Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in / Register
  • L librem5-dev-tools
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 7
    • Issues 7
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 3
    • Merge requests 3
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Librem5
  • librem5-dev-tools
  • Merge requests
  • !27

setup-pureos-pkg-repo: Don't use obsolete API for protecting branches

  • Review changes

  • Download
  • Email patches
  • Plain diff
Merged Evangelos Ribeiro Tzaras requested to merge fix-protected-branches-setup-pkg-repo into master May 15, 2022
  • Overview 3
  • Commits 2
  • Pipelines 3
  • Changes 1

The correct way (nowadays) to protect a branch is by using the protected_branches endpoint (see https://docs.gitlab.com/ee/api/protected_branches.html)

Fixes #4 (closed)

First commit: We have a similar check already in get_branch, but the API we're using for checking the CI file uses the branch as a name/string and not as a branch object.

Second commit:

Perhaps it would make sense to specify more options in the dictionary (access levels, whether to allow force pushing, etc)?

Just setting the name of the branch we end up with the following defaults for the other values (inserted linebreaks to increase readability). These seem like good defaults to me, but maybe we want to be explicit about them:

> $ ~/git/librem5-dev-tools/setup-pureos-pkg-repo -i 2386
CI configured as expected
Repo https://source.puri.sm/evangelos.tzaras/sofia-sip.git setup complete.
                                                                                                                                                                                                                                                                                          
> $ curl --header "PRIVATE-TOKEN: $GITLAB_TOKEN" "https://source.puri.sm/api/v4/projects/2386/protected_branches"
[{"id":2369,"name":"pureos/latest",
"push_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"merge_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"allow_force_push":false,
"unprotect_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"code_owner_approval_required":false},

{"id":2370,"name":"pristine-tar",
"push_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"merge_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"allow_force_push":false,
"unprotect_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"code_owner_approval_required":false}]%       

NOTE

This is only tested on Debian Bookworm/Sid and incidentally only started working after the latest gitlab upgrade (before the upgrade I was getting 403 Forbidden errors, I assume because the API endpoint didn't exist?!)

Edited May 15, 2022 by Evangelos Ribeiro Tzaras
Assignee
Assign to
Reviewer
Request review from
Time tracking
Source branch: fix-protected-branches-setup-pkg-repo