job_token_scope.go

Documentation: github.com/xanzy/go-gitlab

     1  // Copyright 2021, Sander van Harmelen
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //	http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  package gitlab
    15  
    16  import (
    17  	"fmt"
    18  	"net/http"
    19  )
    20  
    21  // JobTokenScopeService handles communication with project CI settings
    22  // such as token permissions.
    23  //
    24  // GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
    25  type JobTokenScopeService struct {
    26  	client *Client
    27  }
    28  
    29  // JobTokenAccessSettings represents job token access attributes for this project.
    30  //
    31  // GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
    32  type JobTokenAccessSettings struct {
    33  	InboundEnabled  bool `json:"inbound_enabled"`
    34  	OutboundEnabled bool `json:"outbound_enabled"`
    35  }
    36  
    37  // GetProjectJobTokenAccessSettings fetch the CI/CD job token access settings (job token scope) of a project.
    38  //
    39  // GitLab API docs:
    40  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-access-settings
    41  func (j *JobTokenScopeService) GetProjectJobTokenAccessSettings(pid interface{}, options ...RequestOptionFunc) (*JobTokenAccessSettings, *Response, error) {
    42  	project, err := parseID(pid)
    43  	if err != nil {
    44  		return nil, nil, err
    45  	}
    46  	u := fmt.Sprintf(`projects/%s/job_token_scope`, PathEscape(project))
    47  
    48  	req, err := j.client.NewRequest(http.MethodGet, u, nil, options)
    49  	if err != nil {
    50  		return nil, nil, err
    51  	}
    52  
    53  	jt := new(JobTokenAccessSettings)
    54  	resp, err := j.client.Do(req, jt)
    55  	if err != nil {
    56  		return nil, resp, err
    57  	}
    58  
    59  	return jt, resp, err
    60  }
    61  
    62  // PatchProjectJobTokenAccessSettingsOptions represents the available
    63  // PatchProjectJobTokenAccessSettings() options.
    64  //
    65  // GitLab API docs:
    66  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#patch-a-projects-cicd-job-token-access-settings
    67  type PatchProjectJobTokenAccessSettingsOptions struct {
    68  	Enabled bool `json:"enabled"`
    69  }
    70  
    71  // PatchProjectJobTokenAccessSettings patch the Limit access to this project setting (job token scope) of a project.
    72  //
    73  // GitLab API docs:
    74  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#patch-a-projects-cicd-job-token-access-settings
    75  func (j *JobTokenScopeService) PatchProjectJobTokenAccessSettings(pid interface{}, opt *PatchProjectJobTokenAccessSettingsOptions, options ...RequestOptionFunc) (*Response, error) {
    76  	project, err := parseID(pid)
    77  	if err != nil {
    78  		return nil, err
    79  	}
    80  	u := fmt.Sprintf(`projects/%s/job_token_scope`, PathEscape(project))
    81  
    82  	req, err := j.client.NewRequest(http.MethodPatch, u, opt, options)
    83  	if err != nil {
    84  		return nil, err
    85  	}
    86  
    87  	return j.client.Do(req, nil)
    88  }
    89  
    90  // JobTokenInboundAllowItem represents a single job token inbound allowlist item.
    91  //
    92  // GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
    93  type JobTokenInboundAllowItem struct {
    94  	SourceProjectID int `json:"source_project_id"`
    95  	TargetProjectID int `json:"target_project_id"`
    96  }
    97  
    98  // GetJobTokenInboundAllowListOptions represents the available
    99  // GetJobTokenInboundAllowList() options.
   100  //
   101  // GitLab API docs:
   102  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-inbound-allowlist
   103  type GetJobTokenInboundAllowListOptions struct {
   104  	ListOptions
   105  }
   106  
   107  // GetProjectJobTokenInboundAllowList fetches the CI/CD job token inbound
   108  // allowlist (job token scope) of a project.
   109  //
   110  // GitLab API docs:
   111  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-inbound-allowlist
   112  func (j *JobTokenScopeService) GetProjectJobTokenInboundAllowList(pid interface{}, opt *GetJobTokenInboundAllowListOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
   113  	project, err := parseID(pid)
   114  	if err != nil {
   115  		return nil, nil, err
   116  	}
   117  	u := fmt.Sprintf(`projects/%s/job_token_scope/allowlist`, PathEscape(project))
   118  
   119  	req, err := j.client.NewRequest(http.MethodGet, u, opt, options)
   120  	if err != nil {
   121  		return nil, nil, err
   122  	}
   123  
   124  	var ps []*Project
   125  	resp, err := j.client.Do(req, &ps)
   126  	if err != nil {
   127  		return nil, resp, err
   128  	}
   129  
   130  	return ps, resp, nil
   131  }
   132  
   133  // AddProjectToJobScopeAllowListOptions represents the available
   134  // AddProjectToJobScopeAllowList() options.
   135  //
   136  // GitLab API docs:
   137  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#create-a-new-project-to-a-projects-cicd-job-token-inbound-allowlist
   138  type JobTokenInboundAllowOptions struct {
   139  	TargetProjectID *int `url:"target_project_id,omitempty" json:"target_project_id,omitempty"`
   140  }
   141  
   142  // AddProjectToJobScopeAllowList adds a new project to a project's job token
   143  // inbound allow list.
   144  //
   145  // GitLab API docs:
   146  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#create-a-new-project-to-a-projects-cicd-job-token-inbound-allowlist
   147  func (j *JobTokenScopeService) AddProjectToJobScopeAllowList(pid interface{}, opt *JobTokenInboundAllowOptions, options ...RequestOptionFunc) (*JobTokenInboundAllowItem, *Response, error) {
   148  	project, err := parseID(pid)
   149  	if err != nil {
   150  		return nil, nil, err
   151  	}
   152  	u := fmt.Sprintf(`projects/%s/job_token_scope/allowlist`, PathEscape(project))
   153  
   154  	req, err := j.client.NewRequest(http.MethodPost, u, opt, options)
   155  	if err != nil {
   156  		return nil, nil, err
   157  	}
   158  
   159  	jt := new(JobTokenInboundAllowItem)
   160  	resp, err := j.client.Do(req, jt)
   161  	if err != nil {
   162  		return nil, resp, err
   163  	}
   164  
   165  	return jt, resp, nil
   166  }
   167  
   168  // RemoveProjectFromJobScopeAllowList removes a project from a project's job
   169  // token inbound allow list.
   170  //
   171  // GitLab API docs:
   172  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#remove-a-project-from-a-projects-cicd-job-token-inbound-allowlist
   173  func (j *JobTokenScopeService) RemoveProjectFromJobScopeAllowList(pid interface{}, targetProject int, options ...RequestOptionFunc) (*Response, error) {
   174  	project, err := parseID(pid)
   175  	if err != nil {
   176  		return nil, err
   177  	}
   178  	u := fmt.Sprintf(`projects/%s/job_token_scope/allowlist/%d`, PathEscape(project), targetProject)
   179  
   180  	req, err := j.client.NewRequest(http.MethodDelete, u, nil, options)
   181  	if err != nil {
   182  		return nil, err
   183  	}
   184  
   185  	return j.client.Do(req, nil)
   186  }
   187  
   188  // JobTokenAllowlistItem represents a single job token allowlist item.
   189  //
   190  // GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
   191  type JobTokenAllowlistItem struct {
   192  	SourceProjectID int `json:"source_project_id"`
   193  	TargetGroupID   int `json:"target_group_id"`
   194  }
   195  
   196  // GetJobTokenAllowlistGroupsOptions represents the available
   197  // GetJobTokenAllowlistGroups() options.
   198  //
   199  // GitLab API docs:
   200  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-allowlist-of-groups
   201  type GetJobTokenAllowlistGroupsOptions struct {
   202  	ListOptions
   203  }
   204  
   205  // GetJobTokenAllowListGroups fetches the CI/CD job token allowlist groups
   206  // (job token scopes) of a project.
   207  //
   208  // GitLab API docs:
   209  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-allowlist-of-groups
   210  func (j *JobTokenScopeService) GetJobTokenAllowlistGroups(pid interface{}, opt *GetJobTokenAllowlistGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
   211  	project, err := parseID(pid)
   212  	if err != nil {
   213  		return nil, nil, err
   214  	}
   215  	u := fmt.Sprintf(`projects/%s/job_token_scope/groups_allowlist`, PathEscape(project))
   216  
   217  	req, err := j.client.NewRequest(http.MethodGet, u, opt, options)
   218  	if err != nil {
   219  		return nil, nil, err
   220  	}
   221  
   222  	var ps []*Group
   223  	resp, err := j.client.Do(req, &ps)
   224  	if err != nil {
   225  		return nil, resp, err
   226  	}
   227  
   228  	return ps, resp, nil
   229  }
   230  
   231  // AddGroupToJobTokenAllowlistOptions represents the available
   232  // AddGroupToJobTokenAllowlist() options.
   233  //
   234  // GitLab API docs:
   235  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#add-a-group-to-a-cicd-job-token-allowlist
   236  type AddGroupToJobTokenAllowlistOptions struct {
   237  	TargetGroupID *int `url:"target_group_id,omitempty" json:"target_group_id,omitempty"`
   238  }
   239  
   240  // AddProjectToJobScopeGroupsAllowList adds a new group to a project's job token
   241  // inbound groups allow list.
   242  //
   243  // GitLab API docs:
   244  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#add-a-group-to-a-cicd-job-token-allowlist
   245  func (j *JobTokenScopeService) AddGroupToJobTokenAllowlist(pid interface{}, opt *AddGroupToJobTokenAllowlistOptions, options ...RequestOptionFunc) (*JobTokenAllowlistItem, *Response, error) {
   246  	project, err := parseID(pid)
   247  	if err != nil {
   248  		return nil, nil, err
   249  	}
   250  	u := fmt.Sprintf(`projects/%s/job_token_scope/groups_allowlist`, PathEscape(project))
   251  
   252  	req, err := j.client.NewRequest(http.MethodPost, u, opt, options)
   253  	if err != nil {
   254  		return nil, nil, err
   255  	}
   256  
   257  	jt := new(JobTokenAllowlistItem)
   258  	resp, err := j.client.Do(req, jt)
   259  	if err != nil {
   260  		return nil, resp, err
   261  	}
   262  
   263  	return jt, resp, nil
   264  }
   265  
   266  // RemoveGroupFromJopTokenAllowlist removes a group from a project's job
   267  // token inbound groups allow list.
   268  //
   269  // GitLab API docs:
   270  // https://docs.gitlab.com/ee/api/project_job_token_scopes.html#remove-a-group-from-a-cicd-job-token-allowlist
   271  func (j *JobTokenScopeService) RemoveGroupFromJobTokenAllowlist(pid interface{}, targetGroup int, options ...RequestOptionFunc) (*Response, error) {
   272  	project, err := parseID(pid)
   273  	if err != nil {
   274  		return nil, err
   275  	}
   276  	u := fmt.Sprintf(`projects/%s/job_token_scope/groups_allowlist/%d`, PathEscape(project), targetGroup)
   277  
   278  	req, err := j.client.NewRequest(http.MethodDelete, u, nil, options)
   279  	if err != nil {
   280  		return nil, err
   281  	}
   282  
   283  	return j.client.Do(req, nil)
   284  }
   285
View as plain text