All files / plugins protected-branches.js

37.79% Statements 48/127
100% Branches 1/1
0% Functions 0/3
37.79% Lines 48/127

Press n or j to go to the next uncovered block, b, p or k for the previous block. 



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
1281x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
 
 
 
 
 
1x
1x
1x
1x
1x
1x
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1x
1x
1x
1x
1x
1x
1x
1x
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1x
1x
 
//@ts-check
import { every, findIndex, first, forEach, get, isEmpty, map, size,
  transform,
  upperFirst } from 'lodash-es';
import async from 'async';
import path from 'node:path';
import * as utils from '../src/utils.js';
import { AccessLevel } from '../src/Consts.js';
import { fileURLToPath } from 'node:url';
import { camelizeKeys } from 'xcase';
 
const service = path.basename(fileURLToPath(import.meta.url));
 
/**
 * @typedef {{
 *   name: string
 *   push_access_level?: GitConfig.$ProtectedBranchAccessLevel,
 *   merge_access_level?: GitConfig.$ProtectedBranchAccessLevel,
 *   code_owner_approval_required?: boolean
 * }} BranchConfig
 *
 * @typedef {{
 *   new: BranchConfig[],
 *   old: string[],
 *   update: BranchConfig[]
 * }} TagsMod
 */
 
/**
 * @param  {GitConfig.$AccessLevelSchema[]|undefined} project
 * @param  {GitConfig.$ProtectedBranchAccessLevel|undefined} level
 */
function checkLevels(project, level) {
  const levels = map(project, 'access_level');
  return (size(levels) <= 1) && first(levels) === level &&
    every(project, (p) => (p.user_id === null && p.group_id === null));
}
 
/**
 * @param  {GitConfig.$ProtectedBranchSchema[]} projectConf
 * @param  {Plugins.ProtectedBranchConfig[]} pluginConf
 * @return {Promise<TagsMod>}rs
 */
async function diffBranches(projectConf, pluginConf) {
  /** @type {TagsMod} */
  const ret = { new: [], old: [], update: [] };
  const conf = transform(pluginConf, (ret, c) => {
    ret.push({
      name: c.name,
      push_access_level: utils.getAccessLevel(c.push_access_level ?? /** @type {GitConfig.$ProtectedBranchAccessLevel} */ (AccessLevel.maintainer)),
      merge_access_level: utils.getAccessLevel(c.merge_access_level ?? /** @type {GitConfig.$ProtectedBranchAccessLevel} */ (AccessLevel.maintainer)),
      code_owner_approval_required: Boolean(c.code_owner_approval_required)
    });
  }, /** @type {BranchConfig[]} */ ([]));

  forEach(projectConf, (p) => {
    const idx = findIndex(conf, { name: p.name });
    if (idx >= 0) {
      const c = conf[idx];
      if (!checkLevels(p.push_access_levels, c.push_access_level) ||
          !checkLevels(p.merge_access_levels, c.merge_access_level) ||
          p.code_owner_approval_required !== c.code_owner_approval_required) {
        ret.update.push(c);
      }
      conf.splice(idx, 1);
    }
    else {
      ret.old.push(p.name);
    }
  });
  ret.new = conf;
  return ret;
}
 
/**
 * @param {GitConfig.Env} env
 * @param {GitConfig.$ProjectSchema} project
 * @param {GitConfig.Settings} settings
 * @details does not support user_id/group_id parameters (will remove it)
 */
export async function update(env, project, settings) {
  if (utils.isIgnored(env, project, settings, upperFirst(service))) {
    return;
  }

  env.spin.start(`Fetching ${service} configuration: ${project.name}`);
  var branches = /** @type {GitConfig.$ProtectedBranchSchema[]} */ (
    await env.gitlab.ProtectedBranches.all(project.id, {}));

  var mods = await diffBranches(branches, get(settings, 'config.branches'));

  env.spin.debug(`${upperFirst(service)} modifications: %o`, mods);
  if (env.opts.dryRun) {
    if (!isEmpty(mods.new)) {
      env.spin.warn(`${upperFirst(service)} addition required: ${project.name}`);
    }
    if (!isEmpty(mods.update)) {
      env.spin.warn(`${upperFirst(service)} update required: ${project.name}`);
    }
    if (!isEmpty(mods.old)) {
      env.spin.warn(`${upperFirst(service)} removal required: ${project.name}`);
    }
  }
  else {
    var updated = false;
    await async.eachSeries(mods.old, async function(name) {
      await env.gitlab.ProtectedBranches.unprotect(project.id, name);
      updated = true;
    });
    await async.eachSeries(mods.new, async function(s) {
      await env.gitlab.ProtectedBranches.protect(project.id, s.name,
        camelizeKeys(s));
      updated = true;
    });
    await async.eachSeries(mods.update, async function(s) {
      await env.gitlab.ProtectedBranches.unprotect(project.id, s.name);
      await env.gitlab.ProtectedBranches.protect(project.id, s.name,
        camelizeKeys(s));
      updated = true;
    });
    if (updated) {
      env.spin.succeed(`${upperFirst(service)} updated: ${project.name}`);
    }
  }
}
 
export default update;
 
Code coverage generated by istanbul at 2025-07-13T00:54:10.629Z