Webhook update w token

gitlabform/configuration/transform.py

@@ -225,9 +225,9 @@ def _do_transform(self, configuration: Configuration):
                 for node_coordinate in processor.get_nodes(path, mustexist=True):
                     try:
                         access_level_string = str(node_coordinate.node)
-                        node_coordinate.parent[
-                            node_coordinate.parentref
-                        ] = AccessLevel.get_value(access_level_string)
+                        node_coordinate.parent[node_coordinate.parentref] = (
+                            AccessLevel.get_value(access_level_string)
+                        )
                     except KeyError:
                         fatal(
                             f"Configuration string '{access_level_string}' is not one of the valid access levels:"
@@ -255,9 +255,9 @@ def _do_transform(self, configuration: Configuration):
                     if node_coordinate.parentref == "access_level":
                         try:
                             access_level_string = str(node_coordinate.node)
-                            node_coordinate.parent[
-                                node_coordinate.parentref
-                            ] = AccessLevel.get_value(access_level_string)
+                            node_coordinate.parent[node_coordinate.parentref] = (
+                                AccessLevel.get_value(access_level_string)
+                            )
                         except KeyError:
                             fatal(
                                 f"Configuration string '{access_level_string}' is not one of the valid access levels:"
@@ -313,9 +313,9 @@ def _do_transform(self, configuration: Configuration) -> None:
 
                     if old_syntax["approvals"]:
                         # add the settings, if there are left any after removing 'approvals_before_merge'
-                        where_to_add_new_syntax[
-                            "merge_requests_approvals"
-                        ] = old_syntax["approvals"]
+                        where_to_add_new_syntax["merge_requests_approvals"] = (
+                            old_syntax["approvals"]
+                        )
 
                 # approval rules
                 if (

gitlabform/gitlab/__init__.py

@@ -23,7 +23,6 @@
 from gitlabform.gitlab.resource_groups import GitLabResourceGroups
 from gitlabform.gitlab.schedules import GitLabPipelineSchedules
 from gitlabform.gitlab.integrations import GitLabIntegrations
-from gitlabform.gitlab.tags import GitLabTags
 from gitlabform.gitlab.users import GitLabUsers
 from gitlab import Gitlab
 
@@ -60,7 +59,6 @@ class GitLab(
     GitLabRepositories,
     GitLabResourceGroups,
     GitLabIntegrations,
-    GitLabTags,
     GitLabGroupLDAPLinks,
     GitLabGroupBadges,
     GitLabGroupVariables,

gitlabform/gitlab/projects.py

@@ -177,41 +177,6 @@ def post_project_push_rules(self, project_and_group_name: str, push_rules):
             "projects/%s/push_rule", pid, "POST", push_rules, expected_codes=201
         )
 
-    def get_hook_id(self, project_and_group_name, url):
-        hooks = self._make_requests_to_api(
-            "projects/%s/hooks", project_and_group_name, "GET"
-        )
-        for hook in hooks:
-            if hook["url"] == url:
-                return hook["id"]
-        return None
-
-    def delete_hook(self, project_and_group_name, hook_id):
-        self._make_requests_to_api(
-            "projects/%s/hooks/%s",
-            (project_and_group_name, hook_id),
-            "DELETE",
-            expected_codes=[200, 204],
-        )
-
-    def put_hook(self, project_and_group_name, hook_id, url, data):
-        data_required = {"url": url}
-        data = {**data, **data_required}
-        self._make_requests_to_api(
-            "projects/%s/hooks/%s", (project_and_group_name, hook_id), "PUT", data
-        )
-
-    def post_hook(self, project_and_group_name, url, data):
-        data_required = {"url": url}
-        data = {**data, **data_required}
-        self._make_requests_to_api(
-            "projects/%s/hooks",
-            project_and_group_name,
-            "POST",
-            data,
-            expected_codes=201,
-        )
-
     def get_groups_from_project(self, project_and_group_name):
         # couldn't find an API call that was giving me directly
         # the shared groups, so I'm using directly the GET /projects/:id call

gitlabform/processors/group/group_members_processor.py

@@ -70,9 +70,9 @@ def _process_groups(
 
         groups_before_by_group_path = dict()
         for share_details in groups_before:
-            groups_before_by_group_path[
-                share_details["group_full_path"]
-            ] = share_details
+            groups_before_by_group_path[share_details["group_full_path"]] = (
+                share_details
+            )
 
         for share_with_group_path in groups_to_set_by_group_path:
             group_access_to_set = groups_to_set_by_group_path[share_with_group_path][

gitlabform/processors/project/hooks_processor.py

@@ -1,4 +1,8 @@
 from logging import debug
+from typing import Dict, Any, List
+
+from gitlab.base import RESTObject, RESTObjectList
+from gitlab.v4.objects import Project
 
 from gitlabform.gitlab import GitLab
 from gitlabform.processors.abstract_processor import AbstractProcessor
@@ -9,23 +13,54 @@ def __init__(self, gitlab: GitLab):
         super().__init__("hooks", gitlab)
 
     def _process_configuration(self, project_and_group: str, configuration: dict):
-        for hook in sorted(configuration["hooks"]):
+        debug("Processing hooks...")
+        project: Project = self.gl.projects.get(project_and_group)
+        hooks_list: RESTObjectList | List[RESTObject] = project.hooks.list()
+        config_hooks: tuple[str, ...] = tuple(
+            x for x in sorted(configuration["hooks"]) if x != "enforce"
+        )
+
+        for hook in config_hooks:
+            gitlab_hook: RESTObject | None = next(
+                (h for h in hooks_list if h.url == hook), None
+            )
+            hook_id = gitlab_hook.id if gitlab_hook else None
             if configuration.get("hooks|" + hook + "|delete"):
-                hook_id = self.gitlab.get_hook_id(project_and_group, hook)
                 if hook_id:
                     debug("Deleting hook '%s'", hook)
-                    self.gitlab.delete_hook(project_and_group, hook_id)
+                    project.hooks.delete(hook_id)
                 else:
                     debug("Not deleting hook '%s', because it doesn't exist", hook)
             else:
-                hook_id = self.gitlab.get_hook_id(project_and_group, hook)
-                if hook_id:
-                    debug("Changing existing hook '%s'", hook)
-                    self.gitlab.put_hook(
-                        project_and_group, hook_id, hook, configuration["hooks"][hook]
+                hook_config = {"url": hook}
+                hook_config.update(configuration["hooks"][hook])
+                gl_hook_dict = gitlab_hook.asdict() if gitlab_hook else {}
+                diffs = (
+                    map(
+                        lambda k: hook_config[k] != gl_hook_dict[k],
+                        hook_config.keys(),
                     )
-                else:
+                    if gl_hook_dict
+                    else iter(())
+                )
+                if not hook_id:
                     debug("Creating hook '%s'", hook)
-                    self.gitlab.post_hook(
-                        project_and_group, hook, configuration["hooks"][hook]
+                    created_hook: RESTObject = project.hooks.create(hook_config)
+                    debug("Created hook '%s'", created_hook)
+                elif hook_id and any(diffs):
+                    debug("Changing existing hook '%s'", hook)
+                    changed_hook: Dict[str, Any] = project.hooks.update(
+                        hook_id, hook_config
+                    )
+                    debug("Changed hook to '%s'", changed_hook)
+                elif hook_id and not any(diffs):
+                    debug(f"Hook {hook} remains unchanged")
+
+        if configuration.get("hooks|enforce"):
+            for gh in hooks_list:
+                if gh.url not in config_hooks:
+                    debug(
+                        "Deleting hook '%s' currently setup in the project but it is not in the configuration and enforce is enabled",
+                        gh.url,
                     )
+                    project.hooks.delete(gh.id)

gitlabform/processors/project/tags_processor.py

@@ -3,7 +3,7 @@
 
 from gitlabform.constants import EXIT_PROCESSING_ERROR
 from gitlabform.gitlab import GitLab
-from gitlabform.gitlab.core import NotFoundException
+from gitlab import GitlabDeleteError, GitlabGetError
 from gitlabform.processors.abstract_processor import AbstractProcessor
 
 
@@ -12,7 +12,17 @@ def __init__(self, gitlab: GitLab, strict: bool):
         super().__init__("tags", gitlab)
         self.strict = strict
 
+    def _get_user_by_username(self, username):
+        user = self.gl.users.list(username=username)
+        if len(user) == 0:
+            raise GitlabGetError(
+                "No users found when searching for username '%s'" % username, 404
+            )
+        return user[0]
+
     def _process_configuration(self, project_and_group: str, configuration: dict):
+        project = self.gl.projects.get(id=project_and_group, lazy=True)
+
         for tag in sorted(configuration["tags"]):
             try:
                 if configuration["tags"][tag]["protected"]:
@@ -33,13 +43,13 @@ def _process_configuration(self, project_and_group: str, configuration: dict):
                             elif "user_id" in config:
                                 user_ids.add(config["user_id"])
                             elif "user" in config:
-                                user_ids.add(self.gitlab._get_user_id(config["user"]))
+                                gitlab_user = self._get_user_by_username(config["user"])
+                                user_ids.add(gitlab_user.get_id())
                             elif "group_id" in config:
                                 group_ids.add(config["group_id"])
                             elif "group" in config:
-                                group_ids.add(
-                                    self.gitlab._get_group_id(config["group"])
-                                )
+                                gitlab_group = self.gl.groups.get(config["group"])
+                                group_ids.add(gitlab_group.get_id())
 
                         for val in access_levels:
                             allowed_to_create.append({"access_level": val})
@@ -55,24 +65,38 @@ def _process_configuration(self, project_and_group: str, configuration: dict):
                         if "create_access_level" in configuration["tags"][tag]
                         else None
                     )
+
                     debug("Setting tag '%s' as *protected*", tag)
                     try:
                         # try to unprotect first
-                        self.gitlab.unprotect_tag(project_and_group, tag)
-                    except NotFoundException:
+                        project.protectedtags.delete(tag)
+                    except GitlabDeleteError:
                         pass
-                    self.gitlab.protect_tag(
-                        project_and_group, tag, allowed_to_create, create_access_level
-                    )
+
+                    data = {}
+                    data["name"] = tag
+                    if allowed_to_create is not None:
+                        data["allowed_to_create"] = allowed_to_create
+                    if create_access_level is not None:
+                        data["create_access_level"] = create_access_level
+                    project.protectedtags.create(data)
                 else:
                     debug("Setting tag '%s' as *unprotected*", tag)
-                    self.gitlab.unprotect_tag(project_and_group, tag)
-            except NotFoundException:
-                message = f"Tag '{tag}' not found when trying to set it as protected/unprotected!"
+                    project.protectedtags.delete(tag)
+            except GitlabDeleteError:
+                message = f"Tag '{tag}' not found when trying to unprotect it!"
                 if self.strict:
                     fatal(
                         message,
                         exit_code=EXIT_PROCESSING_ERROR,
                     )
                 else:
                     warning(message)
+            except GitlabGetError as e:
+                if self.strict:
+                    fatal(
+                        e,
+                        exit_code=EXIT_PROCESSING_ERROR,
+                    )
+                else:
+                    warning(message)

gitlabform/processors/shared/protected_environments_processor.py

@@ -17,6 +17,6 @@ def __init__(self, gitlab: GitLab):
             required_to_create_or_update=And(Key("name"), Key("deploy_access_levels")),
         )
 
-        self.custom_diff_analyzers[
-            "deploy_access_levels"
-        ] = self.recursive_diff_analyzer
+        self.custom_diff_analyzers["deploy_access_levels"] = (
+            self.recursive_diff_analyzer
+        )

gitlabform/processors/util/difference_logger.py

@@ -43,9 +43,9 @@ def log_diff(
         if hide_entries:
             changes = list(
                 map(
-                    lambda i: [i[0], hide(i[1]), hide(i[2])]
-                    if i[0] in hide_entries
-                    else i,
+                    lambda i: (
+                        [i[0], hide(i[1]), hide(i[2])] if i[0] in hide_entries else i
+                    ),
                     changes,
                 )
             )