setup

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 3, 2026 License: EUPL-1.2 Imports: 19 Imported by: 0

Documentation

Overview

Package setup provides workspace bootstrap and package cloning commands.

Two modes of operation:

REGISTRY MODE (repos.yaml exists):

  • Clones all repositories defined in repos.yaml into packages/
  • Skips repos that already exist
  • Supports filtering by type with --only

BOOTSTRAP MODE (no repos.yaml):

  • Clones core-devops to set up the workspace foundation
  • Presents an interactive wizard to select packages (unless --all)
  • Clones selected packages

Flags:

  • --registry: Path to repos.yaml (auto-detected if not specified)
  • --only: Filter by repo type (foundation, module, product)
  • --dry-run: Preview what would be cloned
  • --all: Skip wizard, clone all packages (non-interactive)
  • --name: Project directory name for bootstrap mode
  • --build: Run build after cloning

Uses gh CLI with HTTPS when authenticated, falls back to SSH.

Package setup provides workspace setup and bootstrap commands.

cmd_wizard.go implements the interactive package selection wizard.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddSetupCommand 

func AddSetupCommand(root *cobra.Command)

AddSetupCommand adds the 'setup' command to the given parent command.

func AddSetupCommands 

func AddSetupCommands(root *cobra.Command)

AddSetupCommands registers the 'setup' command and all subcommands.

func CreateLabel 

func CreateLabel(repoFullName string, label LabelConfig) error

CreateLabel creates a new label in a repository.

func CreateWebhook 

func CreateWebhook(repoFullName string, name string, config WebhookConfig) error

CreateWebhook creates a new webhook in a repository.

func DisableDependabotSecurityUpdates 

func DisableDependabotSecurityUpdates(repoFullName string) error

DisableDependabotSecurityUpdates disables automated Dependabot security updates.

func EditLabel 

func EditLabel(repoFullName string, label LabelConfig) error

EditLabel updates an existing label in a repository.

func EnableDependabotAlerts 

func EnableDependabotAlerts(repoFullName string) error

EnableDependabotAlerts enables Dependabot vulnerability alerts.

func EnableDependabotSecurityUpdates 

func EnableDependabotSecurityUpdates(repoFullName string) error

EnableDependabotSecurityUpdates enables automated Dependabot security updates.

func FindGitHubConfig 

func FindGitHubConfig(registryDir, specifiedPath string) (string, error)

FindGitHubConfig searches for github.yaml in common locations. Search order:

  1. Specified path (if non-empty)
  2. .core/github.yaml (relative to registry)
  3. github.yaml (relative to registry)

func SetBranchProtection 

func SetBranchProtection(repoFullName, branch string, config BranchProtectionConfig) error

SetBranchProtection sets branch protection rules for a branch.

func UpdateSecurityAndAnalysis 

func UpdateSecurityAndAnalysis(repoFullName string, secretScanning, pushProtection bool) error

UpdateSecurityAndAnalysis updates security_and_analysis settings.

func UpdateWebhook 

func UpdateWebhook(repoFullName string, hookID int, config WebhookConfig) error

UpdateWebhook updates an existing webhook.

Types

type Aggregate 

type Aggregate struct {
	Sets []*ChangeSet
}

Aggregate combines multiple change sets into a summary.

func NewAggregate 

func NewAggregate() *Aggregate

NewAggregate creates a new aggregate.

func (*Aggregate) Add 

func (a *Aggregate) Add(cs *ChangeSet)

Add adds a change set to the aggregate.

func (*Aggregate) PrintSummary 

func (a *Aggregate) PrintSummary()

PrintSummary outputs the aggregate summary.

func (*Aggregate) ReposWithChanges 

func (a *Aggregate) ReposWithChanges() int

ReposWithChanges returns the number of repos that have changes.

func (*Aggregate) TotalChanges 

func (a *Aggregate) TotalChanges() (creates, updates, deletes, skips int)

TotalChanges returns the total number of changes across all sets.

type AllowDeletions 

type AllowDeletions struct {
	Enabled bool `json:"enabled"`
}

AllowDeletions indicates if branch deletion is allowed.

type AllowForcePushes 

type AllowForcePushes struct {
	Enabled bool `json:"enabled"`
}

AllowForcePushes indicates if force pushes are allowed.

type BranchProtectionConfig 

type BranchProtectionConfig struct {
	Branch                        string   `yaml:"branch"`
	RequiredReviews               int      `yaml:"required_reviews"`
	DismissStale                  bool     `yaml:"dismiss_stale"`
	RequireCodeOwnerReviews       bool     `yaml:"require_code_owner_reviews"`
	RequiredStatusChecks          []string `yaml:"required_status_checks"`
	RequireLinearHistory          bool     `yaml:"require_linear_history"`
	AllowForcePushes              bool     `yaml:"allow_force_pushes"`
	AllowDeletions                bool     `yaml:"allow_deletions"`
	EnforceAdmins                 bool     `yaml:"enforce_admins"`
	RequireConversationResolution bool     `yaml:"require_conversation_resolution"`
}

BranchProtectionConfig defines branch protection rules.

type CIConfig 

type CIConfig struct {
	// Homebrew tap (e.g., "host-uk/tap")
	Tap string `yaml:"tap"`
	// Formula name (defaults to "core")
	Formula string `yaml:"formula"`
	// Scoop bucket URL
	ScoopBucket string `yaml:"scoop_bucket"`
	// Chocolatey package name
	ChocolateyPkg string `yaml:"chocolatey_pkg"`
	// GitHub repository for direct downloads
	Repository string `yaml:"repository"`
	// Default version to install
	DefaultVersion string `yaml:"default_version"`
}

CIConfig holds CI setup configuration from .core/ci.yaml

func DefaultCIConfig 

func DefaultCIConfig() *CIConfig

DefaultCIConfig returns the default CI configuration.

func LoadCIConfig 

func LoadCIConfig() *CIConfig

LoadCIConfig loads CI configuration from .core/ci.yaml

type Change 

type Change struct {
	Category    ChangeCategory
	Type        ChangeType
	Name        string
	Description string
	Details     map[string]string // Key-value details about the change
}

Change represents a single change to be made.

type ChangeCategory 

type ChangeCategory string

ChangeCategory groups changes by type. 

const (
	// CategoryLabel indicates label-related changes.
	CategoryLabel ChangeCategory = "label"
	// CategoryWebhook indicates webhook-related changes.
	CategoryWebhook ChangeCategory = "webhook"
	// CategoryProtection indicates branch protection changes.
	CategoryProtection ChangeCategory = "protection"
	// CategorySecurity indicates security settings changes.
	CategorySecurity ChangeCategory = "security"
)

Change category constants for grouping GitHub configuration changes.

type ChangeSet 

type ChangeSet struct {
	Repo    string
	Changes []Change
}

ChangeSet tracks all changes for a repository.

func NewChangeSet 

func NewChangeSet(repo string) *ChangeSet

NewChangeSet creates a new change set for a repository.

func SyncBranchProtection 

func SyncBranchProtection(repoFullName string, config *GitHubConfig, dryRun bool) (*ChangeSet, error)

SyncBranchProtection synchronizes branch protection for a repository.

func SyncLabels 

func SyncLabels(repoFullName string, config *GitHubConfig, dryRun bool) (*ChangeSet, error)

SyncLabels synchronizes labels for a repository. Returns a ChangeSet describing what was changed (or would be changed in dry-run mode).

func SyncSecuritySettings 

func SyncSecuritySettings(repoFullName string, config *GitHubConfig, dryRun bool) (*ChangeSet, error)

SyncSecuritySettings synchronizes security settings for a repository.

func SyncWebhooks 

func SyncWebhooks(repoFullName string, config *GitHubConfig, dryRun bool) (*ChangeSet, error)

SyncWebhooks synchronizes webhooks for a repository. Webhooks are matched by URL - if a webhook with the same URL exists, it's updated. Otherwise, a new webhook is created.

func (*ChangeSet) Add 

func (cs *ChangeSet) Add(category ChangeCategory, changeType ChangeType, name, description string)

Add adds a change to the set.

func (*ChangeSet) AddWithDetails 

func (cs *ChangeSet) AddWithDetails(category ChangeCategory, changeType ChangeType, name, description string, details map[string]string)

AddWithDetails adds a change with additional details.

func (*ChangeSet) Count 

func (cs *ChangeSet) Count() (creates, updates, deletes, skips int)

Count returns the number of changes by type.

func (*ChangeSet) CountByCategory 

func (cs *ChangeSet) CountByCategory() map[ChangeCategory]int

CountByCategory returns changes grouped by category.

func (*ChangeSet) HasChanges 

func (cs *ChangeSet) HasChanges() bool

HasChanges returns true if there are any non-skip changes.

func (*ChangeSet) Print 

func (cs *ChangeSet) Print(verbose bool)

Print outputs the change set to the console.

type ChangeType 

type ChangeType string

ChangeType indicates the type of change being made. 

const (
	// ChangeCreate indicates a new resource to be created.
	ChangeCreate ChangeType = "create"
	// ChangeUpdate indicates an existing resource to be updated.
	ChangeUpdate ChangeType = "update"
	// ChangeDelete indicates a resource to be deleted.
	ChangeDelete ChangeType = "delete"
	// ChangeSkip indicates a resource that requires no changes.
	ChangeSkip ChangeType = "skip"
)

Change type constants for GitHub configuration diffs.

type EnforceAdmins 

type EnforceAdmins struct {
	Enabled bool `json:"enabled"`
}

EnforceAdmins indicates if admins are subject to rules.

type GitHubBranchProtection 

type GitHubBranchProtection struct {
	RequiredStatusChecks           *RequiredStatusChecks           `json:"required_status_checks"`
	RequiredPullRequestReviews     *RequiredPullRequestReviews     `json:"required_pull_request_reviews"`
	EnforceAdmins                  *EnforceAdmins                  `json:"enforce_admins"`
	RequiredLinearHistory          *RequiredLinearHistory          `json:"required_linear_history"`
	AllowForcePushes               *AllowForcePushes               `json:"allow_force_pushes"`
	AllowDeletions                 *AllowDeletions                 `json:"allow_deletions"`
	RequiredConversationResolution *RequiredConversationResolution `json:"required_conversation_resolution"`
}

GitHubBranchProtection represents branch protection rules from the GitHub API.

func GetBranchProtection 

func GetBranchProtection(repoFullName, branch string) (*GitHubBranchProtection, error)

GetBranchProtection fetches branch protection rules for a branch.

type GitHubConfig 

type GitHubConfig struct {
	Version          int                      `yaml:"version"`
	Labels           []LabelConfig            `yaml:"labels"`
	Webhooks         map[string]WebhookConfig `yaml:"webhooks"`
	BranchProtection []BranchProtectionConfig `yaml:"branch_protection"`
	Security         SecurityConfig           `yaml:"security"`
}

GitHubConfig represents the full GitHub setup configuration.

func LoadGitHubConfig 

func LoadGitHubConfig(path string) (*GitHubConfig, error)

LoadGitHubConfig reads and parses a GitHub configuration file.

func (*GitHubConfig) Validate 

func (c *GitHubConfig) Validate() error

Validate checks the configuration for errors.

type GitHubLabel 

type GitHubLabel struct {
	Name        string `json:"name"`
	Color       string `json:"color"`
	Description string `json:"description"`
}

GitHubLabel represents a label as returned by the GitHub API.

func ListLabels 

func ListLabels(repoFullName string) ([]GitHubLabel, error)

ListLabels fetches all labels for a repository.

type GitHubRepoResponse 

type GitHubRepoResponse struct {
	SecurityAndAnalysis *SecurityAndAnalysis `json:"security_and_analysis"`
}

GitHubRepoResponse contains security-related fields from repo API.

type GitHubSecurityStatus 

type GitHubSecurityStatus struct {
	DependabotAlerts             bool
	DependabotSecurityUpdates    bool
	SecretScanning               bool
	SecretScanningPushProtection bool
}

GitHubSecurityStatus represents the security settings status of a repository.

func GetSecuritySettings 

func GetSecuritySettings(repoFullName string) (*GitHubSecurityStatus, error)

GetSecuritySettings fetches current security settings for a repository.

type GitHubWebhook 

type GitHubWebhook struct {
	ID     int                 `json:"id"`
	Name   string              `json:"name"`
	Active bool                `json:"active"`
	Events []string            `json:"events"`
	Config GitHubWebhookConfig `json:"config"`
}

GitHubWebhook represents a webhook as returned by the GitHub API.

func ListWebhooks 

func ListWebhooks(repoFullName string) ([]GitHubWebhook, error)

ListWebhooks fetches all webhooks for a repository.

type GitHubWebhookConfig 

type GitHubWebhookConfig struct {
	URL         string `json:"url"`
	ContentType string `json:"content_type"`
	InsecureSSL string `json:"insecure_ssl"`
}

GitHubWebhookConfig contains webhook configuration details.

type LabelConfig 

type LabelConfig struct {
	Name        string `yaml:"name"`
	Color       string `yaml:"color"`
	Description string `yaml:"description"`
}

LabelConfig defines a GitHub issue/PR label.

type RequiredConversationResolution 

type RequiredConversationResolution struct {
	Enabled bool `json:"enabled"`
}

RequiredConversationResolution indicates if conversation resolution is required.

type RequiredLinearHistory 

type RequiredLinearHistory struct {
	Enabled bool `json:"enabled"`
}

RequiredLinearHistory indicates if linear history is required.

type RequiredPullRequestReviews 

type RequiredPullRequestReviews struct {
	DismissStaleReviews          bool `json:"dismiss_stale_reviews"`
	RequireCodeOwnerReviews      bool `json:"require_code_owner_reviews"`
	RequiredApprovingReviewCount int  `json:"required_approving_review_count"`
}

RequiredPullRequestReviews defines review requirements.

type RequiredStatusChecks 

type RequiredStatusChecks struct {
	Strict   bool     `json:"strict"`
	Contexts []string `json:"contexts"`
}

RequiredStatusChecks defines required CI checks.

type SecurityAndAnalysis 

type SecurityAndAnalysis struct {
	SecretScanning               *SecurityFeature `json:"secret_scanning"`
	SecretScanningPushProtection *SecurityFeature `json:"secret_scanning_push_protection"`
	DependabotSecurityUpdates    *SecurityFeature `json:"dependabot_security_updates"`
}

SecurityAndAnalysis contains security feature settings.

type SecurityConfig 

type SecurityConfig struct {
	DependabotAlerts             bool `yaml:"dependabot_alerts"`
	DependabotSecurityUpdates    bool `yaml:"dependabot_security_updates"`
	SecretScanning               bool `yaml:"secret_scanning"`
	SecretScanningPushProtection bool `yaml:"push_protection"`
}

SecurityConfig defines repository security settings.

type SecurityFeature 

type SecurityFeature struct {
	Status string `json:"status"` // "enabled" or "disabled"
}

SecurityFeature represents a single security feature status.

type WebhookConfig 

type WebhookConfig struct {
	URL         string   `yaml:"url"`          // Webhook URL (supports ${ENV_VAR})
	ContentType string   `yaml:"content_type"` // json or form (default: json)
	Secret      string   `yaml:"secret"`       // Optional secret (supports ${ENV_VAR})
	Events      []string `yaml:"events"`       // Events to trigger on
	Active      *bool    `yaml:"active"`       // Whether webhook is active (default: true)
}

WebhookConfig defines a GitHub webhook configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.