Add support for repository rulesets by vaindil · Pull Request #7650 · cli/cli · GitHub
Skip to content

Add support for repository rulesets#7650

Merged
vilmibm merged 25 commits into
cli:trunkfrom
vaindil:vaindil/rulesets
Jul 10, 2023
Merged

Add support for repository rulesets#7650
vilmibm merged 25 commits into
cli:trunkfrom
vaindil:vaindil/rulesets

Conversation

@vaindil

@vaindil vaindil commented Jul 1, 2023

Copy link
Copy Markdown
Contributor

Repository rulesets are a new GitHub feature, essentially the evolution of branch protections. This PR adds support for them via a new command (ruleset/rs) with 3 subcommands.

  • rs list: Lists rulesets for the provided repo or org
  • rs view <id>: View info about a specific ruleset by ID, or choose interactively
  • rs check <branch>: List the rules that apply to the given branch in a repo
Sample output

List:

Showing 2 of 2 rulesets in my-org/repo-name and its parents

ID    NAME            SOURCE                   STATUS  RULES
1234  My Org Ruleset  my-org (org)             active  3
5678  Test Ruleset    my-org/repo-name (repo)  active  3

View:

Test Ruleset
ID: 5678
Source: my-org/repo-name (Repository)
Enforceument: Active

Bypass List
- OrganizationAdmin (ID: 1), mode: always
- RepositoryRole (ID: 5), mode: always

Conditions
- ref_name: [exclude: []] [include: [~ALL]] 

Rules
- commit_author_email_pattern: [name: ] [negate: false] [operator: ends_with] [pattern: @example.com] 
- commit_message_pattern: [name: ] [negate: false] [operator: contains] [pattern: asdf] 
- creation

Check:

6 rules apply to branch foo in repo my-org/repo-name

- commit_author_email_pattern: [name: ] [negate: false] [operator: ends_with] [pattern: @example.com] 
  (configured in ruleset 1234 from organization my-org)

- commit_author_email_pattern: [name: ] [negate: false] [operator: ends_with] [pattern: @example.me] 
  (configured in ruleset 5678 from repository my-org/repo-name)

- commit_message_pattern: [name: ] [negate: false] [operator: starts_with] [pattern: fff] 
  (configured in ruleset 1234 from organization my-org)

- commit_message_pattern: [name: ] [negate: false] [operator: contains] [pattern: asdf] 
  (configured in ruleset 5678 from repository my-org/repo-name)

- creation
  (configured in ruleset 5678 from repository my-org/repo-name)

- required_signatures
  (configured in ruleset 1234 from organization my-org)

Notes

  • The list subcommand and interactive mode for the view subcommand both use GraphQL, but the others use the REST API. This is because each rule type within the GraphQL response is its own type, so if everything were to use the GraphQL API, then the CLI would have to be updated each time a new rule is added to rulesets. We don't want to tie the CLI logic to the API shape like that.
    • I could standardize both on the REST API if desired, but I already had the GraphQL logic written when I figured that out so I just left it.
  • None of the commands support the --json flag for that same reason, as it seems to require using the GraphQL API and providing a list of supported fields, which would continue to tie them together. I'd love to add support if it's possible!

@vaindil vaindil force-pushed the vaindil/rulesets branch from d02bcba to dcefe34 Compare July 5, 2023 17:57
@vaindil vaindil marked this pull request as ready for review July 5, 2023 19:24
@vaindil vaindil requested a review from a team as a code owner July 5, 2023 19:24
@vaindil vaindil requested review from samcoe and removed request for a team July 5, 2023 19:24
@cliAutomation cliAutomation added the external pull request originating outside of the CLI core team label Jul 5, 2023
@cliAutomation

Copy link
Copy Markdown
Contributor

@vilmibm vilmibm left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requested some very minor changes; otherwise it's looking great. thank you for the awesome work.

Comment thread pkg/cmd/ruleset/list/list.go Outdated
Comment thread pkg/cmd/ruleset/view/view.go Outdated
Comment thread pkg/cmd/ruleset/view/view_test.go
@vilmibm

vilmibm commented Jul 5, 2023

Copy link
Copy Markdown
Contributor

the CLI would have to be updated each time a new rule is added to rulesets

This is frustrating but might be worth it in order to support --json.

Alternatively, can we support --json but just treat actual rule definitions as raw json? in other words, the only keys you can select are top level to a ruleset.

@vaindil

vaindil commented Jul 6, 2023

Copy link
Copy Markdown
Contributor Author

@vilmibm vilmibm merged commit 4ba2f2f into cli:trunk Jul 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

external pull request originating outside of the CLI core team

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants