opensource/flux2
1
0
Fork 0
mirror of https://github.com/fluxcd/flux2.git synced 2025-11-02 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Allow users to define team roles

Browse Source 
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
This commit is contained in:
Somtochi Onyekwere
2021-09-27 14:31:34 +01:00
parent 2eddcde609
commit a096bd2d71
3 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/flux/bootstrap.go
View File

@ -20,6 +20,7 @@ import (
"crypto/elliptic" "crypto/elliptic"
"fmt" "fmt"
"os" "os"
"strings"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -174,6 +175,10 @@ func mapTeamSlice(s []string, defaultPermission string) map[string]string {
m := make(map[string]string, len(s)) m := make(map[string]string, len(s))
for _, v := range s { for _, v := range s {
m[v] = defaultPermission m[v] = defaultPermission
if s := strings.Split(v, ":"); len(s) == 2 {
m[s[0]] = s[1]
}
} }
return m return m
} }

5
cmd/flux/bootstrap_github.go
View File

@ -52,6 +52,9 @@ the bootstrap command will perform an upgrade if needed.`,
# Run bootstrap for a private repository and assign organization teams to it # Run bootstrap for a private repository and assign organization teams to it
flux bootstrap github --owner=<organization> --repository=<repository name> --team=<team1 slug> --team=<team2 slug> flux bootstrap github --owner=<organization> --repository=<repository name> --team=<team1 slug> --team=<team2 slug>
# Run bootstrap for a private repository and assign organization teams with their access level(e.g maintain, admin) to it
flux bootstrap github --owner=<organization> --repository=<repository name> --team=<team1 slug>:<access-level>
# Run bootstrap for a repository path # Run bootstrap for a repository path
flux bootstrap github --owner=<organization> --repository=<repository name> --path=dev-cluster flux bootstrap github --owner=<organization> --repository=<repository name> --path=dev-cluster
@ -93,7 +96,7 @@ var githubArgs githubFlags
func init() { func init() {
bootstrapGitHubCmd.Flags().StringVar(&githubArgs.owner, "owner", "", "GitHub user or organization name") bootstrapGitHubCmd.Flags().StringVar(&githubArgs.owner, "owner", "", "GitHub user or organization name")
bootstrapGitHubCmd.Flags().StringVar(&githubArgs.repository, "repository", "", "GitHub repository name") bootstrapGitHubCmd.Flags().StringVar(&githubArgs.repository, "repository", "", "GitHub repository name")
bootstrapGitHubCmd.Flags().StringSliceVar(&githubArgs.teams, "team", []string{}, "GitHub team to be given maintainer access (also accepts comma-separated values)") bootstrapGitHubCmd.Flags().StringSliceVar(&githubArgs.teams, "team", []string{}, "GitHub team and the access to be given to it(team:maintain). Defaults to maintainer access if no access level is specified (also accepts comma-separated values)")
bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.personal, "personal", false, "if true, the owner is assumed to be a GitHub user; otherwise an org") bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.personal, "personal", false, "if true, the owner is assumed to be a GitHub user; otherwise an org")
bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.private, "private", true, "if true, the repository is setup or configured as private") bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.private, "private", true, "if true, the repository is setup or configured as private")
bootstrapGitHubCmd.Flags().DurationVar(&githubArgs.interval, "interval", time.Minute, "sync interval") bootstrapGitHubCmd.Flags().DurationVar(&githubArgs.interval, "interval", time.Minute, "sync interval")

4
internal/bootstrap/bootstrap_provider.go
View File

@ -318,6 +318,10 @@ func (b *GitProviderBootstrapper) reconcileOrgRepository(ctx context.Context) (g
b.logger.Actionf("reconciling repository permissions") b.logger.Actionf("reconciling repository permissions")
for _, i := range teamAccessInfo { for _, i := range teamAccessInfo {
var err error var err error
// Don't reconcile team if team already exists and b.reconcile is false
if team, err := repo.TeamAccess().Get(ctx, i.Name); err == nil && !b.reconcile && team != nil {
continue
}
_, changed, err = repo.TeamAccess().Reconcile(ctx, i) _, changed, err = repo.TeamAccess().Reconcile(ctx, i)
if err != nil { if err != nil {
warning = fmt.Errorf("failed to grant permissions to team: %w", ErrReconciledWithWarning) warning = fmt.Errorf("failed to grant permissions to team: %w", ErrReconciledWithWarning)