2019-04-07 03:12:26 +08:00
|
|
|
#!/bin/bash
|
2017-01-04 16:56:09 +08:00
|
|
|
# A naive premoderation script to allow Gitlab CI pipeline on a specific PRs' comment
|
|
|
|
# Exits with 0, if the pipeline is good to go
|
2019-04-07 03:12:26 +08:00
|
|
|
# Exits with 1, if the user is not allowed to start pipeline
|
|
|
|
# Exits with 2, if script is unable to get issue id from CI_BUILD_REF_NAME variable
|
|
|
|
# Exits with 3, if missing the magic comment in the pipeline to start the pipeline
|
2017-01-04 16:56:09 +08:00
|
|
|
|
2019-04-07 03:12:26 +08:00
|
|
|
CURL_ARGS="-fs --retry 4 --retry-delay 5"
|
2017-01-04 16:56:09 +08:00
|
|
|
MAGIC="${MAGIC:-ci check this}"
|
|
|
|
|
|
|
|
# Get PR number from CI_BUILD_REF_NAME
|
|
|
|
issue=$(echo ${CI_BUILD_REF_NAME} | perl -ne '/^pr-(\d+)-\S+$/ && print $1')
|
2019-04-07 03:12:26 +08:00
|
|
|
|
|
|
|
if [ "$issue" = "" ]; then
|
|
|
|
echo "Unable to get issue id from: $CI_BUILD_REF_NAME"
|
|
|
|
exit 2
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "Checking for '$MAGIC' comment in PR $issue"
|
|
|
|
|
2017-01-04 16:56:09 +08:00
|
|
|
# Get the user name from the PR comments with the wanted magic incantation casted
|
2018-11-28 05:32:44 +08:00
|
|
|
user=$(curl ${CURL_ARGS} "https://api.github.com/repos/kubernetes-sigs/kubespray/issues/${issue}/comments" \
|
2017-01-04 16:56:09 +08:00
|
|
|
| jq -M "map(select(.body | contains (\"$MAGIC\"))) | .[0] .user.login" | tr -d '"')
|
2019-04-07 03:12:26 +08:00
|
|
|
|
2017-01-04 16:56:09 +08:00
|
|
|
# Check for the required user group membership to allow (exit 0) or decline (exit >0) the pipeline
|
2019-04-07 03:12:26 +08:00
|
|
|
if [ "$user" = "" ] || [ "$user" = "null" ]; then
|
|
|
|
echo "Missing '$MAGIC' comment from one of the OWNERS"
|
|
|
|
exit 3
|
|
|
|
else
|
|
|
|
echo "Found comment from user: $user"
|
2017-01-25 12:44:06 +08:00
|
|
|
fi
|
2019-04-07 03:12:26 +08:00
|
|
|
|
2018-11-28 05:32:44 +08:00
|
|
|
curl ${CURL_ARGS} "https://api.github.com/orgs/kubernetes-sigs/members/${user}"
|
2019-04-07 03:12:26 +08:00
|
|
|
|
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo "User does not have permissions to start CI run"
|
|
|
|
exit 1
|
|
|
|
else
|
|
|
|
echo "$user has allowed CI to start"
|
|
|
|
fi
|
|
|
|
|
|
|
|
exit 0
|