gitproviders

package
v1.23.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 27, 2025 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// MainBranch is static as behavior when switching branches is never under
	// test.
	MainBranch = "main"

	// GitKeepFileName is a conventional name for an empty file you add to
	// directories in git when you want to make sure the directory is retained even
	// when all the other files are deleted.
	// Without this file, the directory may remain locally, but won't exist in git.
	GitKeepFileName = ".gitkeep"

	// DefaultSyncDir is created in new repositories by default.
	DefaultSyncDir = "acme"
)
View Source 
const (
	// GitUser is the user for all Git providers.
	GitUser = "config-sync-ci-bot"
)
View Source 
const (

	// PrivateSSHKey is secret name of the private SSH key stored in the Cloud Secret Manager.
	PrivateSSHKey = "config-sync-ci-ssh-private-key"
)

Variables

This section is empty.

Functions

func CSRReaderEmail 

func CSRReaderEmail() string

CSRReaderEmail returns the email of the google service account with permission to read from Cloud Source Registry.

func FetchCloudSecret 

func FetchCloudSecret(name string) (string, error)

FetchCloudSecret fetches secret from Google Cloud Secret Manager.

func GetProjectID 

func GetProjectID(g *GitlabClient, name string) (string, error)

GetProjectID is a helper function for DeleteRepositories since Gitlab API only deletes by id

func IsGoogleGitProvider 

func IsGoogleGitProvider(provider GitProvider) bool

IsGoogleGitProvider returns true if the GitProvider is a Google-hosted Git service.

func SSMServiceAccountEmail 

func SSMServiceAccountEmail() string

SSMServiceAccountEmail returns the email of the google service account with permission to read from Secure Source Manager.

Types

type BitbucketClient 

type BitbucketClient struct {
	// contains filtered or unexported fields
}

BitbucketClient is the client that calls the Bitbucket REST APIs.

func (*BitbucketClient) CreateRepository 

func (b *BitbucketClient) CreateRepository(localName string) (string, error)

CreateRepository calls the POST API to create a remote repository on Bitbucket. The remote repo name is unique with a prefix of the local name.

func (*BitbucketClient) DeleteObsoleteRepos 

func (b *BitbucketClient) DeleteObsoleteRepos() error

DeleteObsoleteRepos deletes all repos that were created more than 24 hours ago.

func (*BitbucketClient) DeleteRepositories 

func (b *BitbucketClient) DeleteRepositories(names ...string) error

DeleteRepositories calls the DELETE API to delete all remote repositories on Bitbucket. It deletes multiple repos in a single function in order to reuse the access_token.

func (*BitbucketClient) RemoteURL 

func (b *BitbucketClient) RemoteURL(name string) (string, error)

RemoteURL returns the Git URL for the Bitbucket repository. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.

func (*BitbucketClient) SyncURL 

func (b *BitbucketClient) SyncURL(name string) string

SyncURL returns a URL for Config Sync to sync from. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync. The Bitbucket Rest API doesn't allow slash in the repository name, so slash has to be replaced with dash in the name.

func (*BitbucketClient) Type 

func (b *BitbucketClient) Type() string

Type returns the provider type.

type CSRClient 

type CSRClient struct {
	// contains filtered or unexported fields
}

CSRClient is the client that interacts with Google Cloud Source Repository.

func (*CSRClient) CreateRepository 

func (c *CSRClient) CreateRepository(name string) (string, error)

CreateRepository calls the gcloud SDK to create a remote repository on CSR. It returns the full name with a prefix.

func (*CSRClient) DeleteObsoleteRepos 

func (c *CSRClient) DeleteObsoleteRepos() error

DeleteObsoleteRepos is a no-op because CSR repo names are determined by the test cluster name and RSync namespace and name, so it can be reused if it failed to be deleted after the test.

func (*CSRClient) DeleteRepositories 

func (c *CSRClient) DeleteRepositories(names ...string) error

DeleteRepositories calls the gcloud SDK to delete the provided repositories from CSR.

func (*CSRClient) RemoteURL 

func (c *CSRClient) RemoteURL(name string) (string, error)

RemoteURL returns the Git URL for the CSR repository. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.

func (*CSRClient) SyncURL 

func (c *CSRClient) SyncURL(name string) string

SyncURL returns a URL for Config Sync to sync from.

func (*CSRClient) Type 

func (c *CSRClient) Type() string

Type returns the provider type.

type GitProvider 

type GitProvider interface {
	Type() string

	// RemoteURL returns remote URL of the repository.
	// It is used to set the url for the remote origin using `git remote add origin <REMOTE_URL>.
	// For the testing git-server, RemoteURL uses localhost and forwarded port, while SyncURL uses the DNS.
	// For other git providers, RemoteURL should be the same as SyncURL.
	// name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.
	RemoteURL(name string) (string, error)

	// SyncURL returns the git repository URL for Config Sync to sync from.
	// name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.
	SyncURL(name string) string
	CreateRepository(name string) (string, error)
	DeleteRepositories(names ...string) error
	DeleteObsoleteRepos() error
}

GitProvider is an interface for the remote Git providers.

func NewGitProvider 

func NewGitProvider(t testing.NTB, provider, clusterName string, logger *testlogger.TestLogger, shell *testshell.TestShell) GitProvider

NewGitProvider creates a GitProvider for the specific provider type.

type GithubAppConfiguration 

type GithubAppConfiguration struct {
	// contains filtered or unexported fields
}

GithubAppConfiguration is the internal representation of the githubapp configuration. The fields are private to constrain usage of sensitive values.

func FetchGithubAppConfiguration 

func FetchGithubAppConfiguration() (*GithubAppConfiguration, error)

FetchGithubAppConfiguration fetches the githubapp configuration and returns the internal representation. Uses a local file path if provided, otherwise defaults to fetching from Secret Manager.

func (*GithubAppConfiguration) Repo 

func (g *GithubAppConfiguration) Repo() string

Repo returns the repository URL for the githubapp configuration

func (*GithubAppConfiguration) SecretWithApplicationID 

func (g *GithubAppConfiguration) SecretWithApplicationID(nn types.NamespacedName) (*corev1.Secret, error)

SecretWithApplicationID returns the githubapp auth Secret using app ID

func (*GithubAppConfiguration) SecretWithClientID 

func (g *GithubAppConfiguration) SecretWithClientID(nn types.NamespacedName) (*corev1.Secret, error)

SecretWithClientID returns the githubapp auth Secret using client ID

type GitlabClient 

type GitlabClient struct {
	// contains filtered or unexported fields
}

GitlabClient is the client that will call Gitlab REST APIs.

func (*GitlabClient) CreateRepository 

func (g *GitlabClient) CreateRepository(name string) (string, error)

CreateRepository calls the POST API to create a project/repository on Gitlab. The remote repo name is unique with a prefix of the local name.

func (*GitlabClient) DeleteObsoleteRepos 

func (g *GitlabClient) DeleteObsoleteRepos() error

DeleteObsoleteRepos deletes all projects that has been inactive more than 24 hours

func (*GitlabClient) DeleteRepoByID 

func (g *GitlabClient) DeleteRepoByID(ids ...string) error

DeleteRepoByID calls the DELETE API to delete the list of project id in Gitlab.

func (*GitlabClient) DeleteRepositories 

func (g *GitlabClient) DeleteRepositories(names ...string) error

DeleteRepositories calls the DELETE API to delete the list of project name in Gitlab.

func (*GitlabClient) GetObsoleteRepos 

func (g *GitlabClient) GetObsoleteRepos() ([]string, error)

GetObsoleteRepos is a helper function to get all project ids that has been inactive more than 24 hours

func (*GitlabClient) RemoteURL 

func (g *GitlabClient) RemoteURL(name string) (string, error)

RemoteURL returns the Git URL for the Gitlab project repository.

func (*GitlabClient) SyncURL 

func (g *GitlabClient) SyncURL(name string) string

SyncURL returns a URL for Config Sync to sync from.

func (*GitlabClient) Type 

func (g *GitlabClient) Type() string

Type returns the git provider type

type LocalProvider 

type LocalProvider struct {
	// PortForwarder is a port forwarder to the in-cluster git server.
	// This is used to communicate from the tests to the in-cluster git server.
	PortForwarder *portforwarder.PortForwarder
}

LocalProvider refers to the test git-server running on the same test cluster.

func (*LocalProvider) CreateRepository 

func (l *LocalProvider) CreateRepository(name string) (string, error)

CreateRepository returns the local name as the remote repo name. It is a no-op for the test git-server because all repos are initialized at once in git-server.go.

func (*LocalProvider) DeleteObsoleteRepos 

func (l *LocalProvider) DeleteObsoleteRepos() error

DeleteObsoleteRepos is a no-op for the test git-server because the git-server will be deleted after the test.

func (*LocalProvider) DeleteRepositories 

func (l *LocalProvider) DeleteRepositories(...string) error

DeleteRepositories is a no-op for the test git-server because the git-server will be deleted after the test.

func (*LocalProvider) RemoteURL 

func (l *LocalProvider) RemoteURL(name string) (string, error)

RemoteURL returns the Git URL for connecting to the test git-server. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.

func (*LocalProvider) RemoteURLWithPort 

func (l *LocalProvider) RemoteURLWithPort(localPort int, name string) (string, error)

RemoteURLWithPort returns the Git URL for connecting to the test git-server. localPort refers to the local port the PortForwarder is listening on. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.

func (*LocalProvider) SyncURL 

func (l *LocalProvider) SyncURL(name string) string

SyncURL returns a URL for Config Sync to sync from. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.

func (*LocalProvider) Type 

func (l *LocalProvider) Type() string

Type returns the provider type.

type RawGithubAppConfiguration 

type RawGithubAppConfiguration struct {
	AppID          string `json:"appID"`
	InstallationID string `json:"installationID"`
	ClientID       string `json:"clientID"`
	PrivateKey     string `json:"privateKey"`
	TestingRepo    string `json:"testingRepo"`
}

RawGithubAppConfiguration represents the JSON format for the githubapp configuration stored in Secret Manager.

type ReadOnlyRepository 

type ReadOnlyRepository struct {
	// URL is the URL to the Git repository to fetch & sync.
	URL string
}

ReadOnlyRepository is a remote Git repository to fetch & sync.

func (ReadOnlyRepository) SyncURL 

func (r ReadOnlyRepository) SyncURL() string

SyncURL returns the git repository URL for Config Sync to sync from.

type ReadWriteRepository 

type ReadWriteRepository struct {
	// Name of the repository.
	// <NAMESPACE>/<NAME> of the RootSync|RepoSync.
	Name string
	// Root is the location on the machine running the test at which the local
	// repository is stored.
	Root string
	// Format is the source format for parsing the repository (hierarchy or
	// unstructured).
	Format configsync.SourceFormat
	// PrivateKeyPath is the local path to the private key on disk to use to
	// authenticate with the git server.
	PrivateKeyPath string
	// SyncKind refers to the kind of the RSync using the repository: RootSync or RepoSync.
	SyncKind string
	// SafetyNSPath is the path to the safety namespace yaml file.
	SafetyNSPath string
	// SafetyNSName is the name of the safety namespace.
	SafetyNSName string
	// SafetyClusterRolePath is the path to the safety namespace yaml file.
	SafetyClusterRolePath string
	// SafetyClusterRoleName is the name of the safety namespace.
	SafetyClusterRoleName string
	// RemoteRepoName is the name of the remote repository.
	// It is the same as Name for the testing git-server.
	// For other git providers, it appends a UUID to Name for uniqueness.
	RemoteRepoName string
	// GitProvider is the provider that hosts the Git repositories.
	GitProvider GitProvider
	// Scheme used for encoding and decoding objects.
	Scheme *runtime.Scheme
	// Logger for methods to use.
	Logger *testlogger.TestLogger
	// contains filtered or unexported fields
}

ReadWriteRepository is a local clone of a remote git repository, that you have permission to manage.

We shell out for git commands as the git libraries are difficult to configure ssh for, and git-server requires ssh authentication.

func NewRepository 

func NewRepository(
	syncKind string,
	syncNN types.NamespacedName,
	sourceFormat configsync.SourceFormat,
	scheme *runtime.Scheme,
	logger *testlogger.TestLogger,
	provider GitProvider,
	tmpDir string,
	privateKeyPath string,
	defaultWaitTimeout time.Duration,
) *ReadWriteRepository

NewRepository creates a remote repo on the git provider. Locally, it writes the repository to `tmpdir`/repos/`name`. Name is the <NAMESPACE>/<NAME> of the RootSync|RepoSync.

func (*ReadWriteRepository) Add 

func (g *ReadWriteRepository) Add(path string, obj client.Object) error

Add writes a YAML or JSON representation of obj to `path` in the git repository, and `git add`s the file. Does not commit/push.

Overwrites the file if it already exists. Automatically writes YAML or JSON based on the path's extension.

Don't put multiple manifests in the same file unless parsing multi-manifest files is the behavior under test. In that case, use AddFile.

func (*ReadWriteRepository) AddEmptyDir 

func (g *ReadWriteRepository) AddEmptyDir(path string) error

AddEmptyDir creates an empty dir containing an empty .gitkeep file, so the empty dir will be retained in git.

Use this when creating empty sync directories, otherwise Config Sync will error that the directory doesn't exist.

func (*ReadWriteRepository) AddFile 

func (g *ReadWriteRepository) AddFile(path string, bytes []byte) error

AddFile writes `bytes` to `file` in the git repository. This function should only be directly used for testing the literal YAML/JSON parsing logic.

Path is relative to the Git repository root. Overwrites `file` if it already exists. Does not commit/push.

func (*ReadWriteRepository) AddRepoObject 

func (g *ReadWriteRepository) AddRepoObject(syncDir string) error

AddRepoObject adds a system.repo.yaml under the specified directory path. Use this for structured repositories.

func (*ReadWriteRepository) AddSafetyClusterRole 

func (g *ReadWriteRepository) AddSafetyClusterRole() error

AddSafetyClusterRole adds a ClusterRole to prevent the mono-repo safety check (KNV2006) from preventing deletion of other objects.

func (*ReadWriteRepository) AddSafetyNamespace 

func (g *ReadWriteRepository) AddSafetyNamespace() error

AddSafetyNamespace adds a Namespace to prevent the mono-repo safety check (KNV2006) from preventing deletion of other objects.

func (*ReadWriteRepository) BulkGit 

func (g *ReadWriteRepository) BulkGit(cmds ...[]string) error

BulkGit executes a list of git commands sequentially. If any command errors, execution is halted and the error is logged and returned.

func (*ReadWriteRepository) CheckoutBranch 

func (g *ReadWriteRepository) CheckoutBranch(branch string) error

CheckoutBranch checkouts a branch.

func (*ReadWriteRepository) CommitAndPush 

func (g *ReadWriteRepository) CommitAndPush(msg string) error

CommitAndPush commits any changes to the git repository, and pushes them to the git server. We don't care about differentiating between committing and pushing for tests.

func (*ReadWriteRepository) CommitAndPushBranch 

func (g *ReadWriteRepository) CommitAndPushBranch(msg, branch string) error

CommitAndPushBranch commits any changes to the git branch, and pushes them to the git server.

func (*ReadWriteRepository) Copy 

func (g *ReadWriteRepository) Copy(sourceDir, destDir string) error

Copy copies the file or directory from source to destination. Overwrites the file if it already exists. Does not commit/push.

func (*ReadWriteRepository) Create 

func (g *ReadWriteRepository) Create() error

Create the remote repository using the GitProvider, and create the local repository with an initial commit.

func (*ReadWriteRepository) CreateBranch 

func (g *ReadWriteRepository) CreateBranch(branch string) error

CreateBranch creates and checkouts a new branch at once.

func (*ReadWriteRepository) CurrentBranch 

func (g *ReadWriteRepository) CurrentBranch() (string, error)

CurrentBranch returns the name of the current branch. Note: this will not work if not checked out to a branch (e.g. detached HEAD).

func (*ReadWriteRepository) Exists 

func (g *ReadWriteRepository) Exists(path string) (bool, error)

Exists returns true if the file or directory exists at the specified path.

func (*ReadWriteRepository) Get 

func (g *ReadWriteRepository) Get(path string) (client.Object, error)

Get reads, parses, and returns the specified file as an object.

File must have one of these suffixes: .yaml, .yml, .json This is meant to read files written with Add. So it only reads one object per file. If you need to parse multiple objects from one file, use GetFile.

func (*ReadWriteRepository) GetAll 

func (g *ReadWriteRepository) GetAll(dirPath string, recursive bool) ([]client.Object, error)

GetAll reads, parses, and returns all the files in a specified directory as objects.

func (*ReadWriteRepository) GetFile 

func (g *ReadWriteRepository) GetFile(path string) ([]byte, error)

GetFile reads and returns the specified file.

func (*ReadWriteRepository) Git 

func (g *ReadWriteRepository) Git(command ...string) ([]byte, error)

Git executes the command from the repo root. The command is always logged to the debug log. If the command errors, the command and output is logged.

func (*ReadWriteRepository) Hash 

func (g *ReadWriteRepository) Hash() (string, error)

Hash returns the current hash of the git repository.

Immediately ends the test on error.

func (*ReadWriteRepository) Init 

func (g *ReadWriteRepository) Init() error

Init initializes this git repository and configures it to talk to the cluster under test.

func (*ReadWriteRepository) InitialCommit 

func (g *ReadWriteRepository) InitialCommit(sourceFormat configsync.SourceFormat) error

InitialCommit initializes the Nomos repo with the Repo object.

func (*ReadWriteRepository) MustGet 

func (g *ReadWriteRepository) MustGet(t testing.NTB, path string) client.Object

MustGet calls Get and fails the test on error, logging the result.

func (*ReadWriteRepository) MustGetAll 

func (g *ReadWriteRepository) MustGetAll(t testing.NTB, dirPath string, recursive bool) []client.Object

MustGetAll calls GetAll and fails the test on error, logging the result.

func (*ReadWriteRepository) MustGetFile 

func (g *ReadWriteRepository) MustGetFile(t testing.NTB, path string) []byte

MustGetFile calls GetFile and fails the test on error, logging the result.

func (*ReadWriteRepository) MustHash 

func (g *ReadWriteRepository) MustHash(t testing.NTB) string

MustHash calls Hash and fails the test on error, logging the result.

func (*ReadWriteRepository) Push 

func (g *ReadWriteRepository) Push(args ...string) error

Push pushes the provided refspec to the git server. Performs a retry using RemoteURL, which may change if the port forwarding restarts.

func (*ReadWriteRepository) PushAllBranches 

func (g *ReadWriteRepository) PushAllBranches(remoteURL string) error

PushAllBranches push all local branches to the git server. This is currently intended to only be called from the OnReadyCallback for the in-cluster git server. Accepts a remoteURL to avoid calls to LocalPort, as this would lead to a deadlock

func (*ReadWriteRepository) Remove 

func (g *ReadWriteRepository) Remove(path string) error

Remove deletes `file` from the git repository. If `file` is a directory, deletes the directory. Returns error if the file does not exist. Does not commit/push.

func (*ReadWriteRepository) RemoveAll 

func (g *ReadWriteRepository) RemoveAll() error

RemoveAll removes all files in the repository.

func (*ReadWriteRepository) RemoveSafetyClusterRole 

func (g *ReadWriteRepository) RemoveSafetyClusterRole() error

RemoveSafetyClusterRole removes the safety ClusterRole.

func (*ReadWriteRepository) RemoveSafetyNamespace 

func (g *ReadWriteRepository) RemoveSafetyNamespace() error

RemoveSafetyNamespace removes the safety Namespace.

func (*ReadWriteRepository) RenameBranch 

func (g *ReadWriteRepository) RenameBranch(currentBranch, newBranch string) error

RenameBranch renames the current branch with a new one both locally and remotely. The old branch will be deleted from remote.

func (*ReadWriteRepository) SyncURL 

func (g *ReadWriteRepository) SyncURL() string

SyncURL returns the git repository URL for Config Sync to sync from.

type Repository 

type Repository interface {
	// SyncURL returns the git repository URL for Config Sync to sync from.
	SyncURL() string
}

Repository is a simple interface shared by both read-only and read-write Git repositories.

type SSMClient 

type SSMClient struct {
	// contains filtered or unexported fields
}

SSMClient is the client that interacts with Google Secure Source Manager.

func (*SSMClient) CreateRepository 

func (c *SSMClient) CreateRepository(name string) (string, error)

CreateRepository calls the gcloud SDK to create a remote repository on SSM. It returns the full name with a prefix.

func (*SSMClient) DeleteObsoleteRepos 

func (c *SSMClient) DeleteObsoleteRepos() error

DeleteObsoleteRepos is a no-op because SSM repo names are determined by the test cluster name and RSync namespace and name, so it can be reused if it failed to be deleted after the test.

func (*SSMClient) DeleteRepositories 

func (c *SSMClient) DeleteRepositories(names ...string) error

DeleteRepositories calls the gcloud SDK to delete the provided repositories from SSM.

func (*SSMClient) RemoteURL 

func (c *SSMClient) RemoteURL(name string) (string, error)

RemoteURL returns the Git URL for the SSM repository. name refers to the repo name in the format of <NAMESPACE>/<NAME> of RootSync|RepoSync.

func (*SSMClient) SyncURL 

func (c *SSMClient) SyncURL(name string) string

SyncURL returns a URL for Config Sync to sync from.

func (*SSMClient) Type 

func (c *SSMClient) Type() string

Type returns the provider type.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.