⭐️ Adding support for fetching the Protected Branchs configs (Gitlab) (…

…#4369) * adding support for fetching the Protected Branchs config Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com> * removed extra parts and rebased Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com> * adding id identifier Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com> * support for default branch Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com> * rebased & improvements Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com> --------- Signed-off-by: Hossein Rouhani <h_rouhani@hotmail.com>
mondoohq · Jul 22, 2024 · f395906 · f395906
1 parent 82f9376
commit f395906
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 0 deletions.
diff --git a/providers/gitlab/resources/gitlab.go b/providers/gitlab/resources/gitlab.go
@@ -198,3 +198,48 @@ func (p *mqlGitlabProject) mergeMethod() (string, error) {
 
 	return mergeMethodString, nil
 }
+
+// Define the id function for a unique identifier for a resource instance gitlab.project.repository.protectedBranch
+// The struct name mqlGitlabProjectRepositoryProtectedBranch is derived from the resource path gitlab.project.repository.protectedBranch. This is a convention used to maintain consistency and clarity within the Mondoo framework by adding mql in the front, ensuring that each resource can be uniquely identified and managed.
+func (g *mqlGitlabProjectRepositoryProtectedBranch) id() (string, error) {
+	return g.Name.Data, nil
+}
+
+// To fetch protected branch settings
+func (p *mqlGitlabProject) protectedBranches() ([]interface{}, error) {
+	conn := p.MqlRuntime.Connection.(*connection.GitLabConnection)
+
+	projectID := int(p.Id.Data)
+	project, _, err := conn.Client().Projects.GetProject(projectID, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	defaultBranch := project.DefaultBranch
+
+	protectedBranches, _, err := conn.Client().ProtectedBranches.ListProtectedBranches(projectID, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	var mqlProtectedBranches []interface{}
+	for _, branch := range protectedBranches {
+		// Declare and initialize isDefaultBranch variable
+		isDefaultBranch := branch.Name == defaultBranch
+
+		branchSettings := map[string]*llx.RawData{
+			"name":           llx.StringData(branch.Name),
+			"allowForcePush": llx.BoolData(branch.AllowForcePush),
+			"defaultBranch":  llx.BoolData(isDefaultBranch),
+		}
+
+		mqlProtectedBranch, err := CreateResource(p.MqlRuntime, "gitlab.project.repository.protectedBranch", branchSettings)
+		if err != nil {
+			return nil, err
+		}
+
+		mqlProtectedBranches = append(mqlProtectedBranches, mqlProtectedBranch)
+	}
+
+	return mqlProtectedBranches, nil
+}
diff --git a/providers/gitlab/resources/gitlab.lr b/providers/gitlab/resources/gitlab.lr
@@ -88,6 +88,8 @@ gitlab.project @defaults("fullName visibility webURL") {
   mergeMethod() string
   // Approval settings for the project
   approvalSettings() gitlab.project.approvalSettings
+  // Protected branches settings for the project
+  protectedBranches() []gitlab.project.repository.protectedBranch
 }
 
 
@@ -116,3 +118,14 @@ gitlab.project.approvalSettings @defaults("approvalsBeforeMerge requirePasswordT
   // Require password to approve
   requirePasswordToApprove bool
 }
+
+
+// GitLab protected branch
+gitlab.project.repository.protectedBranch @defaults("name allowForcePush") {
+  // Branch name
+  name string
+  // Whether force push is allowed
+  allowForcePush bool
+  // Whether this is the default branch
+  defaultBranch bool
+}