Skip to content
Snippets Groups Projects
Commit f376d80d authored by poly000's avatar poly000
Browse files

set edit policy permission

parent a6525360
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 33 additions and 4 deletions
apply.sh
+ 33
4
View file @ f376d80d
...@@ -3,15 +3,24 @@ ...@@ -3,15 +3,24 @@
show_usage() { show_usage() {
cat <<-EOF cat <<-EOF
Usage: Usage:
$0 --org-name {string} --proj-name {string} [--repo-name {string} | --repo-id {string}] [--branch {string}] [--pipeline-name {string} | --build-definition-id {number}] $0 --org-name {string} --proj-name {string} [--repo-name {string} | --repo-id {string}] [--branch {string}] [--pipeline-name {string} | --build-definition-id {number}]
Examples: Examples:
$0 --org-name azvse --proj-name aztest --repo-name aztest --branch bensl/tmpbuild/1201 --pipeline-name Overlake-Build-PullRequest $0 --org-name azvse --proj-name aztest --repo-name aztest --branch bensl/tmpbuild/1201 --pipeline-name Overlake-Build-PullRequest
$0 --org-name azvse --proj-name aztest --repo-id a4822210-511f-427f-a36d-26a14c29cc89 --branch bensl/tmpbuild/1201 --build-definition-id 2 $0 --org-name azvse --proj-name aztest --repo-id a4822210-511f-427f-a36d-26a14c29cc89 --branch bensl/tmpbuild/1201 --build-definition-id 2
EOF EOF
} }
get_proj_id() {
az devops project show \
--project aztest \
--query "id" \
--org https://dev.azure.com/azvse \
--output tsv
}
typeset -fx get_proj_id
get_repo_id() { get_repo_id() {
az repos list \ az repos list \
--org "${org_url}" \ --org "${org_url}" \
...@@ -42,6 +51,10 @@ while [[ $# -gt 0 ]]; do ...@@ -42,6 +51,10 @@ while [[ $# -gt 0 ]]; do
proj_name=$2 proj_name=$2
shift 2 shift 2
;; ;;
--proj-id)
proj_id=$2
shift 2
;;
--repo-name) --repo-name)
repo_name=$2 repo_name=$2
shift 2 shift 2
...@@ -51,7 +64,7 @@ while [[ $# -gt 0 ]]; do ...@@ -51,7 +64,7 @@ while [[ $# -gt 0 ]]; do
shift 2 shift 2
;; ;;
--branch) --branch)
branch=$2 export branch=$2
shift 2 shift 2
;; ;;
--pipeline-name) --pipeline-name)
...@@ -81,6 +94,11 @@ if [[ ! "${pat}" ]]; then ...@@ -81,6 +94,11 @@ if [[ ! "${pat}" ]]; then
exit 2 exit 2
fi fi
if [[ ! "${proj_id}" ]]
then
proj_id=$(get_proj_id)
fi
if [[ ! ${repo_id} && ${repo_name} ]]; then if [[ ! ${repo_id} && ${repo_name} ]]; then
repo_id=$(get_repo_id) repo_id=$(get_repo_id)
echo repo_id: ${repo_id} echo repo_id: ${repo_id}
...@@ -99,6 +117,16 @@ print_policy_list() { ...@@ -99,6 +117,16 @@ print_policy_list() {
--project "${proj_name}" --project "${proj_name}"
} }
user_email="tmp1@recolic.net"
setup_branch_security() {
GIT_REPO_NAMESPACE=2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87
az devops security permission update \
--id $GIT_REPO_NAMESPACE \
--subject "${user_email}" \
--token repoV2/${proj_id}/${repo_id}/refs/heads/$(echo "${branch}" | python branch_name_hex.py) \
--allow-bit 2048
}
setup_build_policy() { setup_build_policy() {
curl -X POST "${org_url}/${proj_name}/_apis/policy/configurations?api-version=7.2-preview.1" \ curl -X POST "${org_url}/${proj_name}/_apis/policy/configurations?api-version=7.2-preview.1" \
-H "Authorization: Basic $(echo -n :${pat} | base64)" \ -H "Authorization: Basic $(echo -n :${pat} | base64)" \
...@@ -146,5 +174,6 @@ setup_build_validation() { ...@@ -146,5 +174,6 @@ setup_build_validation() {
} }
print_policy_list print_policy_list
setup_branch_security
setup_build_policy setup_build_policy
setup_build_validation setup_build_validation
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment