adding hub-sync feature code#873
Draft
jefeish wants to merge 39 commits into
Draft
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
- Introduced a new "disable_plugins" property in the settings schema to allow disabling specific plugins at various configuration layers. - Each entry can be a plugin name or an object specifying the plugin and its target layer (self, children, all). - Updated smoke-test.js to include interactive mode for manual validation during test phases. - Implemented new test cases for the disable_plugins feature, covering normalization, strip map computation, and integration with updateOrg and updateRepos functions. - Added tests to ensure proper handling of valid and invalid disable_plugins configurations.
…nds survive Without action.msg in the dedup key, multiple disable_plugins NopCommands for the same repo (e.g. skipping 'labels' AND 'teams') all share the same type+repo+plugin+endpoint key and only the first one survives, silently dropping the rest from the PR comment and check-run output. Adding action.msg to the key ensures each unique informational message is retained while still deduplicating exact duplicates. Also adds test 27 to cover this case.
- Introduced `additive_plugins` configuration to allow specific Diffable plugins to run in additive mode, preserving existing entries on GitHub. - Updated `normalizeAdditivePlugins` method to validate and return a set of valid plugin names for additive mode. - Modified `childPluginsList` to include section names for better tracking of additive flags. - Enhanced existing tests to cover new functionality, ensuring proper behavior of plugins in additive mode. - Added integration tests to verify that plugins behave correctly when configured with additive_plugins. - Created a new environment file for webhook proxy configuration.
…roles permissions
- Removed unnecessary comments and streamlined the constructor to enforce uppercase variable names. - Simplified the `find` method to directly return the required variable data. - Updated the `changed` method to directly compare values without additional sorting logic. - Refactored `update`, `add`, and `remove` methods to return NopCommand instances when `nop` is true, preventing actual API calls. - Enhanced unit tests to cover new NopCommand behavior and ensure proper functionality of the Variables plugin. - Introduced phase 13 in smoke tests to validate variable creation, updating, and removal in repository settings. - Added support for phase filtering in smoke tests to allow targeted execution of specific phases.
…AML configurations
Generate safe-settings YAML from existing GitHub configuration for a repo, org, or custom-property-based suborg. - lib/settingsGenerator.js: extraction engine reusing each plugin's find() to read current state and produce config/YAML, with cross-repo intersection for suborg generation. - generate-settings.js: standalone CLI that writes generated YAML to the local filesystem (.sample.yml unless --overwrite); loads .env manually. - index.js + app.yml: repository_dispatch (safe-settings-generate) handler that always opens a PR against the admin repo (never commits to the default branch directly). - Suborg files are named suborgs/<name>_<value>.yml. - README: document generator usage and the PR-only guarantee. - Unit tests for the generator (25 tests).
- Added support for custom repository roles in smoke-test.js, including creation, deletion, and retrieval functions. - Implemented new ruleset management functions for organizations and repositories. - Updated smoke tests to validate the behavior of custom repository roles and rulesets under various scenarios. - Enhanced existing tests to ensure proper handling of additive and disabled plugins for custom repository roles and rulesets. - Introduced new test cases to cover scenarios where suborg configurations change and their impact on repository rulesets. - Improved error handling and logging for better traceability during tests.
…_reviewers drift detection
… object array key reordering
When a suborg.yml file changes its targeting rules (suborgrepos, suborgteams, or suborgproperties), repos that no longer match the updated targeting were not having their suborg-applied settings (e.g. rulesets) removed. This happened because getSubOrgConfigs() only resolves the new targeting, and repos not in the new targeting were skipped in updateRepos(). Fix: Load the previous version of changed suborg config files from the base ref (payload.before for push events, pull_request.base.ref for PR/NOP mode), resolve which repos were previously targeted, compare with current targeting, and process removed repos so diffable's sync() detects and removes orphaned rulesets. Changes: - index.js: Pass payload.after/payload.before as ref/baseRef to syncSelectedSettings in push handler - lib/settings.js: Add getReposRemovedFromSubOrgTargeting() method that compares old vs new targeting to find removed repos - lib/settings.js: Add loadYamlFromRef() helper to load config from a specific git ref without cache interference - lib/settings.js: Update syncSelectedRepos to accept baseRef, identify removed repos, and process them before the suborg loop - test/unit/lib/settings.test.js: Add tests for targeting removal Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…moval' into feature/hub-sync
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new "Safe Settings Hub Sync" feature for centralized configuration management across multiple organizations.
The main changes include: