whether to process or reject it returns (if is a GH event, whether to process or reject, error if any occurred).

func (*Provider) GetAppIDAndPrivateKey ¶ added in v0.24.2

func (v *Provider) GetAppIDAndPrivateKey(ctx context.Context, ns string, kube kubernetes.Interface) (int64, []byte, error)

GetAppIDAndPrivateKey retrieves the GitHub application ID and private key from a secret in the specified namespace. It takes a context, namespace, and Kubernetes client as input parameters. It returns the application ID (int64), private key ([]byte), and an error if any.

func (*Provider) GetAppToken ¶ added in v0.15.0

func (v *Provider) GetAppToken(ctx context.Context, kube kubernetes.Interface, gheURL string, installationID int64, ns string) (string, error)

func (*Provider) GetCommitInfo ¶

func (v *Provider) GetCommitInfo(ctx context.Context, runevent *info.Event) error

GetCommitInfo get info (url and title) on a commit in runevent, this needs to be run after sewebhook while we already matched a token.

func (*Provider) GetConfig ¶

func (v *Provider) GetConfig() *info.ProviderConfig

func (*Provider) GetFileInsideRepo ¶

func (v *Provider) GetFileInsideRepo(ctx context.Context, runevent *info.Event, path, target string) (string, error)

GetFileInsideRepo Get a file via Github API using the runinfo information, we branch is true, the user the branch as ref instead of the SHA TODO: merge GetFileInsideRepo amd GetTektonDir.

func (*Provider) GetFiles ¶ added in v0.12.0

func (v *Provider) GetFiles(ctx context.Context, runevent *info.Event) (changedfiles.ChangedFiles, error)

GetFiles get a files from pull request.

func (*Provider) GetStringPullRequestComment ¶

func (v *Provider) GetStringPullRequestComment(ctx context.Context, runevent *info.Event, reg string) ([]*github.IssueComment, error)

GetStringPullRequestComment return the comment if we find a regexp in one of the comments text of a pull request.

func (*Provider) GetTaskURI ¶ added in v0.13.0

func (v *Provider) GetTaskURI(ctx context.Context, event *info.Event, uri string) (bool, string, error)

func (*Provider) GetTektonDir ¶

func (v *Provider) GetTektonDir(ctx context.Context, runevent *info.Event, path, provenance string) (string, error)

GetTektonDir Get all yaml files in tekton directory return as a single concated file.

func (*Provider) InitAppClient ¶

func (v *Provider) InitAppClient(ctx context.Context, kube kubernetes.Interface, event *info.Event) error

func (*Provider) IsAllowed ¶

func (v *Provider) IsAllowed(ctx context.Context, event *info.Event) (bool, error)

func (*Provider) IsAllowedOwnersFile ¶ added in v0.22.1

func (v *Provider) IsAllowedOwnersFile(ctx context.Context, event *info.Event) (bool, error)

IsAllowedOwnersFile gets the owner file from main branch and check if we have explicitly allowed the user in there.

func (*Provider) ParsePayload ¶

func (v *Provider) ParsePayload(ctx context.Context, run *params.Run, request *http.Request, payload string) (*info.Event, error)

ParsePayload will parse the payload and return the event it generate the github app token targeting the installation id this pieces of code is a bit messy because we need first getting a token to before parsing the payload.

We need to get the token at first because in some case when coming from pull request comment (or recheck from the UI) we will use that token to get information about the PR that is not part of the payload.

We then regenerate a second time the token scoped to the repo where the payload come from so we can avoid the scenario where an admin install the app on a github org which has a mixed of private and public repos and some of the public users should not have access to the private repos.

Another thing: The payload is protected by the webhook signature so it cannot be tempered but even tho if it's tempered with and somehow a malicious user found the token and set their own github endpoint to hijack and exfiltrate the token, it would fail since the jwt token generation will fail, so we are safe here. a bit too far fetched but i don't see any way we can exploit this.

func (*Provider) SetClient ¶

func (v *Provider) SetClient(ctx context.Context, run *params.Run, event *info.Event, repo *v1alpha1.Repository, eventsEmitter *events.EventEmitter) error

func (*Provider) SetLogger ¶

func (v *Provider) SetLogger(logger *zap.SugaredLogger)

func (*Provider) SetPacInfo ¶ added in v0.26.0

func (v *Provider) SetPacInfo(pacInfo *info.PacOpts)

func (*Provider) Validate ¶

func (v *Provider) Validate(_ context.Context, _ *params.Run, event *info.Event) error

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
app

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL