private static async Task DeleteDefaultRepoAsync(
Waddle.RepositoryService repoService,
Waddle.Dtos.Project project, bool projectWasAbsent)
{
if (projectWasAbsent)
{
// when new projects are created, there's a defaul repository
// let's remove that
var allRepos = await repoService.GetRepositoryListAsync(project.Id);
if (allRepos != null && allRepos.Count > 0)
{
await repoService.DeleteRepositoryAsync(project.Id, allRepos.First().Id);
}
}
}
private async Task EnsureEnvironmentExistsAsync(
ProjectManifest manifest,
Waddle.AdoConnectionFactory factory,
Waddle.Dtos.Project project)
{
if (project != null && manifest.Environments != null && manifest.Environments.Any())
{
var peService = factory.GetPipelineEnvironmentService();
foreach (var pe in manifest.Environments)
{
if (pe != null && !string.IsNullOrWhiteSpace(pe.Name))
{
await ProvisionEnvironmentAsync(factory, project, peService, pe);
}
}
}
}
private async Task ProvisionEnvironmentAsync(Waddle.AdoConnectionFactory factory,
Waddle.Dtos.Project project,
Waddle.PipelineEnvironmentService peService, EnvironmentManifest pe)
{
var peColl = await peService.ListEnvironmentsAsync(project.Id);
if (peColl != null)
{
var envObject = peColl.Value
.FirstOrDefault(penv => penv.Name.Equals(pe.Name, StringComparison.OrdinalIgnoreCase));
if (envObject == null)
{
envObject = await peService.CreateEnvironmentAsync(project.Id, pe.Name, pe.Description);
}
await ProvisionEnvironmentPermissionsAsync(factory, project, peService, pe, envObject);
}
}
private async Task EnsureRepositoryPermissionsAsync(
Waddle.AdoConnectionFactory factory, Waddle.Dtos.Project project,
RepositoryManifest repo, Microsoft.TeamFoundation.SourceControl.WebApi.GitRepository repository)
{
if (repository != null && repo.Permissions != null && repo.Permissions.Any())
{
var secService = factory.GetSecurityNamespaceService();
var gitNamespace = await secService.GetNamespaceAsync(SecurityNamespaceConstants.Git_Repositories);
var gitSecurityNamespaceId = gitNamespace.NamespaceId;
var aclDictioanry = new Dictionary <string, VstsAcesDictionaryEntry>();
await CreateAclsAsync(factory, typeof(GitRepositories), repo.Permissions, aclDictioanry);
if (aclDictioanry.Count > 0)
{
var repositorySecurityToken = $"repoV2/{project.Id}/{repository.Id}";
var aclService = factory.GetAclListService();
await aclService.SetAclsAsync(gitSecurityNamespaceId, repositorySecurityToken, aclDictioanry, false);
}
}
}
private async Task ProvisionBuildPathPermissionsAsync(
Waddle.AdoConnectionFactory factory,
Waddle.Dtos.Project project, PipelineFolder bp, VstsFolder existingItem)
{
if (existingItem != null)
{
var secService = factory.GetSecurityNamespaceService();
var buildNamespace = await secService.GetNamespaceAsync(SecurityNamespaceConstants.Build);
var namespaceId = buildNamespace.NamespaceId;
var aclDictioanry = new Dictionary <string, VstsAcesDictionaryEntry>();
await CreateAclsAsync(factory, typeof(Waddle.Constants.Build), bp.Permissions, aclDictioanry);
if (aclDictioanry.Count > 0)
{
var fpath = bp.Path.TrimStart("\\/".ToCharArray()).Replace("\\", "/");
var token = $"{project.Id}/{fpath}";
var aclService = factory.GetAclListService();
await aclService.SetAclsAsync(namespaceId, token, aclDictioanry, false);
}
}
}
private async Task EnsureRepositoriesExistsAsync(
ProjectManifest manifest, Waddle.AdoConnectionFactory factory,
Waddle.RepositoryService repoService,
Waddle.Dtos.Project project,
bool projectWasAbsent)
{
if (project != null && manifest.Repositories != null && manifest.Repositories.Any())
{
foreach (var repo in manifest.Repositories)
{
if (!string.IsNullOrWhiteSpace(repo.Name))
{
var reposCollection = await repoService.GetRepositoryListAsync(project.Id);
var repository = reposCollection
.FirstOrDefault(r => r.Name.Equals(repo.Name, StringComparison.OrdinalIgnoreCase));
if (repository == null)
{
Logger.StatusBegin($"Creating Repository {repo.Name}...");
await ExecutionSupports.Retry(async() =>
{
repository = await repoService.CreateAsync(project.Id, repo.Name);
},
exception => { Logger.SilentError(exception.Message); });
Logger.StatusEndSuccess("Succeed");
}
Logger.StatusBegin($"Setting up permissions for repository {repo.Name}...");
await EnsureRepositoryPermissionsAsync(factory, project, repo, repository);
Logger.StatusEndSuccess("Succeed");
}
}
await DeleteDefaultRepoAsync(repoService, project, projectWasAbsent);
}
}
private async Task ProvisionEnvironmentPermissionsAsync(
Waddle.AdoConnectionFactory factory,
Waddle.Dtos.Project project,
Waddle.PipelineEnvironmentService peService,
EnvironmentManifest pe, PipelineEnvironment envObject)
{
if (envObject != null && pe.Permissions != null && pe.Permissions.Any())
{
foreach (var permissionObject in pe.Permissions)
{
Logger.StatusBegin($"Configuring Environment ({pe.Name}) permissions: AAD object ({permissionObject.Group}) ...");
var group = await GetGroupByNameAsync(factory,
permissionObject.Origin, permissionObject.Group, permissionObject.Id);
if (group != null)
{
var legacyIdentity = await factory.GetGroupService()
.GetLegacyIdentitiesBySidAsync(group.Sid);
if (legacyIdentity != null && legacyIdentity.Value.Any())
{
var localId = legacyIdentity.Value.First().Id;
foreach (var role in permissionObject.Roles)
{
await peService.SetPermissionAsync(project.Id, envObject.Id, localId, role);
}
Logger.StatusEndSuccess("Succeeded");
}
}
else
{
Logger.StatusEndFailed("Failed (Not found in AAD)");
}
}
}
}
private async Task EnsureBuildFoldersAsync(ProjectManifest manifest,
Waddle.AdoConnectionFactory factory, Waddle.Dtos.Project project)
{
if (manifest.BuildFolders != null && manifest.BuildFolders.Any())
{
var buildService = factory.GetBuildService();
var buildPaths = await buildService.ListFoldersAsync(project.Id);
foreach (var bp in manifest.BuildFolders)
{
var existingItem = buildPaths.Value
.FirstOrDefault(p => p.Path.Replace("\\", "/").Equals(bp.Path, StringComparison.OrdinalIgnoreCase));
if (existingItem == null)
{
existingItem = await buildService.CreateFolderAsync(project.Id, bp.Path);
}
Logger.StatusBegin($"Creating permissions {bp.Path}...");
await ProvisionBuildPathPermissionsAsync(factory, project, bp, existingItem);
Logger.StatusEndSuccess("Succeed");
}
}
}