From 7cd1ec5d4d6c5d47bf42164ff0a2199007e9a541 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Tue, 19 Nov 2024 08:30:14 -0800 Subject: [PATCH] Expand fields for GitLab project (#4861) * Expand fields for GitLab project Get some more data. Also improve help to make it more clear what format the URL needs to be in Signed-off-by: Tim Smith * Update providers/gitlab/resources/gitlab.lr Co-authored-by: Letha * Remove license and email for now Signed-off-by: Tim Smith * Fix in the indents Signed-off-by: Tim Smith --------- Signed-off-by: Tim Smith Co-authored-by: Letha --- providers/gitlab/config/config.go | 2 +- providers/gitlab/resources/gitlab.go | 13 ++- providers/gitlab/resources/gitlab.lr | 38 ++++++--- providers/gitlab/resources/gitlab.lr.go | 84 +++++++++++++++++++ .../gitlab/resources/gitlab.lr.manifest.yaml | 13 ++- 5 files changed, 131 insertions(+), 19 deletions(-) diff --git a/providers/gitlab/config/config.go b/providers/gitlab/config/config.go index 3838073960..41cbe964b2 100644 --- a/providers/gitlab/config/config.go +++ b/providers/gitlab/config/config.go @@ -53,7 +53,7 @@ var Config = plugin.Provider{ Long: "url", Type: plugin.FlagType_String, Default: "", - Desc: "Custom GitLab base url", + Desc: "Custom GitLab base URL (https://example.com/)", }, }, }, diff --git a/providers/gitlab/resources/gitlab.go b/providers/gitlab/resources/gitlab.go index a5bcd26f3d..b887da68d1 100644 --- a/providers/gitlab/resources/gitlab.go +++ b/providers/gitlab/resources/gitlab.go @@ -101,6 +101,10 @@ func getGitlabProjectArgs(prj *gitlab.Project) map[string]*llx.RawData { "visibility": llx.StringData(string(prj.Visibility)), "webURL": llx.StringData(prj.WebURL), "wikiEnabled": llx.BoolData(prj.WikiEnabled), + "jobsEnabled": llx.BoolData(prj.JobsEnabled), + "emptyRepo": llx.BoolData(prj.EmptyRepo), + "sharedRunnersEnabled": llx.BoolData(prj.SharedRunnersEnabled), + "groupRunnersEnabled": llx.BoolData(prj.GroupRunnersEnabled), } } @@ -141,6 +145,7 @@ func (p *mqlGitlabProject) approvalSettings() (*mqlGitlabProjectApprovalSetting, "mergeRequestsAuthorApproval": llx.BoolData(approvalConfig.MergeRequestsAuthorApproval), "mergeRequestsDisableCommittersApproval": llx.BoolData(approvalConfig.MergeRequestsDisableCommittersApproval), "requirePasswordToApprove": llx.BoolData(approvalConfig.RequirePasswordToApprove), + "selectiveCodeOwnerRemovals": llx.BoolData(approvalConfig.SelectiveCodeOwnerRemovals), } mqlApprovalSettings, err := CreateResource(p.MqlRuntime, "gitlab.project.approvalSetting", approvalSettings) @@ -286,9 +291,11 @@ func (p *mqlGitlabProject) projectMembers() ([]interface{}, error) { for _, member := range members { role := mapAccessLevelToRole(int(member.AccessLevel)) memberInfo := map[string]*llx.RawData{ - "id": llx.IntData(int64(member.ID)), - "name": llx.StringData(member.Name), - "role": llx.StringData(role), + "id": llx.IntData(int64(member.ID)), + "username": llx.StringData(member.Username), + "state": llx.StringData(member.State), + "name": llx.StringData(member.Name), + "role": llx.StringData(role), } mqlMember, err := CreateResource(p.MqlRuntime, "gitlab.project.member", memberInfo) diff --git a/providers/gitlab/resources/gitlab.lr b/providers/gitlab/resources/gitlab.lr index 4873dd798c..28d521b632 100644 --- a/providers/gitlab/resources/gitlab.lr +++ b/providers/gitlab/resources/gitlab.lr @@ -43,7 +43,7 @@ gitlab.project @defaults("fullName visibility webURL") { // Project path path string // Create date of the project - createdAt time + createdAt time // Project description description string // Default Git branch @@ -66,21 +66,21 @@ gitlab.project @defaults("fullName visibility webURL") { onlyAllowMergeIfAllDiscussionsAreResolved bool // Whether the issues feature is enabled issuesEnabled bool - // Whether the merge request feature is enabled + // Whether the merge request feature is enabled mergeRequestsEnabled bool - // Whether the wiki feature is enabled + // Whether the wiki feature is enabled wikiEnabled bool - // Whether the snippets feature is enabled + // Whether the snippets feature is enabled snippetsEnabled bool - // Whether the container registry feature is enabled + // Whether the container registry feature is enabled containerRegistryEnabled bool - // Whether the Service Desk feature is enabled + // Whether the Service Desk feature is enabled serviceDeskEnabled bool - // Whether the packages feature is enabled + // Whether the packages feature is enabled packagesEnabled bool - // Whether the Auto DevOps feature is enabled + // Whether the Auto DevOps feature is enabled autoDevopsEnabled bool - // Whether the requirements feature is enabled + // Whether the requirements feature is enabled requirementsEnabled bool // Approval rules for the project approvalRules() []gitlab.project.approvalRule @@ -96,9 +96,16 @@ gitlab.project @defaults("fullName visibility webURL") { projectFiles() []gitlab.project.file // List of webhooks for the project webhooks() []gitlab.project.webhook + // Whether CI jobs are enabled + jobsEnabled bool + // Whether the repo is empty + emptyRepo bool + // Whether the project is enabled for shared runners + sharedRunnersEnabled bool + // Whether the project is enabled for group runners + groupRunnersEnabled bool } - // GitLab project approval rule private gitlab.project.approvalRule @defaults("id name approvalsRequired") { // Rule ID @@ -123,9 +130,10 @@ private gitlab.project.approvalSetting @defaults("approvalsBeforeMerge requirePa mergeRequestsDisableCommittersApproval bool // Whether a password is required to approve requirePasswordToApprove bool + // Whether approvals are reset from Code Owners if their files changed + selectiveCodeOwnerRemovals bool } - // GitLab protected branch private gitlab.project.protectedBranch @defaults("name allowForcePush") { // Branch name @@ -139,13 +147,17 @@ private gitlab.project.protectedBranch @defaults("name allowForcePush") { } // GitLab project member -gitlab.project.member @defaults("id name role") { +gitlab.project.member @defaults("username role name") { // Member ID id int // Member name name string // Member role role string + // Member username + username string + // Member state + state string } // GitLab project file @@ -166,4 +178,4 @@ private gitlab.project.webhook @defaults("url sslVerification") { url string // Whether SSL verification is enabled sslVerification bool -} \ No newline at end of file +} diff --git a/providers/gitlab/resources/gitlab.lr.go b/providers/gitlab/resources/gitlab.lr.go index 2bed7e1228..36a9d48592 100644 --- a/providers/gitlab/resources/gitlab.lr.go +++ b/providers/gitlab/resources/gitlab.lr.go @@ -247,6 +247,18 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "gitlab.project.webhooks": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlGitlabProject).GetWebhooks()).ToDataRes(types.Array(types.Resource("gitlab.project.webhook"))) }, + "gitlab.project.jobsEnabled": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProject).GetJobsEnabled()).ToDataRes(types.Bool) + }, + "gitlab.project.emptyRepo": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProject).GetEmptyRepo()).ToDataRes(types.Bool) + }, + "gitlab.project.sharedRunnersEnabled": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProject).GetSharedRunnersEnabled()).ToDataRes(types.Bool) + }, + "gitlab.project.groupRunnersEnabled": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProject).GetGroupRunnersEnabled()).ToDataRes(types.Bool) + }, "gitlab.project.approvalRule.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlGitlabProjectApprovalRule).GetId()).ToDataRes(types.Int) }, @@ -274,6 +286,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "gitlab.project.approvalSetting.requirePasswordToApprove": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlGitlabProjectApprovalSetting).GetRequirePasswordToApprove()).ToDataRes(types.Bool) }, + "gitlab.project.approvalSetting.selectiveCodeOwnerRemovals": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProjectApprovalSetting).GetSelectiveCodeOwnerRemovals()).ToDataRes(types.Bool) + }, "gitlab.project.protectedBranch.name": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlGitlabProjectProtectedBranch).GetName()).ToDataRes(types.String) }, @@ -295,6 +310,12 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "gitlab.project.member.role": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlGitlabProjectMember).GetRole()).ToDataRes(types.String) }, + "gitlab.project.member.username": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProjectMember).GetUsername()).ToDataRes(types.String) + }, + "gitlab.project.member.state": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlGitlabProjectMember).GetState()).ToDataRes(types.String) + }, "gitlab.project.file.path": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlGitlabProjectFile).GetPath()).ToDataRes(types.String) }, @@ -505,6 +526,22 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlGitlabProject).Webhooks, ok = plugin.RawToTValue[[]interface{}](v.Value, v.Error) return }, + "gitlab.project.jobsEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProject).JobsEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, + "gitlab.project.emptyRepo": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProject).EmptyRepo, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, + "gitlab.project.sharedRunnersEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProject).SharedRunnersEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, + "gitlab.project.groupRunnersEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProject).GroupRunnersEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, "gitlab.project.approvalRule.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlGitlabProjectApprovalRule).__id, ok = v.Value.(string) return @@ -549,6 +586,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlGitlabProjectApprovalSetting).RequirePasswordToApprove, ok = plugin.RawToTValue[bool](v.Value, v.Error) return }, + "gitlab.project.approvalSetting.selectiveCodeOwnerRemovals": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProjectApprovalSetting).SelectiveCodeOwnerRemovals, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, "gitlab.project.protectedBranch.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlGitlabProjectProtectedBranch).__id, ok = v.Value.(string) return @@ -585,6 +626,14 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlGitlabProjectMember).Role, ok = plugin.RawToTValue[string](v.Value, v.Error) return }, + "gitlab.project.member.username": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProjectMember).Username, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, + "gitlab.project.member.state": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlGitlabProjectMember).State, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, "gitlab.project.file.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlGitlabProjectFile).__id, ok = v.Value.(string) return @@ -793,6 +842,10 @@ type mqlGitlabProject struct { ProjectMembers plugin.TValue[[]interface{}] ProjectFiles plugin.TValue[[]interface{}] Webhooks plugin.TValue[[]interface{}] + JobsEnabled plugin.TValue[bool] + EmptyRepo plugin.TValue[bool] + SharedRunnersEnabled plugin.TValue[bool] + GroupRunnersEnabled plugin.TValue[bool] } // createGitlabProject creates a new instance of this resource @@ -1030,6 +1083,22 @@ func (c *mqlGitlabProject) GetWebhooks() *plugin.TValue[[]interface{}] { }) } +func (c *mqlGitlabProject) GetJobsEnabled() *plugin.TValue[bool] { + return &c.JobsEnabled +} + +func (c *mqlGitlabProject) GetEmptyRepo() *plugin.TValue[bool] { + return &c.EmptyRepo +} + +func (c *mqlGitlabProject) GetSharedRunnersEnabled() *plugin.TValue[bool] { + return &c.SharedRunnersEnabled +} + +func (c *mqlGitlabProject) GetGroupRunnersEnabled() *plugin.TValue[bool] { + return &c.GroupRunnersEnabled +} + // mqlGitlabProjectApprovalRule for the gitlab.project.approvalRule resource type mqlGitlabProjectApprovalRule struct { MqlRuntime *plugin.Runtime @@ -1095,6 +1164,7 @@ type mqlGitlabProjectApprovalSetting struct { MergeRequestsAuthorApproval plugin.TValue[bool] MergeRequestsDisableCommittersApproval plugin.TValue[bool] RequirePasswordToApprove plugin.TValue[bool] + SelectiveCodeOwnerRemovals plugin.TValue[bool] } // createGitlabProjectApprovalSetting creates a new instance of this resource @@ -1153,6 +1223,10 @@ func (c *mqlGitlabProjectApprovalSetting) GetRequirePasswordToApprove() *plugin. return &c.RequirePasswordToApprove } +func (c *mqlGitlabProjectApprovalSetting) GetSelectiveCodeOwnerRemovals() *plugin.TValue[bool] { + return &c.SelectiveCodeOwnerRemovals +} + // mqlGitlabProjectProtectedBranch for the gitlab.project.protectedBranch resource type mqlGitlabProjectProtectedBranch struct { MqlRuntime *plugin.Runtime @@ -1225,6 +1299,8 @@ type mqlGitlabProjectMember struct { Id plugin.TValue[int64] Name plugin.TValue[string] Role plugin.TValue[string] + Username plugin.TValue[string] + State plugin.TValue[string] } // createGitlabProjectMember creates a new instance of this resource @@ -1276,6 +1352,14 @@ func (c *mqlGitlabProjectMember) GetRole() *plugin.TValue[string] { return &c.Role } +func (c *mqlGitlabProjectMember) GetUsername() *plugin.TValue[string] { + return &c.Username +} + +func (c *mqlGitlabProjectMember) GetState() *plugin.TValue[string] { + return &c.State +} + // mqlGitlabProjectFile for the gitlab.project.file resource type mqlGitlabProjectFile struct { MqlRuntime *plugin.Runtime diff --git a/providers/gitlab/resources/gitlab.lr.manifest.yaml b/providers/gitlab/resources/gitlab.lr.manifest.yaml index 481031e6d9..4f6b8a713f 100755 --- a/providers/gitlab/resources/gitlab.lr.manifest.yaml +++ b/providers/gitlab/resources/gitlab.lr.manifest.yaml @@ -21,7 +21,6 @@ resources: visibility: {} webURL: min_mondoo_version: 9.0.0 - maturity: experimental min_mondoo_version: 5.15.0 gitlab.project: fields: @@ -44,11 +43,17 @@ resources: description: {} emailsDisabled: min_mondoo_version: 9.0.0 + emptyRepo: + min_mondoo_version: 9.0.0 fullName: min_mondoo_version: 9.0.0 + groupRunnersEnabled: + min_mondoo_version: 9.0.0 id: {} issuesEnabled: min_mondoo_version: 9.0.0 + jobsEnabled: + min_mondoo_version: 9.0.0 mergeMethod: min_mondoo_version: 9.0.0 mergeRequestsEnabled: @@ -73,6 +78,8 @@ resources: min_mondoo_version: 9.0.0 serviceDeskEnabled: min_mondoo_version: 9.0.0 + sharedRunnersEnabled: + min_mondoo_version: 9.0.0 snippetsEnabled: min_mondoo_version: 9.0.0 visibility: {} @@ -82,7 +89,6 @@ resources: min_mondoo_version: 9.0.0 wikiEnabled: min_mondoo_version: 9.0.0 - maturity: experimental min_mondoo_version: 5.15.0 gitlab.project.approvalRule: fields: @@ -99,6 +105,7 @@ resources: mergeRequestsDisableCommittersApproval: {} requirePasswordToApprove: {} resetApprovalsOnPush: {} + selectiveCodeOwnerRemovals: {} is_private: true min_mondoo_version: 9.0.0 gitlab.project.file: @@ -114,6 +121,8 @@ resources: id: {} name: {} role: {} + state: {} + username: {} min_mondoo_version: 9.0.0 gitlab.project.protectedBranch: fields: