Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add logic for collect user project for Gitlab connector #3810

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add logic for collect user project for Gitlab connector #3810

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7615cf5
Add logix for collect user project for Gitlab connector
zvlb Oct 25, 2024
35f5826
Fix linter errors
zvlb Oct 25, 2024
d035a1b
small fix
zvlb Oct 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 97 additions & 0 deletions connector/gitlab/gitlab.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"log/slog"
"net/http"
"strconv"
"sync"
"time"

"golang.org/x/oauth2"
Expand All @@ -24,6 +25,10 @@ const (
// used to retrieve groups from /oauth/userinfo
// https://docs.gitlab.com/ee/integration/openid_connect_provider.html
scopeOpenID = "openid"
// used to get user projects from /api/v4/projects
scopeReadAPI = "read_api"
// Min Access Level for Gitlab Propects
gitlabMinAccessLevel = 30
)

// Config holds configuration options for gitlab logins.
Expand All @@ -35,6 +40,7 @@ type Config struct {
Groups []string `json:"groups"`
UseLoginAsID bool `json:"useLoginAsID"`
GetGroupsPermission bool `json:"getGroupsPermission"`
GetProjects bool `json:"getProjects"`
}

type gitlabUser struct {
Expand All @@ -46,6 +52,12 @@ type gitlabUser struct {
IsAdmin bool
}

type gitlabProjects struct {
ID int `json:"id"`
Name string `json:"name"`
PathWithNamespace string `json:"path_with_namespace"`
}

// Open returns a strategy for logging in through GitLab.
func (c *Config) Open(id string, logger *slog.Logger) (connector.Connector, error) {
if c.BaseURL == "" {
Expand All @@ -60,6 +72,7 @@ func (c *Config) Open(id string, logger *slog.Logger) (connector.Connector, erro
groups: c.Groups,
useLoginAsID: c.UseLoginAsID,
getGroupsPermission: c.GetGroupsPermission,
getProjects: c.GetProjects,
}, nil
}

Expand Down Expand Up @@ -87,13 +100,19 @@ type gitlabConnector struct {

// if set to true permissions will be added to list of groups
getGroupsPermission bool

// if set to true will get user projects
getProjects bool
}

func (c *gitlabConnector) oauth2Config(scopes connector.Scopes) *oauth2.Config {
gitlabScopes := []string{scopeUser}
if c.groupsRequired(scopes.Groups) {
gitlabScopes = []string{scopeUser, scopeOpenID}
}
if c.getProjects {
gitlabScopes = append(gitlabScopes, scopeReadAPI)
}

gitlabEndpoint := oauth2.Endpoint{AuthURL: c.baseURL + "/oauth/authorize", TokenURL: c.baseURL + "/oauth/token"}
return &oauth2.Config{
Expand Down Expand Up @@ -357,6 +376,14 @@ func (c *gitlabConnector) getGroups(ctx context.Context, client *http.Client, gr
return nil, err
}

if c.getProjects {
userProjects, err := c.getUserProjects(ctx, client)
if err != nil {
return nil, err
}
gitlabGroups = append(gitlabGroups, userProjects...)
}

if len(c.groups) > 0 {
filteredGroups := groups.Filter(gitlabGroups, c.groups)
if len(filteredGroups) == 0 {
Expand All @@ -369,3 +396,73 @@ func (c *gitlabConnector) getGroups(ctx context.Context, client *http.Client, gr

return nil, nil
}

func (c *gitlabConnector) getUserProjects(ctx context.Context, client *http.Client) ([]string, error) {
projects, totalPages, err := c.getUserProjectsPerPage(ctx, client, 1)
if err != nil {
return nil, err
}
if totalPages > 1 {
var wg sync.WaitGroup
limit := make(chan struct{}, 10)
for p := 2; p <= totalPages; p++ {
wg.Add(1)
limit <- struct{}{}
go func(
ctx context.Context,
client *http.Client,
p int,
) {
defer func() {
wg.Done()
<-limit
}()
projectsPagination, _, _ := c.getUserProjectsPerPage(ctx, client, p)
projects = append(projects, projectsPagination...)
}(ctx, client, p)
}
wg.Wait()
}

projectsPath := make([]string, 0, len(projects))
for _, gp := range projects {
projectsPath = append(projectsPath, gp.PathWithNamespace)
}

return projectsPath, nil
}
func (c *gitlabConnector) getUserProjectsPerPage(ctx context.Context, client *http.Client, page int) ([]gitlabProjects, int, error) {
var projects []gitlabProjects

url := fmt.Sprintf("%s/api/v4/projects?min_access_level=%v&page=%+v", c.baseURL, gitlabMinAccessLevel, page)
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return nil, 0, fmt.Errorf("gitlab: new req: %v", err)
}
req = req.WithContext(ctx)

resp, err := client.Do(req)
if err != nil {
return nil, 0, fmt.Errorf("gitlab: get URL %v", err)
}
defer resp.Body.Close()

if resp.StatusCode != http.StatusOK {
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, 0, fmt.Errorf("gitlab: read body: %v", err)
}
return nil, 0, fmt.Errorf("%s: %s", resp.Status, body)
}

if err := json.NewDecoder(resp.Body).Decode(&projects); err != nil {
return nil, 0, fmt.Errorf("failed to decode response: %v", err)
}

totalPages, err := strconv.Atoi(resp.Header["X-Total-Pages"][0])
if err != nil {
return nil, 0, err
}

return projects, totalPages, nil
}
Loading