Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add enterprise actions permissions endpoints and reorg files #2920

Merged
merged 22 commits into from
Sep 29, 2023
Merged
Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
f1c331c
Add enterprise allowed actions
algorythmic Oct 25, 2022
5319263
Add enterprise actions permissions
algorythmic Oct 25, 2022
437c925
Add enterprise action permissions for orgs
algorythmic Oct 25, 2022
3eb4312
Move actions permissions out of action_runners.go
algorythmic Oct 25, 2022
7f8e2af
Update copyright
algorythmic Oct 25, 2022
c55315a
Update copyright
algorythmic Oct 25, 2022
e9b5264
Update copyright
algorythmic Oct 25, 2022
c2cd862
Update copyright
algorythmic Oct 25, 2022
33e666c
fixed tests with enterprise action permission endpoints
RickleAndMortimer Sep 14, 2023
1da39d7
formatting
RickleAndMortimer Sep 14, 2023
54e213a
reorganized urls for enterprise and orgs endpoints for action permiss…
RickleAndMortimer Sep 25, 2023
db1d21b
readded allowed permissions tests and copyright
RickleAndMortimer Sep 26, 2023
b64b8b8
linting
RickleAndMortimer Sep 26, 2023
dde3ba2
renaming to match original names prior to the PR
RickleAndMortimer Sep 26, 2023
18b5850
readded old orgs_actions_permissions as deprecated code
RickleAndMortimer Sep 26, 2023
055da67
file typo
RickleAndMortimer Sep 26, 2023
c9ce020
remove incorrectly named file
RickleAndMortimer Sep 26, 2023
324285e
readded org_actions tests
RickleAndMortimer Sep 26, 2023
b2f9d6c
Update github/orgs_actions_allowed.go
gmlewis Sep 29, 2023
11a21aa
Update github/orgs_actions_allowed.go
gmlewis Sep 29, 2023
ea8a460
Update github/orgs_actions_permissions.go
gmlewis Sep 29, 2023
0d02f81
Update github/orgs_actions_permissions.go
gmlewis Sep 29, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
89 changes: 0 additions & 89 deletions github/actions_runners.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,6 @@ type RunnerApplicationDownload struct {
SHA256Checksum *string `json:"sha256_checksum,omitempty"`
}

// ActionsEnabledOnOrgRepos represents all the repositories in an organization for which Actions is enabled.
type ActionsEnabledOnOrgRepos struct {
TotalCount int `json:"total_count"`
Repositories []*Repository `json:"repositories"`
}

// ListRunnerApplicationDownloads lists self-hosted runner application binaries that can be downloaded and run.
//
// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-runner-applications-for-a-repository
Expand Down Expand Up @@ -295,89 +289,6 @@ func (s *ActionsService) ListOrganizationRunners(ctx context.Context, owner stri
return runners, resp, nil
}

// ListEnabledReposInOrg lists the selected repositories that are enabled for GitHub Actions in an organization.
//
// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-repositories-enabled-for-github-actions-in-an-organization
func (s *ActionsService) ListEnabledReposInOrg(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnOrgRepos, *Response, error) {
u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner)
u, err := addOptions(u, opts)
if err != nil {
return nil, nil, err
}

req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, nil, err
}

repos := &ActionsEnabledOnOrgRepos{}
resp, err := s.client.Do(ctx, req, repos)
if err != nil {
return nil, resp, err
}

return repos, resp, nil
}

// SetEnabledReposInOrg replaces the list of selected repositories that are enabled for GitHub Actions in an organization..
//
// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-repositories-enabled-for-github-actions-in-an-organization
func (s *ActionsService) SetEnabledReposInOrg(ctx context.Context, owner string, repositoryIDs []int64) (*Response, error) {
u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner)

req, err := s.client.NewRequest("PUT", u, struct {
IDs []int64 `json:"selected_repository_ids"`
}{IDs: repositoryIDs})
if err != nil {
return nil, err
}

resp, err := s.client.Do(ctx, req, nil)
if err != nil {
return resp, err
}

return resp, nil
}

// AddEnabledReposInOrg adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization.
//
// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-repository-for-github-actions-in-an-organization
func (s *ActionsService) AddEnabledReposInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) {
u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID)

req, err := s.client.NewRequest("PUT", u, nil)
if err != nil {
return nil, err
}

resp, err := s.client.Do(ctx, req, nil)
if err != nil {
return resp, err
}

return resp, nil
}

// RemoveEnabledRepoInOrg removes a single repository from the list of enabled repos for GitHub Actions in an organization.
//
// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-repository-for-github-actions-in-an-organization
func (s *ActionsService) RemoveEnabledRepoInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) {
u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID)

req, err := s.client.NewRequest("DELETE", u, nil)
if err != nil {
return nil, err
}

resp, err := s.client.Do(ctx, req, nil)
if err != nil {
return resp, err
}

return resp, nil
}

// GetOrganizationRunner gets a specific self-hosted runner for an organization using its runner ID.
//
// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-an-organization
Expand Down
127 changes: 0 additions & 127 deletions github/actions_runners_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -446,133 +446,6 @@ func TestActionsService_ListOrganizationRunners(t *testing.T) {
})
}

func TestActionsService_ListEnabledReposInOrg(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/orgs/o/actions/permissions/repositories", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "GET")
testFormValues(t, r, values{
"page": "1",
})
fmt.Fprint(w, `{"total_count":2,"repositories":[{"id":2}, {"id": 3}]}`)
})

ctx := context.Background()
opt := &ListOptions{
Page: 1,
}
got, _, err := client.Actions.ListEnabledReposInOrg(ctx, "o", opt)
if err != nil {
t.Errorf("Actions.ListEnabledReposInOrg returned error: %v", err)
}

want := &ActionsEnabledOnOrgRepos{TotalCount: int(2), Repositories: []*Repository{
{ID: Int64(2)},
{ID: Int64(3)},
}}
if !cmp.Equal(got, want) {
t.Errorf("Actions.ListEnabledReposInOrg returned %+v, want %+v", got, want)
}

const methodName = "ListEnabledReposInOrg"
testBadOptions(t, methodName, func() (err error) {
_, _, err = client.Actions.ListEnabledReposInOrg(ctx, "\n", opt)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
got, resp, err := client.Actions.ListEnabledReposInOrg(ctx, "o", opt)
if got != nil {
t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
}
return resp, err
})
}

func TestActionsService_SetEnabledReposInOrg(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/orgs/o/actions/permissions/repositories", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "PUT")
testHeader(t, r, "Content-Type", "application/json")
testBody(t, r, `{"selected_repository_ids":[123,1234]}`+"\n")
w.WriteHeader(http.StatusNoContent)
})

ctx := context.Background()
_, err := client.Actions.SetEnabledReposInOrg(ctx, "o", []int64{123, 1234})
if err != nil {
t.Errorf("Actions.SetEnabledReposInOrg returned error: %v", err)
}

const methodName = "SetEnabledReposInOrg"

testBadOptions(t, methodName, func() (err error) {
_, err = client.Actions.SetEnabledReposInOrg(ctx, "\n", []int64{123, 1234})
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
return client.Actions.SetEnabledReposInOrg(ctx, "o", []int64{123, 1234})
})
}

func TestActionsService_AddEnabledReposInOrg(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/orgs/o/actions/permissions/repositories/123", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "PUT")
w.WriteHeader(http.StatusNoContent)
})

ctx := context.Background()
_, err := client.Actions.AddEnabledReposInOrg(ctx, "o", 123)
if err != nil {
t.Errorf("Actions.AddEnabledReposInOrg returned error: %v", err)
}

const methodName = "AddEnabledReposInOrg"

testBadOptions(t, methodName, func() (err error) {
_, err = client.Actions.AddEnabledReposInOrg(ctx, "\n", 123)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
return client.Actions.AddEnabledReposInOrg(ctx, "o", 123)
})
}

func TestActionsService_RemoveEnabledRepoInOrg(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/orgs/o/actions/permissions/repositories/123", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "DELETE")
w.WriteHeader(http.StatusNoContent)
})

ctx := context.Background()
_, err := client.Actions.RemoveEnabledRepoInOrg(ctx, "o", 123)
if err != nil {
t.Errorf("Actions.RemoveEnabledRepoInOrg returned error: %v", err)
}

const methodName = "RemoveEnabledRepoInOrg"

testBadOptions(t, methodName, func() (err error) {
_, err = client.Actions.RemoveEnabledRepoInOrg(ctx, "\n", 123)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
return client.Actions.RemoveEnabledRepoInOrg(ctx, "o", 123)
})
}

func TestActionsService_GetOrganizationRunner(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()
Expand Down
50 changes: 50 additions & 0 deletions github/enterprise_actions_allowed.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
// Copyright 2022 The go-github AUTHORS. All rights reserved.
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package github

import (
"context"
"fmt"
)

// GetActionsAllowed gets the actions that are allowed in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-an-enterprise
func (s *EnterpriseService) GetActionsAllowed(ctx context.Context, enterprise string) (*ActionsAllowed, *Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions/selected-actions", enterprise)

req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, nil, err
}

actionsAllowed := new(ActionsAllowed)
resp, err := s.client.Do(ctx, req, actionsAllowed)
if err != nil {
return nil, resp, err
}

return actionsAllowed, resp, nil
}

// EditActionsAllowed sets the actions that are allowed in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-an-enterprise
func (s *EnterpriseService) EditActionsAllowed(ctx context.Context, enterprise string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions/selected-actions", enterprise)
req, err := s.client.NewRequest("PUT", u, actionsAllowed)
if err != nil {
return nil, nil, err
}

p := new(ActionsAllowed)
resp, err := s.client.Do(ctx, req, p)
if err != nil {
return nil, resp, err
}

return p, resp, nil
}
93 changes: 93 additions & 0 deletions github/enterprise_actions_allowed_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
// Copyright 2022 The go-github AUTHORS. All rights reserved.
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package github

import (
"context"
"encoding/json"
"fmt"
"net/http"
"testing"

"github.com/google/go-cmp/cmp"
)

func TestEnterpriseService_GetActionsAllowed(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/enterprises/e/actions/permissions/selected-actions", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "GET")
fmt.Fprint(w, `{"github_owned_allowed":true, "verified_allowed":false, "patterns_allowed":["a/b"]}`)
})

ctx := context.Background()
ent, _, err := client.Enterprise.GetActionsAllowed(ctx, "e")
if err != nil {
t.Errorf("Enterprise.GetActionsAllowed returned error: %v", err)
}
want := &ActionsAllowed{GithubOwnedAllowed: Bool(true), VerifiedAllowed: Bool(false), PatternsAllowed: []string{"a/b"}}
if !cmp.Equal(ent, want) {
t.Errorf("Enterprise.GetActionsAllowed returned %+v, want %+v", ent, want)
}

const methodName = "GetActionsAllowed"
testBadOptions(t, methodName, func() (err error) {
_, _, err = client.Enterprise.GetActionsAllowed(ctx, "\n")
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
got, resp, err := client.Enterprise.GetActionsAllowed(ctx, "e")
if got != nil {
t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
}
return resp, err
})
}

func TestEnterpriseService_EditActionsAllowed(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()
input := &ActionsAllowed{GithubOwnedAllowed: Bool(true), VerifiedAllowed: Bool(false), PatternsAllowed: []string{"a/b"}}

mux.HandleFunc("/enterprises/e/actions/permissions/selected-actions", func(w http.ResponseWriter, r *http.Request) {
v := new(ActionsAllowed)
assertNilError(t, json.NewDecoder(r.Body).Decode(v))

testMethod(t, r, "PUT")
if !cmp.Equal(v, input) {
t.Errorf("Request body = %+v, want %+v", v, input)
}

fmt.Fprint(w, `{"github_owned_allowed":true, "verified_allowed":false, "patterns_allowed":["a/b"]}`)
})

ctx := context.Background()
ent, _, err := client.Enterprise.EditActionsAllowed(ctx, "e", *input)
if err != nil {
t.Errorf("Enterprise.EditActionsAllowed returned error: %v", err)
}

want := &ActionsAllowed{GithubOwnedAllowed: Bool(true), VerifiedAllowed: Bool(false), PatternsAllowed: []string{"a/b"}}
if !cmp.Equal(ent, want) {
t.Errorf("Enterprise.EditActionsAllowed returned %+v, want %+v", ent, want)
}

const methodName = "EditActionsAllowed"
testBadOptions(t, methodName, func() (err error) {
_, _, err = client.Enterprise.EditActionsAllowed(ctx, "\n", *input)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
got, resp, err := client.Enterprise.EditActionsAllowed(ctx, "e", *input)
if got != nil {
t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
}
return resp, err
})
}
Loading
Loading