gitlab auth integration

Signed-off-by: makkalot <[email protected]>

cla-backend-go/auth/authorizer.go

@@ -125,6 +125,7 @@ func (a Authorizer) SecurityAuth(token string, scopes []string) (*user.CLAUser,
 		}
 		return nil, err
 	}
+	//log.WithFields(f).Debugf("user loaded : %+v with scopes : %+v", lfuser, scopes)
 
 	for _, scope := range scopes {
 		switch Scope(scope) {
@@ -151,5 +152,6 @@ func (a Authorizer) SecurityAuth(token string, scopes []string) (*user.CLAUser,
 		}
 	}
 
+	//log.WithFields(f).Debugf("returning user from auth : %+v", lfuser)
 	return &lfuser, nil
 }

cla-backend-go/cmd/dynamo_events_lambda/main.go

@@ -8,6 +8,8 @@ import (
 	"encoding/json"
 	"os"
 
+	"github.com/communitybridge/easycla/cla-backend-go/gitlab"
+
 	"github.com/communitybridge/easycla/cla-backend-go/github_organizations"
 
 	"github.com/communitybridge/easycla/cla-backend-go/utils"
@@ -91,6 +93,8 @@ func init() {
 
 	token.Init(configFile.Auth0Platform.ClientID, configFile.Auth0Platform.ClientSecret, configFile.Auth0Platform.URL, configFile.Auth0Platform.Audience)
 	github.Init(configFile.GitHub.AppID, configFile.GitHub.AppPrivateKey, configFile.GitHub.AccessToken)
+	// initialize gitlab
+	gitlab.Init(configFile.Gitlab.AppID, configFile.Gitlab.AppPrivateKey)
 
 	user_service.InitClient(configFile.APIGatewayURL, configFile.AcsAPIKey)
 	project_service.InitClient(configFile.APIGatewayURL)

cla-backend-go/cmd/gitlab/api/main.go

@@ -1,11 +1,15 @@
+// Copyright The Linux Foundation and each contributor to CommunityBridge.
+// SPDX-License-Identifier: MIT
+
 package main
 
 import (
 	"flag"
 	"fmt"
+	"os"
+
 	log "github.com/communitybridge/easycla/cla-backend-go/logging"
 	"github.com/xanzy/go-gitlab"
-	"os"
 )
 
 const (
@@ -36,8 +40,7 @@ func main() {
 
 	log.Infof("fetched current user : %s", user.Name)
 
-	projects, _, err := gitlabClient.Projects.ListUserProjects(user.ID, &gitlab.ListProjectsOptions{
-	})
+	projects, _, err := gitlabClient.Projects.ListUserProjects(user.ID, &gitlab.ListProjectsOptions{})
 	if err != nil {
 		log.Fatalf("listing projects failed : %v", err)
 	}
@@ -67,7 +70,7 @@ func main() {
 			State:       setState,
 			Name:        gitlab.String("easyCLA Bot"),
 			Description: gitlab.String(getDescription(setState)),
-			TargetURL: gitlab.String(getTargetURL("[email protected]")),
+			TargetURL:   gitlab.String(getTargetURL("[email protected]")),
 		})
 		if err != nil {
 			log.Fatalf("setting commit status for the sha failed : %v", err)

cla-backend-go/cmd/gitlab/auth/main.go

@@ -1,16 +1,20 @@
+// Copyright The Linux Foundation and each contributor to CommunityBridge.
+// SPDX-License-Identifier: MIT
+
 package main
 
 import (
 	"fmt"
-	log "github.com/communitybridge/easycla/cla-backend-go/logging"
-	"github.com/gin-gonic/gin"
-	"github.com/go-resty/resty/v2"
-	"github.com/xanzy/go-gitlab"
 	"io/ioutil"
 	"net/http"
 	"net/url"
 	"os"
 	"strconv"
+
+	log "github.com/communitybridge/easycla/cla-backend-go/logging"
+	"github.com/gin-gonic/gin"
+	"github.com/go-resty/resty/v2"
+	"github.com/xanzy/go-gitlab"
 )
 
 const (
@@ -107,7 +111,7 @@ func main() {
 			return
 		}
 
-		if mergeEvent.ObjectAttributes.State != "opened"{
+		if mergeEvent.ObjectAttributes.State != "opened" {
 			c.JSON(200, gin.H{
 				"message": "only interested in opened events",
 			})
@@ -218,8 +222,7 @@ func registerWebHooksForUserProjects(accessToken string) error {
 
 	log.Infof("fetched current user : %s", user.Name)
 
-	projects, _, err := gitlabClient.Projects.ListUserProjects(user.ID, &gitlab.ListProjectsOptions{
-	})
+	projects, _, err := gitlabClient.Projects.ListUserProjects(user.ID, &gitlab.ListProjectsOptions{})
 	if err != nil {
 		return fmt.Errorf("listing projects failed : %v", err)
 	}

cla-backend-go/cmd/gitlab/webhook/main.go

@@ -1,9 +1,13 @@
+// Copyright The Linux Foundation and each contributor to CommunityBridge.
+// SPDX-License-Identifier: MIT
+
 package main
 
 import (
+	"os"
+
 	log "github.com/communitybridge/easycla/cla-backend-go/logging"
 	"github.com/xanzy/go-gitlab"
-	"os"
 )
 
 const (
@@ -31,8 +35,7 @@ func main() {
 
 	log.Infof("fetched current user : %s", user.Name)
 
-	projects, _, err := gitlabClient.Projects.ListUserProjects(user.ID, &gitlab.ListProjectsOptions{
-	})
+	projects, _, err := gitlabClient.Projects.ListUserProjects(user.ID, &gitlab.ListProjectsOptions{})
 	if err != nil {
 		log.Fatalf("listing projects failed : %v", err)
 	}
@@ -41,9 +44,7 @@ func main() {
 		log.Println("**********************")
 		log.Println("Name : ", p.Name)
 		log.Println("ID: ", p.ID)
-		hooks, _, err := gitlabClient.Projects.ListProjectHooks(p.ID, &gitlab.ListProjectHooksOptions{
-
-		})
+		hooks, _, err := gitlabClient.Projects.ListProjectHooks(p.ID, &gitlab.ListProjectHooksOptions{})
 
 		if err != nil {
 			log.Fatalf("fetching hooks for project : %s, failed : %v", p.Name, err)

cla-backend-go/cmd/server.go

@@ -14,6 +14,10 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/communitybridge/easycla/cla-backend-go/v2/gitlab_organizations"
+
+	"github.com/communitybridge/easycla/cla-backend-go/gitlab"
+
 	"github.com/communitybridge/easycla/cla-backend-go/emails"
 
 	"github.com/communitybridge/easycla/cla-backend-go/v2/dynamo_events"
@@ -226,7 +230,10 @@ func server(localMode bool) http.Handler {
 	if err != nil {
 		logrus.Panic(err)
 	}
+	// initialize github
 	github.Init(configFile.GitHub.AppID, configFile.GitHub.AppPrivateKey, configFile.GitHub.AccessToken)
+	// initialize gitlab
+	gitlab.Init(configFile.Gitlab.AppID, configFile.Gitlab.AppPrivateKey)
 
 	// Our backend repository handlers
 	userRepo := user.NewDynamoRepository(awsSession, stage)
@@ -241,6 +248,7 @@ func server(localMode bool) http.Handler {
 	v1CLAGroupRepo := project.NewRepository(awsSession, stage, repositoriesRepo, gerritRepo, v1ProjectClaGroupRepo)
 	metricsRepo := metrics.NewRepository(awsSession, stage, configFile.APIGatewayURL, v1ProjectClaGroupRepo)
 	githubOrganizationsRepo := github_organizations.NewRepository(awsSession, stage)
+	gitlabOrganizationRepo := gitlab_organizations.NewRepository(awsSession, stage)
 	claManagerReqRepo := cla_manager.NewRepository(awsSession, stage)
 
 	// Our service layer handlers
@@ -291,6 +299,7 @@ func server(localMode bool) http.Handler {
 	authorizer := auth.NewAuthorizer(authValidator, userRepo)
 	v2MetricsService := metrics.NewService(metricsRepo, v1ProjectClaGroupRepo)
 	githubOrganizationsService := github_organizations.NewService(githubOrganizationsRepo, repositoriesRepo, v1ProjectClaGroupRepo)
+	gitlabOrganizationsService := gitlab_organizations.NewService(gitlabOrganizationRepo, v1ProjectClaGroupRepo)
 	v2GithubOrganizationsService := v2GithubOrganizations.NewService(githubOrganizationsRepo, repositoriesRepo, v1ProjectClaGroupRepo, githubOrganizationsService)
 	autoEnableService := dynamo_events.NewAutoEnableService(v1RepositoriesService, repositoriesRepo, githubOrganizationsRepo, v1ProjectClaGroupRepo, v1ProjectService)
 	v2GithubActivityService := v2GithubActivity.NewService(repositoriesRepo, githubOrganizationsRepo, eventsService, autoEnableService, emailService)
@@ -330,6 +339,7 @@ func server(localMode bool) http.Handler {
 	v2Metrics.Configure(v2API, v2MetricsService, v1CompanyRepo)
 	github_organizations.Configure(api, githubOrganizationsService, eventsService)
 	v2GithubOrganizations.Configure(v2API, v2GithubOrganizationsService, eventsService)
+	gitlab_organizations.Configure(v2API, gitlabOrganizationsService, eventsService)
 	repositories.Configure(api, v1RepositoriesService, eventsService)
 	v2Repositories.Configure(v2API, v2RepositoriesService, eventsService)
 	gerrits.Configure(api, gerritService, v1ProjectService, eventsService)

cla-backend-go/config/config.go

@@ -51,6 +51,9 @@ type Config struct {
 	// GitHub Application
 	GitHub GitHub `json:"github"`
 
+	// Gitlab Application
+	Gitlab Gitlab `json:"gitlab"`
+
 	// Dynamo Session Store
 	SessionStoreTableName string `json:"sessionStoreTableName"`
 
@@ -134,6 +137,15 @@ type GitHub struct {
 	TestRepositoryID               string `json:"test_repository_id"`
 }
 
+// Gitlab model
+type Gitlab struct {
+	ClientSecret  string `json:"clientSecret"`
+	AppID         string `json:"app_id"`
+	AppPrivateKey string `json:"app_private_key"`
+	RedirectURI   string `json:"redirect_uri"`
+	WebHookURI    string `json:"web_hook_uri"`
+}
+
 // MetricsReport keeps the config needed to send the metrics data report
 type MetricsReport struct {
 	AwsSQSRegion   string `json:"aws_sqs_region"`

cla-backend-go/config/ssm.go

@@ -70,6 +70,11 @@ func loadSSMConfig(awsSession *session.Session, stage string) Config { //nolint
 		fmt.Sprintf("cla-gh-test-organization-installation-id-%s", stage),
 		fmt.Sprintf("cla-gh-test-repository-%s", stage),
 		fmt.Sprintf("cla-gh-test-repository-id-%s", stage),
+		fmt.Sprintf("cla-gitlab-oauth-secret-go-backend-%s", stage),
+		fmt.Sprintf("cla-gitlab-app-id-%s", stage),
+		fmt.Sprintf("cla-gitlab-app-private-key-%s", stage),
+		fmt.Sprintf("cla-gitlab-app-redirect-uri-%s", stage),
+		fmt.Sprintf("cla-gitlab-app-web-hook-uri-%s", stage),
 		fmt.Sprintf("cla-corporate-base-%s", stage),
 		fmt.Sprintf("cla-corporate-v1-base-%s", stage),
 		fmt.Sprintf("cla-corporate-v2-base-%s", stage),
@@ -150,6 +155,18 @@ func loadSSMConfig(awsSession *session.Session, stage string) Config { //nolint
 		case fmt.Sprintf("cla-gh-test-repository-id-%s", stage):
 			config.GitHub.TestRepositoryID = resp.value
 
+		//	gitlab ssm
+		case fmt.Sprintf("cla-gitlab-oauth-secret-go-backend-%s", stage):
+			config.Gitlab.ClientSecret = resp.value
+		case fmt.Sprintf("cla-gitlab-app-id-%s", stage):
+			config.Gitlab.AppID = resp.value
+		case fmt.Sprintf("cla-gitlab-app-private-key-%s", stage):
+			config.Gitlab.AppPrivateKey = resp.value
+		case fmt.Sprintf("cla-gitlab-app-redirect-uri-%s", stage):
+			config.Gitlab.RedirectURI = resp.value
+		case fmt.Sprintf("cla-gitlab-app-web-hook-uri-%s", stage):
+			config.Gitlab.WebHookURI = resp.value
+
 		case fmt.Sprintf("cla-corporate-base-%s", stage):
 			config.CorporateConsoleURL = resp.value
 		case fmt.Sprintf("cla-corporate-v1-base-%s", stage):

cla-backend-go/events/event_data.go

@@ -190,6 +190,26 @@ type GitHubOrganizationUpdatedEventData struct {
 	AutoEnabledClaGroupID  string
 }
 
+// GitlabOrganizationAddedEventData data model
+type GitlabOrganizationAddedEventData struct {
+	GitlabOrganizationName  string
+	AutoEnabled             bool
+	AutoEnabledClaGroupID   string
+	BranchProtectionEnabled bool
+}
+
+// GitlabOrganizationDeletedEventData data model
+type GitlabOrganizationDeletedEventData struct {
+	GitlabOrganizationName string
+}
+
+// GitlabOrganizationUpdatedEventData data model
+type GitlabOrganizationUpdatedEventData struct {
+	GitlabOrganizationName string
+	AutoEnabled            bool
+	AutoEnabledClaGroupID  string
+}
+
 // CCLAApprovalListRequestCreatedEventData data model
 type CCLAApprovalListRequestCreatedEventData struct {
 	RequestID string
@@ -647,6 +667,44 @@ func (ed *GitHubOrganizationUpdatedEventData) GetEventDetailsString(args *LogEve
 	return data, true
 }
 
+// GetEventDetailsString returns the details string for this event
+func (ed *GitlabOrganizationAddedEventData) GetEventDetailsString(args *LogEventArgs) (string, bool) {
+	data := fmt.Sprintf("Gitlab Organization: %s was added with auto-enabled: %t, with branch protection enabled: %t",
+		ed.GitlabOrganizationName, ed.AutoEnabled, ed.BranchProtectionEnabled)
+	if ed.AutoEnabledClaGroupID != "" {
+		data = data + fmt.Sprintf(" with auto-enabled-cla-group: %s", ed.AutoEnabledClaGroupID)
+	}
+	if args.UserName != "" {
+		data = data + fmt.Sprintf(" by the user %s", args.UserName)
+	}
+	data = data + "."
+	return data, true
+}
+
+// GetEventDetailsString returns the details string for this event
+func (ed *GitlabOrganizationDeletedEventData) GetEventDetailsString(args *LogEventArgs) (string, bool) {
+	data := fmt.Sprintf("GitHub Organization: %s was deleted ", ed.GitlabOrganizationName)
+	if args.UserName != "" {
+		data = data + fmt.Sprintf(" by the user %s", args.UserName)
+	}
+	data = data + "."
+	return data, true
+}
+
+// GetEventDetailsString returns the details string for this event
+func (ed *GitlabOrganizationUpdatedEventData) GetEventDetailsString(args *LogEventArgs) (string, bool) {
+	data := fmt.Sprintf("GitHub Organization:%s was updated with auto-enabled: %t",
+		ed.GitlabOrganizationName, ed.AutoEnabled)
+	if ed.AutoEnabledClaGroupID != "" {
+		data = data + fmt.Sprintf(" with auto-enabled-cla-group: %s", ed.AutoEnabledClaGroupID)
+	}
+	if args.UserName != "" {
+		data = data + fmt.Sprintf(" by the user %s", args.UserName)
+	}
+	data = data + "."
+	return data, true
+}
+
 // GetEventDetailsString returns the details string for this event
 func (ed *CCLAApprovalListRequestApprovedEventData) GetEventDetailsString(args *LogEventArgs) (string, bool) {
 	data := fmt.Sprintf("User: %s approved a CCLA Approval Request for Project: %s and Company: %s with Request ID: %s.",
@@ -1543,6 +1601,62 @@ func (ed *GitHubOrganizationUpdatedEventData) GetEventSummaryString(args *LogEve
 	return data, true
 }
 
+// GetEventSummaryString returns the summary string for this event
+func (ed *GitlabOrganizationAddedEventData) GetEventSummaryString(args *LogEventArgs) (string, bool) {
+	data := fmt.Sprintf("The Gitlab organization %s was added with auto-enabled set to %t with branch protection enabled set to %t",
+		ed.GitlabOrganizationName, ed.AutoEnabled, ed.BranchProtectionEnabled)
+	if ed.AutoEnabledClaGroupID != "" {
+		data = data + fmt.Sprintf(" with auto-enabled-cla-group set to %s", ed.AutoEnabledClaGroupID)
+	}
+	if args.CLAGroupName != "" {
+		data = data + fmt.Sprintf(" for the CLA Group %s", args.CLAGroupName)
+	}
+	if args.ProjectName != "" {
+		data = data + fmt.Sprintf(" for the project %s", args.ProjectName)
+	}
+	if args.UserName != "" {
+		data = data + fmt.Sprintf(" by the user %s", args.UserName)
+	}
+	data = data + "."
+	return data, true
+}
+
+// GetEventSummaryString returns the summary string for this event
+func (ed *GitlabOrganizationDeletedEventData) GetEventSummaryString(args *LogEventArgs) (string, bool) {
+	data := fmt.Sprintf("The Gitlab organization %s was deleted", ed.GitlabOrganizationName)
+	if args.CLAGroupName != "" {
+		data = data + fmt.Sprintf(" for CLA Group %s", args.CLAGroupName)
+	}
+	if args.ProjectName != "" {
+		data = data + fmt.Sprintf(" for project %s", args.ProjectName)
+	}
+	if args.UserName != "" {
+		data = data + fmt.Sprintf(" by the user %s", args.UserName)
+	}
+	data = data + "."
+	return data, true
+}
+
+// GetEventSummaryString returns the summary string for this event
+func (ed *GitlabOrganizationUpdatedEventData) GetEventSummaryString(args *LogEventArgs) (string, bool) {
+	data := fmt.Sprintf("Gitlab Organization: %s was updated with auto-enabled: %t",
+		ed.GitlabOrganizationName, ed.AutoEnabled)
+	if ed.AutoEnabledClaGroupID != "" {
+		data = data + fmt.Sprintf(" with auto-enabled-cla-group: %s", ed.AutoEnabledClaGroupID)
+	}
+	if args.CLAGroupName != "" {
+		data = data + fmt.Sprintf(" for CLA Group %s", args.CLAGroupName)
+	}
+	if args.ProjectName != "" {
+		data = data + fmt.Sprintf(" for project %s", args.ProjectName)
+	}
+	if args.UserName != "" {
+		data = data + fmt.Sprintf(" by the user %s", args.UserName)
+	}
+	data = data + "."
+	return data, true
+}
+
 // GetEventSummaryString returns the summary string for this event
 func (ed *CCLAApprovalListRequestApprovedEventData) GetEventSummaryString(args *LogEventArgs) (string, bool) {
 	data := fmt.Sprintf("The user %s approved a CCLA approval request", args.UserName)

cla-backend-go/events/event_types.go

@@ -49,6 +49,10 @@ const (
 	GitHubOrganizationDeleted = "github_organization.deleted"
 	GitHubOrganizationUpdated = "github_organization.updated"
 
+	GitlabOrganizationAdded   = "gitlab_organization.added"
+	GitlabOrganizationDeleted = "gitlab_organization.deleted"
+	GitlabOrganizationUpdated = "gitlab_organization.updated"
+
 	CompanyACLUserAdded       = "company_acl.user_added"
 	CompanyACLRequestAdded    = "company_acl.request_added"
 	CompanyACLRequestApproved = "company_acl.request_approved"