setup-pureos-pkg-repo: Don't use obsolete API for protecting branches
The correct way (nowadays) to protect a branch is by using the protected_branches endpoint (see https://docs.gitlab.com/ee/api/protected_branches.html)
Fixes #4 (closed)
First commit: We have a similar check already in get_branch
, but the API we're using for checking the CI file uses the branch as a name/string and not as a branch object.
Second commit:
Perhaps it would make sense to specify more options in the dictionary (access levels, whether to allow force pushing, etc)?
Just setting the name of the branch we end up with the following defaults for the other values (inserted linebreaks to increase readability). These seem like good defaults to me, but maybe we want to be explicit about them:
> $ ~/git/librem5-dev-tools/setup-pureos-pkg-repo -i 2386
CI configured as expected
Repo https://source.puri.sm/evangelos.tzaras/sofia-sip.git setup complete.
> $ curl --header "PRIVATE-TOKEN: $GITLAB_TOKEN" "https://source.puri.sm/api/v4/projects/2386/protected_branches"
[{"id":2369,"name":"pureos/latest",
"push_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"merge_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"allow_force_push":false,
"unprotect_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"code_owner_approval_required":false},
{"id":2370,"name":"pristine-tar",
"push_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"merge_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"allow_force_push":false,
"unprotect_access_levels":
[{"access_level":40,"access_level_description":"Maintainers","user_id":null,"group_id":null}],
"code_owner_approval_required":false}]%
NOTE
This is only tested on Debian Bookworm/Sid and incidentally only started working after the latest gitlab upgrade (before the upgrade I was getting 403 Forbidden errors, I assume because the API endpoint didn't exist?!)