From af14452c7488327d54322dc50743a59b080bbc1d Mon Sep 17 00:00:00 2001 From: Wingless-Archangel Date: Sun, 17 Jan 2021 22:46:41 +0100 Subject: [PATCH 01/10] Add token authentication to overide basic auth --- src/bitbucket_http.erl | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/src/bitbucket_http.erl b/src/bitbucket_http.erl index 3491d49..55aae98 100644 --- a/src/bitbucket_http.erl +++ b/src/bitbucket_http.erl @@ -105,11 +105,23 @@ do_http_request(Method, Request) -> headers() -> Username = application:get_env(bec, bitbucket_username, ""), Password = application:get_env(bec, bitbucket_password, ""), - Credentials = base64:encode_to_string(Username ++ ":" ++ Password), - [ - {"Authorization", "Basic " ++ Credentials} - , {"Accept", "application/json"} - ]. + Token = application:get_env(bec, bitbucket_token, ""), + %% Prefer token authentication rather than username and password + case Token of + "" -> + Credentials = base64:encode_to_string(Username ++ ":" ++ Password), + [ + {"Authorization", "Basic " ++ Credentials} + , {"Accept", "application/json"} + ]; + + _-> + Credentials = Token, + [ + {"Authorization", "Bearer " ++ Credentials} + , {"Accept", "application/json"} + ] + end. -spec handle_result(httpc_result()) -> {ok, map()} | {ok, [map()]} | {error, any()}. From dfdda20219b291bccd236093aed83c66d78274dc Mon Sep 17 00:00:00 2001 From: Roberto Aloi Date: Wed, 27 Jan 2021 09:31:52 +0100 Subject: [PATCH 02/10] Refactor Token Authentication --- src/bitbucket_http.erl | 29 ++++++++++++----------------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/src/bitbucket_http.erl b/src/bitbucket_http.erl index 55aae98..2bc82b1 100644 --- a/src/bitbucket_http.erl +++ b/src/bitbucket_http.erl @@ -103,24 +103,19 @@ do_http_request(Method, Request) -> -spec headers() -> [{string(), string()}]. headers() -> - Username = application:get_env(bec, bitbucket_username, ""), - Password = application:get_env(bec, bitbucket_password, ""), - Token = application:get_env(bec, bitbucket_token, ""), - %% Prefer token authentication rather than username and password - case Token of + [ {"Authorization", authorization()} + , {"Accept", "application/json"} + ]. + +-spec authorization() -> string(). +authorization() -> + case application:get_env(bec, bitbucket_token, "") of "" -> - Credentials = base64:encode_to_string(Username ++ ":" ++ Password), - [ - {"Authorization", "Basic " ++ Credentials} - , {"Accept", "application/json"} - ]; - - _-> - Credentials = Token, - [ - {"Authorization", "Bearer " ++ Credentials} - , {"Accept", "application/json"} - ] + Username = application:get_env(bec, bitbucket_username, ""), + Password = application:get_env(bec, bitbucket_password, ""), + "Basic " ++ base64:encode_to_string(Username ++ ":" ++ Password); + Token -> + "Bearer " ++ Token end. -spec handle_result(httpc_result()) -> From f9b2e86b061ba58caca519cc43c598eaaa319656 Mon Sep 17 00:00:00 2001 From: Wingless-Archangel Date: Tue, 9 Feb 2021 10:14:53 +0100 Subject: [PATCH 03/10] Update authentication Documentation --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index b400041..0631d43 100644 --- a/README.md +++ b/README.md @@ -76,12 +76,16 @@ docker run --rm --name erlangbuilder -v ${PWD}:/bec -w=/bec erlang rebar3 escr ## Sample BitBucket Configuration +BEC We support both credential and token authentication. +However, token authentication will be used instead of credential when both present. + Set BitBucket url and credentials in `bitbucket.config`: ``` {bitbucket_url, "https://my.bitbucket.server"}. {bitbucket_username, "first.last"}. {bitbucket_password, "password"}. +{bitbucket_token, "someToken"}. ``` ## Sample Repo Configuration From 77d2ffa6d882a6512d7a1eb01d895c55771b012c Mon Sep 17 00:00:00 2001 From: Wingless-Archangel Date: Thu, 11 Feb 2021 10:06:53 +0100 Subject: [PATCH 04/10] Add supported to read YAML file --- src/bitbucket_repo_config.erl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/bitbucket_repo_config.erl b/src/bitbucket_repo_config.erl index 5159288..293d277 100644 --- a/src/bitbucket_repo_config.erl +++ b/src/bitbucket_repo_config.erl @@ -15,6 +15,9 @@ verify(Path) -> -spec verify(string(), opts()) -> boolean(). verify(Path, Options) -> case filename:extension(Path) of + ".yaml" -> + Config = read(Path), + do_verify(Options, Config); ".yml" -> Config = read(Path), do_verify(Options, Config); From a1ba1d040eae8cb5e5b0be428cc66270255532e5 Mon Sep 17 00:00:00 2001 From: Wingless-Archangel Date: Sat, 13 Feb 2021 16:21:05 +0100 Subject: [PATCH 05/10] Update README.md Co-authored-by: Roberto Aloi --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0631d43..9966b69 100644 --- a/README.md +++ b/README.md @@ -76,8 +76,8 @@ docker run --rm --name erlangbuilder -v ${PWD}:/bec -w=/bec erlang rebar3 escr ## Sample BitBucket Configuration -BEC We support both credential and token authentication. -However, token authentication will be used instead of credential when both present. +BEC supports both Basic Authentication (via username/password) and Token-Based Authentication (preferred). +If both a `token` and a `username/password` pair are provided, the token will take precedence. Set BitBucket url and credentials in `bitbucket.config`: @@ -88,6 +88,8 @@ Set BitBucket url and credentials in `bitbucket.config`: {bitbucket_token, "someToken"}. ``` +Please follow [this](https://confluence.atlassian.com/bitbucketserver072/personal-access-tokens-1005335924.html#Personalaccesstokens-Generatingpersonalaccesstokens) guide if you want to generate the token to authenticate. + ## Sample Repo Configuration You can find a sample configuration file for a custom BitBucket repo From 7f1cf5682445f01d4623011bd0518dc6fa5866bf Mon Sep 17 00:00:00 2001 From: Luca Barbieri Date: Wed, 10 Feb 2021 15:44:04 +0100 Subject: [PATCH 06/10] Support auto-unapprove parameter in pullrequests settings --- src/bec_pr_restriction_t.erl | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/bec_pr_restriction_t.erl b/src/bec_pr_restriction_t.erl index e72ddba..91da259 100644 --- a/src/bec_pr_restriction_t.erl +++ b/src/bec_pr_restriction_t.erl @@ -18,6 +18,7 @@ , 'required-all-tasks-complete' := boolean() , 'required-approvers' := integer() , 'required-successful-builds' := boolean() + , 'unapprove-on-update' := boolean() }. %%============================================================================== @@ -35,12 +36,14 @@ from_map(#{ <<"mergeConfig">> := MergeConfig , <<"requiredAllTasksComplete">> := RequiredAllTasksComplete , <<"requiredApprovers">> := RequiresApprovers , <<"requiredSuccessfulBuilds">> := RequiredSuccessfulBuilds + , <<"unapproveOnUpdate">> := UnapproveOnUpdate }) -> #{ 'merge-config' => bec_merge_config_t:from_map(MergeConfig) , 'required-all-approvers' => RequiredAllApprovers , 'required-all-tasks-complete' => RequiredAllTasksComplete , 'required-approvers' => RequiresApprovers , 'required-successful-builds' => RequiredSuccessfulBuilds + , 'unapprove-on-update' => UnapproveOnUpdate }. -spec to_map(restriction()) -> map(). @@ -49,10 +52,12 @@ to_map(#{ 'merge-config' := MergeConfig , 'required-all-tasks-complete' := RequiredAllTasksComplete , 'required-approvers' := RequiresApprovers , 'required-successful-builds' := RequiredSuccessfulBuilds + , 'unapprove-on-update' := UnapproveOnUpdate }) -> #{ <<"mergeConfig">> => bec_merge_config_t:to_map(MergeConfig) , <<"requiredAllApprovers">> => RequiredAllApprovers , <<"requiredAllTasksComplete">> => RequiredAllTasksComplete , <<"requiredApprovers">> => RequiresApprovers , <<"requiredSuccessfulBuilds">> => RequiredSuccessfulBuilds + , <<"unapproveOnUpdate">> => UnapproveOnUpdate }. From 79f8b5e8c01374e0677420ce7ac92fc099ae296e Mon Sep 17 00:00:00 2001 From: Luca Barbieri Date: Wed, 10 Feb 2021 15:46:52 +0100 Subject: [PATCH 07/10] Fix branch restriction sorting Branch restrictions comparison fails because Actual are sorted before removing id field --- src/bitbucket.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/bitbucket.erl b/src/bitbucket.erl index 5ee5b72..37cf1ea 100644 --- a/src/bitbucket.erl +++ b/src/bitbucket.erl @@ -164,7 +164,7 @@ get_branch_restrictions(ProjectKey, RepoSlug) -> case bitbucket_api:get_branch_restrictions(ProjectKey, RepoSlug) of {ok, Response} -> Values = maps:get(<<"values">>, Response), - {ok, lists:sort([bec_branch_restriction_t:from_map(V) || V <- Values])}; + {ok, lists:sort([maps:remove(id, X) || X <- [bec_branch_restriction_t:from_map(V) || V <- Values]])}; {error, Reason} -> {error, Reason} end. From 540bf23c9ee6db28badbd3527363cd07a2833543 Mon Sep 17 00:00:00 2001 From: Luca Barbieri Date: Mon, 15 Feb 2021 09:38:52 +0100 Subject: [PATCH 08/10] Add unapprove-on-update parameter to sample yaml. Adapt line lenght to avoid linting error --- sample_repo_configuration.yml | 1 + src/.vscode/settings.json | 2 ++ src/bitbucket.erl | 3 ++- 3 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 src/.vscode/settings.json diff --git a/sample_repo_configuration.yml b/sample_repo_configuration.yml index b0965da..2776a68 100644 --- a/sample_repo_configuration.yml +++ b/sample_repo_configuration.yml @@ -91,6 +91,7 @@ pr-restrictions: required-all-tasks-complete: true required-approvers: 2 required-successful-builds: 1 + unapprove-on-update: true merge-config: default-strategy: no-ff enabled-strategies: diff --git a/src/.vscode/settings.json b/src/.vscode/settings.json new file mode 100644 index 0000000..7a73a41 --- /dev/null +++ b/src/.vscode/settings.json @@ -0,0 +1,2 @@ +{ +} \ No newline at end of file diff --git a/src/bitbucket.erl b/src/bitbucket.erl index 37cf1ea..c41fd14 100644 --- a/src/bitbucket.erl +++ b/src/bitbucket.erl @@ -164,7 +164,8 @@ get_branch_restrictions(ProjectKey, RepoSlug) -> case bitbucket_api:get_branch_restrictions(ProjectKey, RepoSlug) of {ok, Response} -> Values = maps:get(<<"values">>, Response), - {ok, lists:sort([maps:remove(id, X) || X <- [bec_branch_restriction_t:from_map(V) || V <- Values]])}; + {ok, lists:sort([maps:remove(id, X) || + X <- [bec_branch_restriction_t:from_map(V) || V <- Values]])}; {error, Reason} -> {error, Reason} end. From 9121174623777381d249bf8311c43e36141060f8 Mon Sep 17 00:00:00 2001 From: Roberto Aloi Date: Wed, 24 Feb 2021 15:03:51 +0100 Subject: [PATCH 09/10] Revert removal of ids since it breaks the contract --- src/bitbucket.erl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/bitbucket.erl b/src/bitbucket.erl index c41fd14..5ee5b72 100644 --- a/src/bitbucket.erl +++ b/src/bitbucket.erl @@ -164,8 +164,7 @@ get_branch_restrictions(ProjectKey, RepoSlug) -> case bitbucket_api:get_branch_restrictions(ProjectKey, RepoSlug) of {ok, Response} -> Values = maps:get(<<"values">>, Response), - {ok, lists:sort([maps:remove(id, X) || - X <- [bec_branch_restriction_t:from_map(V) || V <- Values]])}; + {ok, lists:sort([bec_branch_restriction_t:from_map(V) || V <- Values])}; {error, Reason} -> {error, Reason} end. From 1908ac96992e98f21df45c071b5038db3a86b461 Mon Sep 17 00:00:00 2001 From: Roberto Aloi Date: Wed, 24 Feb 2021 15:04:12 +0100 Subject: [PATCH 10/10] Add 'unapprove-on-update' to generator --- test/bec_proper_gen.erl | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/test/bec_proper_gen.erl b/test/bec_proper_gen.erl index 4dcf482..dc710c0 100644 --- a/test/bec_proper_gen.erl +++ b/test/bec_proper_gen.erl @@ -216,13 +216,20 @@ path() -> %% PR Restrictions %%============================================================================== pr_restrictions() -> - ?LET( {MergeConfig, AllApprovers, AllTasks, Approvers, Builds} - , {merge_config(), bool(), bool(), nat(), nat()} + ?LET( { MergeConfig + , AllApprovers + , AllTasks + , Approvers + , Builds + , UnapproveOnUpdate + } + , {merge_config(), bool(), bool(), nat(), nat(), bool()} , #{ 'merge-config' => MergeConfig , 'required-all-approvers' => AllApprovers , 'required-all-tasks-complete' => AllTasks , 'required-approvers' => Approvers , 'required-successful-builds' => Builds + , 'unapprove-on-update' => UnapproveOnUpdate }). merge_config() ->