-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathglAudit.sh
executable file
·248 lines (191 loc) · 6.15 KB
/
glAudit.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
#!/bin/bash
function display_usage {
echo "Usage: $0
Audit full gitlab bash on current credentials
$0 --directory AUDIT_DESTINATION_FOLDER
" >&2
exit 100
}
function mk_relative_link {
local target=$1
local link_name=$2
if [ -z "${target}" ]; then
echo "*** mk_relative_link: target value is missing" >&2
exit 1
fi
if [ -z "${link_name}" ]; then
echo "*** mk_relative_link: link_name value is missing" >&2
exit 1
fi
if [ -f "${link_name}" ]; then
rm "${link_name}" # avoid link resolution
fi
local relative_target
relative_target=$(realpath --no-symlinks --relative-to="$(dirname "${link_name}")" "${target}")
# echo "relative_target='${relative_target}' link_name='${link_name}' target=${target}" >&2
ln -s --force "${relative_target}" "${link_name}"
}
function build_audit_folder {
local audit_folder=$1
local file_type=$2
if [ -z "${audit_folder}" ]; then
echo "*** build_audit_folder: audit_folder value is missing" >&2
exit 1
fi
if [ -z "${file_type}" ]; then
echo "*** build_audit_folder: file_type value is missing" >&2
exit 1
fi
local folder="${audit_folder}/${file_type}"
if [ ! -d "${folder}" ]; then
mkdir -p "${folder}" || exit $?
fi
echo "${folder}"
}
function build_audit_file {
local audit_folder=$1
local file_type=$2
local file_name=$3
if [ -z "${audit_folder}" ]; then
echo "*** build_audit_file: audit_folder value is missing" >&2
exit 1
fi
if [ -z "${file_type}" ]; then
echo "*** build_audit_file: file_type value is missing" >&2
exit 1
fi
if [ -z "${file_name}" ]; then
echo "*** build_audit_file: file_name value is missing" >&2
exit 1
fi
local file
local parent
file="$(build_audit_folder "${audit_folder}" "${file_type}")/${file_name}.json" || exit 1
parent=$(dirname "${file}") || exit 1
if [ ! -d "${parent}" ]; then
mkdir "${parent}"
fi
echo "${file}"
}
function get_group_ids {
"${GITLAB_BASH_API_PATH}/glGroups.sh" --all --list-id || exit 1
}
function get_project_ids {
"${GITLAB_BASH_API_PATH}/glProjects.sh" --all --list-id || exit 1
}
function get_group_config_by_id {
local group_id=$1
if [ -z "${GITLAB_DEFAULT_AUDIT_FOR_GROUP}" ]; then
echo "* GITLAB_DEFAULT_AUDIT_FOR_GROUP is not define" >&2
exit 1
fi
show_group_config "${group_id}" \
| jq ". | { ${GITLAB_DEFAULT_AUDIT_FOR_GROUP} }"
}
function get_project_config_by_id {
local project_id=$1
if [ -z "${GITLAB_DEFAULT_AUDIT_FOR_PROJECT}" ]; then
echo "* GITLAB_DEFAULT_AUDIT_FOR_PROJECT is not define" >&2
exit 1
fi
audit_project "${project_id}" \
| jq ". | select(.[].id=${project_id}) | .[0] | { ${GITLAB_DEFAULT_AUDIT_FOR_PROJECT} }"
}
function audit_groups_configuration {
local audit_folder=$1
local group_ids
group_ids=$(get_group_ids)
for group_id in ${group_ids}; do
local group_config
local group_path
group_config=$(get_group_config_by_id "${group_id}")
group_path=$(echo "${group_config}" | jq -r '. .path')
if [ -z "${group_path}" ]; then
echo "*** Error: can not retrieve configuration for group '${group_id}'" >&2
else
local audit_file
local path_link
audit_file=$(build_audit_file "${audit_folder}" 'groups_by_id' "${group_id}") || exit 1
path_link=$(build_audit_file "${audit_folder}" 'groups_by_path' "${group_path}") || exit 1
echo "* audit group ${group_id} / ${group_path}" >&2
echo "${group_config}" > "${audit_file}"
mk_relative_link "${audit_file}" "${path_link}"
fi
done
}
function audit_projects_configuration {
local audit_folder=$1
local project_ids
project_ids=$(get_project_ids)
for project_id in ${project_ids}; do
local project_config
local project_path
local project_fullpath
project_config=$(get_project_config_by_id "${project_id}")
project_path=$(echo "${project_config}" | jq -r '.path')
project_fullpath=$(echo "${project_config}" | jq -r '.path_with_namespace')
if [ -z "${project_path}" ]; then
echo "*** Error: can not retrieve configuration for project '${project_id}'" >&2
else
local audit_file
local path_link
local fullpath_link
audit_file=$(build_audit_file "${audit_folder}" 'projects_by_id' "${project_id}")
path_link=$(build_audit_file "${audit_folder}" 'projects_by_path' "${project_path}")
fullpath_link=$(build_audit_file "${audit_folder}" 'projects_by_path_with_namespace' "${project_fullpath}")
echo "* audit project ${project_id} / ${project_path}" >&2
# echo "* audit project ${project_id} / ${project_path} / ${project_fullpath} -> ${audit_file}" >&2
echo "${project_config}" > "${audit_file}"
mk_relative_link "${audit_file}" "${path_link}"
mk_relative_link "${audit_file}" "${fullpath_link}"
fi
done
}
function do_audit {
local audit_folder_home=$1
#
audit_groups_configuration "${audit_folder_home}" || exit 1
#
audit_projects_configuration "${audit_folder_home}" || exit 1
#audit_users_configuration ? "${audit_folder_home}" || exit 1
#audit_merge_request ? "${audit_folder_home}" || exit 1
#audit_merge_request_configuration ? "${audit_folder_home}" || exit 1
#audit_merge_request ? "${audit_folder_home}" || exit 1
}
function main {
local audit_folder_home=
while [[ $# -gt 0 ]]; do
local param="$1"
shift
case "${param}" in
-d|--directory)
audit_folder_home="$1"
shift
;;
*)
# unknown option
echo "Unknown parameter ${param}" >&2
display_usage
;;
esac
done
if [ -z "${audit_folder_home}" ]; then
display_usage
else
do_audit "${audit_folder_home}"
fi
}
# Configuration - BEGIN
if [ -z "$GITLAB_BASH_API_PATH" ]; then
GITLAB_BASH_API_PATH=$(dirname "$(realpath "$0")")
fi
if [ ! -f "${GITLAB_BASH_API_PATH}/api/gitlab-bash-api.sh" ]; then
echo "gitlab-bash-api.sh not found! - Please set GITLAB_BASH_API_PATH" >&2
exit 1
fi
source "${GITLAB_BASH_API_PATH}/api/gitlab-bash-api.sh"
# Configuration - END
# Script start here
source "${GITLAB_BASH_API_PATH}/api/gitlab-bash-api-group.sh"
source "${GITLAB_BASH_API_PATH}/api/gitlab-bash-api-project.sh"
main "$@"