From 57b3563ebca8816efbd43abb96248812644b63bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me>
Date: Thu, 27 Jul 2023 15:12:13 +0200
Subject: [PATCH] Exercice => Add ci/cd vars and protected branch params

---
 ExpressAPI/src/managers/GitlabManager.ts | 24 ++++++++++++++++++++++++
 ExpressAPI/src/routes/ExerciceRoutes.ts  |  6 ++++++
 2 files changed, 30 insertions(+)

diff --git a/ExpressAPI/src/managers/GitlabManager.ts b/ExpressAPI/src/managers/GitlabManager.ts
index 74180c4..9bc2e87 100644
--- a/ExpressAPI/src/managers/GitlabManager.ts
+++ b/ExpressAPI/src/managers/GitlabManager.ts
@@ -91,6 +91,18 @@ class GitlabManager {
         return response.data;
     }
 
+    async addRepositoryVariable(repoId: number, key: string, value: string, isProtected: boolean, isMasked: boolean): Promise<GitlabMember> {
+        const response = await axios.post<GitlabMember>(this.getApiUrl(GitlabRoutes.REPOSITORY_VARIABLES_ADD).replace('{{id}}', String(repoId)), {
+            key          : key,
+            variable_type: 'env_var',
+            value        : value,
+            protected    : isProtected,
+            masked       : isMasked
+        });
+
+        return response.data;
+    }
+
     async checkTemplateAccess(idOrNamespace: string, req: ApiRequest): Promise<StatusCodes> {
         // Get the Gitlab project and check if it have public or internal visibility
         try {
@@ -121,6 +133,18 @@ class GitlabManager {
 
         return isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED;
     }
+
+    async protectBranch(repoId: number, branchName: string, allowForcePush: boolean, allowedToMerge: GitlabAccessLevel, allowedToPush: GitlabAccessLevel, allowedToUnprotect: GitlabAccessLevel): Promise<GitlabMember> {
+        const response = await axios.post<GitlabMember>(this.getApiUrl(GitlabRoutes.REPOSITORY_BRANCHES_PROTECT).replace('{{id}}', String(repoId)), {
+            name                  : branchName,
+            allow_force_push      : allowForcePush,
+            merge_access_level    : allowedToMerge.valueOf(),
+            push_access_level     : allowedToPush.valueOf(),
+            unprotect_access_level: allowedToUnprotect.valueOf()
+        });
+
+        return response.data;
+    }
 }
 
 
diff --git a/ExpressAPI/src/routes/ExerciceRoutes.ts b/ExpressAPI/src/routes/ExerciceRoutes.ts
index 84e6cba..f07dbd0 100644
--- a/ExpressAPI/src/routes/ExerciceRoutes.ts
+++ b/ExpressAPI/src/routes/ExerciceRoutes.ts
@@ -57,6 +57,12 @@ class ExerciceRoutes implements RoutesManager {
         do {
             try {
                 repository = await GitlabManager.forkRepository((enonce.gitlabCreationInfo as unknown as GitlabRepository).id, this.getExerciceName(enonce, params.members, suffix), this.getExercicePath(req.boundParams.enonce, exerciceId), Config.exercice.default.description.replace('{{ENONCE_NAME}}', enonce.name), Config.exercice.default.visibility, Config.gitlab.group.exercices);
+
+                await GitlabManager.protectBranch(repository.id, '*', false, GitlabAccessLevel.DEVELOPER, GitlabAccessLevel.DEVELOPER, GitlabAccessLevel.DEVELOPER);
+
+                await GitlabManager.addRepositoryVariable(repository.id, 'DOJO_EXERCICE_ID', exerciceId, false, true);
+                await GitlabManager.addRepositoryVariable(repository.id, 'DOJO_SECRET', secret, false, true);
+
                 break;
             } catch ( error ) {
                 if ( error instanceof AxiosError ) {
-- 
GitLab