def add(repository, provider): repo_bits = repository.split('/', 2) assert len( repo_bits ) == 3, 'repository not in valid format: {provider}/{owner}/{name}' repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(repo_bits[0]), Repository.owner_name == repo_bits[1], Repository.name == repo_bits[2], ).first() assert repo hook = Hook( repository_id=repo.id, provider=provider, ) db.session.add(hook) db.session.commit() click.echo('Hook created:') click.echo('-> id = {}'.format(str(hook.id))) click.echo('-> token = {}'.format( urlsafe_b64encode(hook.token).decode('utf-8'))) click.echo('-> provider = {}'.format(hook.provider)) click.echo('-> base_path = /hooks/{}/{}'.format(str(hook.id), hook.get_signature()))
def dispatch_request( self, provider: str, owner_name: str, repo_name: str, build_number: int, job_number: int, *args, **kwargs ) -> Response: queryset = ( Job.query.join(Build, Build.id == Job.build_id) .join(Repository, Repository.id == Build.repository_id) .filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Build.number == build_number, Job.number == job_number, ) ) if self.select_resource_for_update(): queryset = queryset.with_for_update() job = queryset.first() if not job: return self.not_found() tenant = auth.get_current_tenant() if not tenant.has_permission(job.repository_id, PERMISSION_MAP[request.method]): return self.error("permission denied", 400) return Resource.dispatch_request(self, job, *args, **kwargs)
def dispatch_request(self, provider: str, owner_name: str, repo_name: str, build_number: int, *args, **kwargs) -> Response: queryset = Build.query.join( Repository, Repository.id == Build.repository_id).filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Build.number == build_number, ) if self.select_resource_for_update(): queryset = queryset.with_for_update() else: # HACK(dcramer): we dont want to lock the repo row, so for now just deal # w/ the consequences of this queryset = queryset.options(contains_eager("repository")) build = queryset.first() if not build: return self.not_found() tenant = auth.get_current_tenant() if not tenant.has_permission(build.repository_id, PERMISSION_MAP[request.method]): return self.error("permission denied", 400) return Resource.dispatch_request(self, build, *args, **kwargs)
def sync(repository): provider, owner_name, repo_name = repository.split("/", 2) repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ).first() sync_repo(repo_id=repo.id)
def ssh_connect(args, repository): if '/' in repository: r_provider, r_owner, r_name = repository.split('/', 2) repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(r_provider), Repository.owner_name == r_owner, Repository.name == r_name, ).first() else: repo = Repository.query.unrestricted_unsafe().get(repository) if not repo: click.echo('Unable to find repository', err=True) sys.exit(1) auth.set_current_tenant(auth.Tenant(repository_ids=[repo.id])) options = dict( db.session.query(ItemOption.name, ItemOption.value).filter( ItemOption.item_id == repo.id, ItemOption.name.in_([ 'auth.private-key', 'auth.private-key-file', ]))) command = [ 'ssh', # Not supported in all ssh client versions # '-oUserAuthorizedKeysFile=/dev/null', '-oLogLevel=ERROR', '-oStrictHostKeyChecking=no', '-oUserKnownHostsFile=/dev/null', ] tmp_file = None if options.get('auth.private-key'): tmp_file = NamedTemporaryFile(delete=False) tmp_file.write(options['auth.private-key'].encode('utf-8')) tmp_file.close() command.append('-i{0}'.format(tmp_file.name)) elif options.get('auth.private-key-file'): command.append('-i{0}'.format(options['auth.private-key-file'])) command.append('--') command.extend(args) try: exit_code = subprocess.call( command, cwd=os.getcwd(), env=os.environ, stdout=sys.stdout, stderr=sys.stderr, ) finally: if tmp_file: os.unlink(tmp_file.name) sys.exit(exit_code)
def config_get(repository, option): provider, owner_name, repo_name = repository.split("/", 2) repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ).first() for key in option: result = db.session.query(ItemOption.value).filter( ItemOption.item_id == repo.id, ItemOption.name == key).first() click.echo("{} = {}".format(key, result[0] if result else "(not set)"))
def access_add(repository, email): provider, owner_name, repo_name = repository.split("/", 2) repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ).first() user = User.query.filter(User.email == email).first() assert repo assert email access = RepositoryAccess(user=user, repository=repo) db.session.add(access) db.session.commit()
def dispatch_request(self, provider, owner_name: str, repo_name: str, *args, **kwargs) -> Response: queryset = Repository.query.filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ) if self.select_resurce_for_update(): queryset = queryset.with_for_update() repo = queryset.first() if not repo: return self.not_found() return Resource.dispatch_request(self, repo, *args, **kwargs)
def add(repository, url, backend, active): raise NotImplementedError provider, owner_name, repo_name = repository.split("/", 2) repo = Repository( url=url, owner_name=slugify(owner_name), provider=RepositoryProvider(provider), name=slugify(repo_name), backend=getattr(RepositoryBackend, backend), status=RepositoryStatus.active if active else RepositoryStatus.inactive, ) db.session.add(repo) db.session.commit()
def dispatch_request(self, provider, owner_name: str, repo_name: str, revision_sha: str, *args, **kwargs) -> Response: queryset = Revision.query.join( Repository, Repository.id == Revision.repository_id).filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Revision.sha == revision_sha, ) if self.select_resurce_for_update(): queryset = queryset.with_for_update() revision = queryset.first() if not revision: return self.not_found() return Resource.dispatch_request(self, revision, *args, **kwargs)
def dispatch_request(self, provider: str, owner_name: str, repo_name: str, build_number: int, *args, **kwargs) -> Response: queryset = Build.query.options(contains_eager('repository'), ).join( Repository, Repository.id == Build.repository_id).filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Build.number == build_number, ) if self.select_resurce_for_update(): queryset = queryset.with_for_update() build = queryset.first() if not build: return self.not_found() return Resource.dispatch_request(self, build, *args, **kwargs)
def config_set(repository, option): provider, owner_name, repo_name = repository.split("/", 2) repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ).first() for key, value in [o.split("=", 1) for o in option]: create_or_update(ItemOption, where={ "item_id": repo.id, "name": key }, values={"value": value}) db.session.commit()
def RepositoryType(value): if "/" in value: provider, owner_name, repo_name = value.split("/", 2) result = ( Repository.query.unrestricted_unsafe() .filter_by( provider=RepositoryProvider(provider), owner_name=owner_name, name=repo_name, ) .first() ) else: result = Repository.query.unrestricted_unsafe().get(value) assert result return result
def dispatch_request(self, provider: str, owner_name: str, repo_name: str, build_number: int, job_number: int, *args, **kwargs) -> Response: queryset = Job.query.join(Build, Build.id == Job.build_id).join( Repository, Repository.id == Build.repository_id).filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Build.number == build_number, Job.number == job_number, ) if self.select_resurce_for_update(): queryset = queryset.with_for_update() job = queryset.first() if not job: return self.not_found() return Resource.dispatch_request(self, job, *args, **kwargs)
def config_set(repository, option): provider, owner_name, repo_name = repository.split('/', 2) repo = Repository.query.unrestricted_unsafe().filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ).first() for key, value in [o.split('=', 1) for o in option]: create_or_update(ItemOption, where={ 'item_id': repo.id, 'name': key, }, values={ 'value': value, }) db.session.commit()
def add(repository_full_name, url, backend, active): raise NotImplementedError provider, owner_name, repo_name = repository_full_name.split('/', 2) repo = Repository( url=url, owner_name=slugify(owner_name), provider=RepositoryProvider(provider), name=slugify(repo_name), backend=getattr(RepositoryBackend, backend), status=RepositoryStatus.active if active else RepositoryStatus.inactive, ) db.session.add(repo) db.session.commit() if active: # do initial import in process import_repo(repo_id=repo.id)
def dispatch_request(self, provider: str, owner_name: str, repo_name: str, build_number: int, *args, **kwargs) -> Response: queryset = Build.query.join( Repository, Repository.id == Build.repository_id).filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Build.number == build_number, ) if self.select_resurce_for_update(): queryset = queryset.with_for_update() else: # HACK(dcramer): we dont want to lock the repo row, so for now just deal # w/ the consequences of this queryset = queryset.options(contains_eager('repository'), ) build = queryset.first() if not build: return self.not_found() return Resource.dispatch_request(self, build, *args, **kwargs)
def dispatch_request(self, provider, owner_name: str, repo_name: str, revision_sha: str, *args, **kwargs) -> Response: queryset = Revision.query.join( Repository, Repository.id == Revision.repository_id).filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, Revision.sha == revision_sha, ) if self.select_resource_for_update(): queryset = queryset.with_for_update() revision = queryset.first() if not revision: return self.not_found() tenant = auth.get_current_tenant() if not tenant.has_permission(revision.repository_id, PERMISSION_MAP[request.method]): return self.error("permission denied", 400) return Resource.dispatch_request(self, revision, *args, **kwargs)
def dispatch_request(self, provider, owner_name: str, repo_name: str, *args, **kwargs) -> Response: queryset = Repository.query.filter( Repository.provider == RepositoryProvider(provider), Repository.owner_name == owner_name, Repository.name == repo_name, ) if self.select_resource_for_update(): queryset = queryset.with_for_update() repo = queryset.first() if not repo: return self.not_found() tenant = auth.get_current_tenant() required_permission = self.permission_overrides.get( request.method, PERMISSION_MAP[request.method]) if not tenant.has_permission(repo.id, required_permission): return self.error("permission denied", 400) return Resource.dispatch_request(self, repo, *args, **kwargs)