Skip to content

Commit

Permalink
Add a flag to only allow teams as owners (#127)
Browse files Browse the repository at this point in the history
  • Loading branch information
seveas authored Apr 6, 2022
1 parent bcdcc57 commit 3315c00
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 2 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,7 @@ Use the following environment variables to configure the application:
| <tt>OWNER_CHECKER_REPOSITORY</tt> <b>*</b> | | The owner and repository name separated by slash. For example, gh-codeowners/codeowners-samples. Used to check if GitHub owner is in the given organization. |
| <tt>OWNER_CHECKER_IGNORED_OWNERS</tt> | `@ghost`| The comma-separated list of owners that should not be validated. Example: `"@owner1,@owner2,@org/team1,example@email.com"`. |
| <tt>OWNER_CHECKER_ALLOW_UNOWNED_PATTERNS</tt> | `true` | Specifies whether CODEOWNERS may have unowned files. For example: <br> <br> `/infra/oncall-rotator/ @sre-team` <br> `/infra/oncall-rotator/oncall-config.yml` <br> <br> The `/infra/oncall-rotator/oncall-config.yml` file is not owned by anyone. |
| <tt>OWNER_CHEKER_OWNERS_MUST_BE_TEAMS</tt> | `false` | Specifies whether only teams are allowed as owners of files |
| <tt>NOT_OWNED_CHECKER_SKIP_PATTERNS</tt> | - | The comma-separated list of patterns that should be ignored by `not-owned-checker`. For example, you can specify `*` and as a result, the `*` pattern from the **CODEOWNERS** file will be ignored and files owned by this pattern will be reported as unowned unless a later specific pattern will match that path. It's useful because often we have default owners entry at the begging of the CODOEWNERS file, e.g. `* @global-owner1 @global-owner2` |

<b>*</b> - Required
Expand Down
12 changes: 10 additions & 2 deletions internal/check/valid_owner.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ type ValidOwnerConfig struct {
//
// The `/infra/oncall-rotator/oncall-config.yml` this file is not owned by anyone.
AllowUnownedPatterns bool `envconfig:"default=true"`
// OwnersMustBeTeams specifies whether owners must be teams in the same org as the repository
OwnersMustBeTeams bool `envconfig:"default=false"`
}

// ValidOwner validates each owner
Expand All @@ -37,6 +39,7 @@ type ValidOwner struct {
orgRepoName string
ignOwners map[string]struct{}
allowUnownedPatterns bool
ownersMustBeTeams bool
}

// NewValidOwner returns new instance of the ValidOwner
Expand All @@ -57,6 +60,7 @@ func NewValidOwner(cfg ValidOwnerConfig, ghClient *github.Client) (*ValidOwner,
orgRepoName: split[1],
ignOwners: ignOwners,
allowUnownedPatterns: cfg.AllowUnownedPatterns,
ownersMustBeTeams: cfg.OwnersMustBeTeams,
}, nil
}

Expand Down Expand Up @@ -133,10 +137,10 @@ func (v *ValidOwner) isIgnoredOwner(name string) bool {

func (v *ValidOwner) selectValidateFn(name string) func(context.Context, string) *validateError {
switch {
case v.ownersMustBeTeams || isGitHubTeam(name):
return v.validateTeam
case isGitHubUser(name):
return v.validateGitHubUser
case isGitHubTeam(name):
return v.validateTeam
case isEmailAddress(name):
// TODO(mszostok): try to check if e-mail really exists
return func(context.Context, string) *validateError { return nil }
Expand Down Expand Up @@ -186,6 +190,10 @@ func (v *ValidOwner) validateTeam(ctx context.Context, name string) *validateErr
}
}

if !isGitHubTeam(name) {
return newValidateError("%s is not a team", name)
}

// called after validation it's safe to work on `parts` slice
parts := strings.SplitN(name, "/", 2)
org := parts[0]
Expand Down

0 comments on commit 3315c00

Please sign in to comment.