Save work

.ci/deployment/badges.py

@@ -0,0 +1,138 @@
+import os
+import json
+import time
+
+
+def setup_git(token):
+    # Set git credentials
+    os.environ['GIT_ASKPASS'] = 'echo'
+    os.environ['GIT_USERNAME'] = 'github-actions[bot]'
+    os.environ['GIT_PASSWORD'] = token
+    os.environ['GIT_EMAIL'] = 'github-actions[bot]@users.noreply.github.com'
+    os.environ['GIT_COMMITTER_NAME'] = 'github-actions[bot]'
+    os.environ['GIT_COMMITTER_EMAIL'] = 'github-actions[bot]@users.noreply.github.com'
+
+
+def setup_branch(org, repo, branch):
+    if os.path.isdir(repo):
+        os.system(f"rm -rf {repo}")
+
+    # Clear repo directory except .git folder
+    os.system(
+        f"git clone --depth 1 -b {branch} https://{os.environ['GIT_PASSWORD']}@github.com/{org}/{repo} && "
+        f"cd {repo} && "
+        "find . -not -path './.git/*' -delete"
+    )
+    # Create empty shield.json
+    os.system(
+        f"cd {repo} && "
+        "echo '{}' > shields.json"
+    )
+    # Create branch, commit and push
+    os.system(
+        f"cd {repo} && "
+        f"git checkout --orphan {branch} && "
+        f"git add . && "
+        f"git commit --author='github-actions[bot] <github-actions[bot]@users.noreply.github.com>' -m 'Create {branch}' && "
+        f"git push --quiet origin {branch}"
+    )
+
+
+# Pull branch from GitHub repository using git command
+def pull_branch(org, repo, branch):
+    # Remove repository if exists
+    if os.path.isdir(repo):
+        os.system(f"rm -rf {repo}")
+
+    # Clone repository
+    code = os.system(
+        f"git clone --depth 1 -b {branch} https://{os.environ['GIT_PASSWORD']}@github.com/{org}/{repo} && "
+        f"cd {repo} && "
+        f"git pull origin {branch}"
+    )
+
+    if code == 256:
+        # Branch does not exist
+        setup_branch(org, repo, branch)
+    return code == 0 or code == 256
+
+
+# Push branch to GitHub repository using git command
+def commit_and_push_branch(repo, branch):
+    author_name = os.environ['GIT_COMMITTER_NAME']
+    author_email = os.environ['GIT_COMMITTER_EMAIL']
+    code = os.system(
+        f"cd {repo} && "
+        f"git add . && "
+        f"git commit --author='{author_name} <{author_email}>' -m 'Update {branch}' && "
+        f"git push --quiet origin {branch}"
+    )
+    return code == 0 or code == 256
+
+
+def remove_repo(repo):
+    code = os.system(
+        f"rm -rf {repo}"
+    )
+    return code == 0
+
+
+def read_badges_json(repo, file_name="shields.json"):
+    with open(f"{repo}/{file_name}") as f:
+        return json.load(f)
+
+
+def write_badges_json(badges, repo, file_name="shields.json"):
+    with open(f"{repo}/{file_name}", "w") as f:
+        json.dump(badges, f, indent=4)
+
+
+def set_badge_values(repo, badge_name, badge_status, badge_color, lifetime=None):
+    badges = read_badges_json(repo)
+    if badge_name not in badges:
+        badges[badge_name] = {}
+    badges[badge_name]["status"] = badge_status
+    badges[badge_name]["color"] = badge_color
+    badges[badge_name]["timestamp"] = int(time.time())
+    badges[badge_name]["lifetime"] = lifetime
+    write_badges_json(badges, repo)
+
+
+def set_badge(token, org, repo, badge_name, badge_status, badge_color, branch="shields"):
+    setup_git(token)
+    pull_branch(org, repo, branch)
+    set_badge_values(repo, badge_name, badge_status, badge_color)
+    commit_and_push_branch(repo, branch)
+    remove_repo(repo)
+
+
+def get_badge_status(token, org, repo, badge_name, branch="shields"):
+    setup_git(token)
+    pull_branch(org, repo, branch)
+    badges = read_badges_json(repo)
+    remove_repo(repo)
+    if badge_name not in badges:
+        return True
+    current_time = int(time.time())
+    badge_status = badges[badge_name]["status"]
+    badge_color = badges[badge_name]["color"]
+    badge_time = badges[badge_name]["timestamp"]
+    badge_lifetime = badges[badge_name]["lifetime"]
+    if (badge_time is None or badge_lifetime is None) and badge_color == "red":
+        return False
+    return current_time - badge_time > badge_lifetime or badge_color != "red", badge_status
+
+
+def unlock_badges(token, org, repo, branch="shields"):
+    setup_git(token)
+    pull_branch(org, repo, branch)
+    badges = read_badges_json(repo)
+    current_time = int(time.time())
+    for badge_name in badges:
+        badge_time = badges[badge_name]["timestamp"]
+        badge_lifetime = badges[badge_name]["lifetime"]
+        if badge_lifetime is None:
+            continue
+        if current_time - badge_time > badge_lifetime:
+            badges[badge_name]["color"] = "green"
+    write_badges_json(badges, repo)

.ci/deployment/github_api.py

@@ -0,0 +1,203 @@
+from enum import Enum
+
+import requests
+
+GITHUB_TOKEN = None
+GITHUB_ORG_TOKEN = None
+org = None
+repo = None
+
+
+class DeploymentStatus(Enum):
+    ERROR = "error"
+    FAILURE = "failure"
+    INACTIVE = "inactive"
+    IN_PROGRESS = "in_progress"
+    QUEUED = "queued"
+    PENDING = "pending"
+    SUCCESS = "success"
+
+
+# Check if user is in GitHub group using GitHub API
+def is_user_in_github_group(user, group):
+    url = f"https://api.github.com/orgs/{org}/teams/{group}/memberships/{user}"
+    headers = {"Authorization": f"token {GITHUB_ORG_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.status_code == 200
+
+
+# List all teams in GitHub organization
+def list_groups():
+    url = f"https://api.github.com/orgs/{org}/teams"
+    headers = {"Authorization": f"token {GITHUB_ORG_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+# List all environments in GitHub repository
+def list_environments():
+    url = f"https://api.github.com/repos/{org}/{repo}/environments"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+# Get environment by name
+def get_environment(name):
+    url = f"https://api.github.com/repos/{org}/{repo}/environments/{name}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+# List all deployments in GitHub repository
+def list_deployments():
+    url = f"https://api.github.com/repos/{org}/{repo}/deployments"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+# List deployments for environment
+def list_deployments_for_environment(environment):
+    url = f"https://api.github.com/repos/{org}/{repo}/deployments?environment={environment}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+# Get deployment by id
+def get_deployment(id):
+    url = f"https://api.github.com/repos/{org}/{repo}/deployments/{id}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+# Get sha for branch
+def get_sha_for_branch(branch):
+    url = f"https://api.github.com/repos/{org}/{repo}/branches/{branch}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    if response.status_code == 200:
+        return response.json()["commit"]["sha"]
+    elif response.status_code == 404:
+        return None
+
+
+# Get sha for tag
+def get_sha_for_tag(tag):
+    url = f"https://api.github.com/repos/{org}/{repo}/git/ref/tags/{tag}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    if response.status_code == 200:
+        return response.json()["object"]["sha"]
+    elif response.status_code == 404:
+        return None
+
+
+# Get sha for ref
+def get_sha_for_ref(ref):
+    url = f"https://api.github.com/repos/{org}/{repo}/git/ref/{ref}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    if response.status_code == 200:
+        return response.json()["object"]["sha"]
+    elif response.status_code == 404:
+        return None
+
+
+# Get sha for branch/tag/ref
+def get_sha(ref):
+    sha = get_sha_for_branch(ref)
+    if sha is None:
+        sha = get_sha_for_tag(ref)
+    if sha is None:
+        sha = get_sha_for_ref(ref)
+    if sha is None:
+        sha = ref
+    return sha
+
+
+# Create deployment for environment
+def create_deployment(environment, branch):
+    url = f"https://api.github.com/repos/{org}/{repo}/deployments"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    data = {
+        "ref": branch,
+        "sha": get_sha_for_branch(branch),
+        "environment": environment,
+        "required_contexts": [],
+        "auto_merge": False,
+        "transient_environment": False,
+        "production_environment": False,
+    }
+    response = requests.post(url, headers=headers, json=data)
+    return response.json()
+
+
+# Create deployment status for deployment
+def create_deployment_status(deployment, environment_url, state: DeploymentStatus, description=""):
+    url = f"https://api.github.com/repos/{org}/{repo}/deployments/{deployment}/statuses"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    data = {
+        "state": state.value,
+        "description": description,
+        "environment_url": environment_url,
+        "auto_inactive": False,
+    }
+    response = requests.post(url, headers=headers, json=data)
+    return response.json()
+
+
+# Create a comment on a pull request
+def create_comment(pr, comment):
+    url = f"https://api.github.com/repos/{org}/{repo}/issues/{pr}/comments"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    data = {"body": comment}
+    response = requests.post(url, headers=headers, json=data)
+    return response.json()
+
+
+def add_label(pr, label):
+    url = f"https://api.github.com/repos/{org}/{repo}/issues/{pr}/labels"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    data = [label]
+    response = requests.post(url, headers=headers, json=data)
+    return response.json()
+
+
+def remove_label(pr, label):
+    url = f"https://api.github.com/repos/{org}/{repo}/issues/{pr}/labels/{label}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.delete(url, headers=headers)
+    return response.json()
+
+
+def check_build_job(sha, workflow="build.yml"):
+    url = f"https://api.github.com/repos/{org}/{repo}/actions/workflows/{workflow}/runs?status=success&head_sha={sha}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()["total_count"] > 0
+
+
+# const opts = github.rest.issues.listForRepo.endpoint.merge({
+#   owner: context.repo.owner,
+#   repo: context.repo.repo,
+#   labels: ['lock:${{ matrix.label-identifier }}']
+# })
+def get_issues_with_label(label):
+    url = f"https://api.github.com/repos/{org}/{repo}/issues?labels={label}"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    return response.json()
+
+
+def get_pr_for_ref(ref):
+    url = f"https://api.github.com/repos/{org}/{repo}/commits/{ref}/pulls"
+    headers = {"Authorization": f"token {GITHUB_TOKEN}"}
+    response = requests.get(url, headers=headers)
+    if response.status_code == 200:
+        return response.json()[0]["number"]
+    elif response.status_code == 404:
+        return None