outside

Documentation

Overview

Package Outside implements the Outside Collaborators security policy.

Index

• func NewOutside() policydef.Policy
• type OrgConfig
• type Outside
  • func (o Outside) Check(ctx context.Context, c *github.Client, owner, repo string) (*policydef.Result, error)
  • func (o Outside) Fix(ctx context.Context, c *github.Client, owner, repo string) error
  • func (o Outside) GetAction(ctx context.Context, c *github.Client, owner, repo string) string
  • func (o Outside) IsEnabled(ctx context.Context, c *github.Client, owner, repo string) (bool, error)
  • func (o Outside) Name() string
• type OutsideExemption
• type RepoConfig

Functions

func NewOutside

func NewOutside() policydef.Policy

NewOutside returns a new Outside Collaborators policy.

Types

type OrgConfig

type OrgConfig struct {
	// OptConfig is the standard org-level opt in/out config, RepoOverride
	// applies to all config.
	OptConfig config.OrgOptConfig `json:"optConfig"`

	// Action defines which action to take, default log, other: issue...
	Action string `json:"action"`

	// PushAllowed defined if outside collaborators are allowed to have push
	// access, default true.
	PushAllowed bool `json:"pushAllowed"`

	// AdminAllowed defined if outside collaborators are allowed to have admin
	// access, default false.
	AdminAllowed bool `json:"adminAllowed"`

	// Exemptions is a list of user-repo-access pairings to exempt.
	// Exemptions are only defined at the org level because they should be made
	// obvious to org security managers.
	Exemptions []*OutsideExemption `json:"exemptions"`
}

OrgConfig is the org-level config definition for Outside Collaborators security policy.

type Outside

type Outside bool

Outside is the Outside Collaborators policy object, implements policydef.Policy.

func (Outside) Check

func (o Outside) Check(ctx context.Context, c *github.Client, owner,
	repo string) (*policydef.Result, error)

Check performs the policy check for Outside Collaborators based on the configuration stored in the org/repo, implementing policydef.Policy.Check()

func (Outside) Fix

func (o Outside) Fix(ctx context.Context, c *github.Client, owner, repo string) error

Fix implementing policydef.Policy.Fix(). Currently not supported. Plan to support this TODO.

func (Outside) GetAction

func (o Outside) GetAction(ctx context.Context, c *github.Client, owner, repo string) string

GetAction returns the configured action from this policy's configuration stored in the org-level repo, default log. Implementing policydef.Policy.GetAction()

func (Outside) IsEnabled

func (o Outside) IsEnabled(ctx context.Context, c *github.Client, owner, repo string) (bool, error)

Check whether this policy is enabled or not

func (Outside) Name

func (o Outside) Name() string

Name returns the name of this policy, implementing policydef.Policy.Name()

type OutsideExemption

type OutsideExemption struct {
	// User is a GitHub username
	User string `json:"user"`

	// Repo is a GitHub repo name
	Repo string `json:"repo"`

	// Push allows push permission
	Push bool `json:"push"`

	// Admin allows admin permission
	Admin bool `json:"admin"`
}

OutsideExemption is an exemption entry for the Outside Collaborators policy.

type RepoConfig

type RepoConfig struct {
	// OptConfig is the standard repo-level opt in/out config.
	OptConfig config.RepoOptConfig `json:"optConfig"`

	// Action overrides the same setting in org-level, only if present.
	Action *string `json:"action"`

	// PushAllowed overrides the same setting in org-level, only if present.
	PushAllowed *bool `json:"pushAllowed"`

	// AdminAllowed overrides the same setting in org-level, only if present.
	AdminAllowed *bool `json:"adminAllowed"`
}

RepoConfig is the repo-level config for Outside Collaborators security policy.