The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- func Encode(orgID, teamID int64) string
- type AppTokenSource
- type Config
- type Opt
- type OrgTokenSource
- type StaticTokenSource
- type TeamReadWriter
- func (g *TeamReadWriter) Descendants(ctx context.Context, groupID string) ([]*groupsync.User, error)
- func (g *TeamReadWriter) GetGroup(ctx context.Context, groupID string) (*groupsync.Group, error)
- func (g *TeamReadWriter) GetMembers(ctx context.Context, groupID string) ([]groupsync.Member, error)
- func (g *TeamReadWriter) GetUser(ctx context.Context, userID string) (*groupsync.User, error)
- func (g *TeamReadWriter) SetMembers(ctx context.Context, groupID string, members []groupsync.Member) error
Constants ¶
const ( IDSep = ":" // DefaultCacheDuration is the default time to live for the user and team caches. // We don't expect user info (e.g. username etc.) nor team info (team name etc.) // to change frequently so a time to live of 1 day is the default. DefaultCacheDuration = time.Hour * 24 )
const DefaultGitHubEndpointURL = "https://github.com"
const DefaultStaticTokenEnvVar = "TEAM_LINK_GITHUB_TOKEN" // #nosec G101
DefaultStaticTokenEnvVar is where we read default github token from. This is the default EnvVar we will write to, nosec here to avoid linting.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AppTokenSource ¶
type AppTokenSource struct {
// contains filtered or unexported fields
}
func NewAppTokenSource ¶
func NewAppTokenSource(keyProvider credentials.KeyProvider, appID string, appOpts ...githubauth.Option) *AppTokenSource
func (*AppTokenSource) TokenForOrg ¶
type Opt ¶
type Opt func(writer *Config)
func WithCacheDuration ¶
WithCacheDuration set the time to live for the user and team cache entries.
func WithInviteToOrgIfNotAMember ¶
func WithInviteToOrgIfNotAMember() Opt
WithInviteToOrgIfNotAMember toggles sending an invitation to the user if they are not a member of the org being synced to. If the TeamReadWriter is trying to add a user to a team, it will first check if they are a member of the org the team belongs. If the user does not belong to the org, then the TeamReadWriter will send an invitation to org instead of attempting to directly add them to the team.
When enabled, this option may result in several API calls made per user being synced, and thus consideration should be made to rate limiting effects when enabling this option.
func WithoutSubTeamsAsMembers ¶
func WithoutSubTeamsAsMembers() Opt
WithoutSubTeamsAsMembers toggles off treating subteams as members of their parent team. When this option is used TeamReadWriter.GetMembers will only return user members of the team. Similarly, TeamReadWriter.SetMembers will only consider user members when setting members.
type OrgTokenSource ¶
type StaticTokenSource ¶
type StaticTokenSource struct {
// contains filtered or unexported fields
}
StaticTokenSource implements OrgTokenSource.
func NewStaticTokenSourceFromEnvVar ¶
func NewStaticTokenSourceFromEnvVar(envVarName string) (*StaticTokenSource, error)
NewStaticTokenSourceFromEnvVar creates a StaticTokenSource using token read from EnvVar.
func (*StaticTokenSource) GetStaticToken ¶
func (s *StaticTokenSource) GetStaticToken() string
func (*StaticTokenSource) TokenForOrg ¶
type TeamReadWriter ¶
type TeamReadWriter struct {
// contains filtered or unexported fields
}
TeamReadWriter adheres to the groupsync.GroupReadWriter interface and provides mechanisms for manipulating GitHub Teams.
func NewTeamReadWriter ¶
func NewTeamReadWriter(orgTokenSource OrgTokenSource, client *github.Client, orgTeamSSORequired map[int64]map[int64]bool, opts ...Opt) *TeamReadWriter
NewTeamReadWriter creates a new TeamReadWriter. By default, TeamReadWriter considers subteams as members of their parent team and will treat them as such when executing calls to TeamReadWriter.GetMembers and TeamReadWriter.SetMembers. This behavior can be disabled by supply the WithoutSubTeamsAsMembers option, in which case only users will be considered as members of a team. By default, TeamReadWriter does not attempt to add users to an org if they are not already members. This can be enabled by WithInviteToOrgIfNotAMember option. The provided orgTeamSSORequired will be used to verify if a team requires user to have sso enabled to sync memberships. If orgTeamSSORequired[org][team] is not found, we will default the value to false.
func NewTeamReadWriterWithStaticTokenSource ¶
func NewTeamReadWriterWithStaticTokenSource(ctx context.Context, s *StaticTokenSource, endpoint string, orgTeamSSORequired map[int64]map[int64]bool) (*TeamReadWriter, error)
NewTeamReadWriterWithStaticTokenSource creates a team readwriter using provided endpoint and static token source.
func (*TeamReadWriter) Descendants ¶
func (g *TeamReadWriter) Descendants(ctx context.Context, groupID string) ([]*groupsync.User, error)
Descendants retrieve all users (children, recursively) of the GitHub team with the given ID. The ID must be of the form 'orgID:teamID'.
func (*TeamReadWriter) GetGroup ¶
GetGroup retrieves the GitHub team with the given ID. The ID must be of the form 'orgID:teamID'.
func (*TeamReadWriter) GetMembers ¶
func (g *TeamReadWriter) GetMembers(ctx context.Context, groupID string) ([]groupsync.Member, error)
GetMembers retrieves the direct members (children) of the GitHub team with given ID. The ID must be of the form 'orgID:teamID'.
func (*TeamReadWriter) GetUser ¶
GetUser retrieves the GitHub user with the given ID. The ID is the GitHub user's login.
func (*TeamReadWriter) SetMembers ¶
func (g *TeamReadWriter) SetMembers(ctx context.Context, groupID string, members []groupsync.Member) error
SetMembers replaces the members of the GitHub team with the given ID with the given members. The ID must be of the form 'orgID:teamID'. Any members of the GitHub team not found in the given members list will be removed. Likewise, any members of the given list that are not currently members of the team will be added.
Source Files