e1706ad9af
Bump faraday-retry from 2.2.0 to 2.2.1 in the prod-ruby-dependencies group |
||
|---|---|---|
| .github | ||
| bin | ||
| lib | ||
| script | ||
| spec | ||
| vendor/cache | ||
| .gitignore | ||
| .rubocop.yml | ||
| .ruby-version | ||
| Gemfile | ||
| Gemfile.lock | ||
| LICENSE | ||
| README.md | ||
| entitlements-github-plugin.gemspec | ||
README.md
entitlements-github-plugin
entitlements-github-plugin is an entitlements-app plugin allowing entitlements configs to be used to manage membership of GitHub.com Organizations and Teams.
Usage
Your entitlements-app config config/entitlements.yaml runs through ERB interpretation automatically. You can extend your entitlements configuration to load plugins like so:
<%-
unless ENV['CI_MODE']
begin
require_relative "/data/entitlements/lib/entitlements-and-plugins"
rescue Exception
begin
require_relative "lib/entitlements-and-plugins"
rescue Exception
# We might not have the plugins installed and still want this file to be
# loaded. Don't raise anything but silently fail.
end
end
end
-%>
You can then define lib/entitlements-and-plugins like so:
#!/usr/bin/env ruby
# frozen_string_literal: true
ENV["BUNDLE_GEMFILE"] = File.expand_path("../../Gemfile", File.dirname(__FILE__))
require "bundler/setup"
require "entitlements"
# require entitlements plugins here
require "entitlements/backend/github_org"
require "entitlements/backend/github_team"
require "entitlements/service/github"
Any plugins defined in lib/entitlements-and-plugins will be loaded and used at entitlements-app runtime.
Features
Org Team
entitlements-github-plugin manages org team membership to two roles - admin and member. Your entitlements-app config config/entitlements.yaml is used to configure the location for the declarations of this membership.
github.com/github/org:
addr: <%= ENV["GITHUB_API_BASE"] %>
base: ou=org,ou=github,ou=GitHub,dc=github,dc=com
dir: github.com/github/org
org: github
token: <%= ENV["GITHUB_ORG_TOKEN"] %>
ignore_not_found: false # optional argument to ignore users who are not found in the GitHub instance
type: "github_org"
entitlements-github-plugin will look in the defined location above, github.com/github/org, for admin.txt and member.txt defining the respective membership for each role.
GitHub Teams
entitlements-github-plugin manages membership for all teams listed in the defined subfolder. The plugin will use extension-less name of the file as the team name. GitHub Team management can be configured like so:
github.com/github/teams:
addr: <%= ENV["GITHUB_API_BASE"] %>
base: ou=teams,ou=github,ou=GitHub,dc=github,dc=com
dir: github.com/github/teams
org: github
token: <%= ENV["GITHUB_ORG_TOKEN"] %>
ignore_not_found: false # optional argument to ignore users who are not found in the GitHub instance
type: "github_team"
For example, if there were a file github.com/github/teams/new-team.txt with a single user inside, a GitHub.com Team would be created in the github org with the name new-team.
Metadata
Entitlements configs can contain metadata which the plugin will use to make further configuration decisions.
metadata_parent_team_name - when defined in an entitlements config, the defined team will be made the parent team of this GitHub.com Team.
Release 🚀
To release a new version of this Gem, do the following:
- Update the version number in the
lib/version.rbfile - Run
bundle installto update theGemfile.lockfile with the new version - Commit your changes, push them to GitHub, and open a PR
Once your PR is approved and the changes are merged, a new release will be created automatically by the release.yml workflow. The latest version of the Gem will be published to the GitHub Package Registry and RubyGems.