Disable unauthorized deployments from VCS
This commit is contained in:
parent
e6e69b64d3
commit
ed5e31a4b3
1 changed files with 20 additions and 4 deletions
|
@ -476,9 +476,12 @@ $createGitDeployments = function (GitHub $github, string $installationId, string
|
|||
$owner = $github->getOwnerName($installationId);
|
||||
$repositoryName = $github->getRepositoryName($repositoryId);
|
||||
|
||||
$isAuthorized = false;
|
||||
$commentStatus = $isAuthorized ? 'waiting' : 'failed';
|
||||
|
||||
if (empty($latestCommentId)) {
|
||||
$comment = new Comment();
|
||||
$comment->addBuild($project, $function, 'waiting', $deploymentId);
|
||||
$comment->addBuild($project, $function, $commentStatus, $deploymentId);
|
||||
|
||||
$pullRequest = $github->getBranchPullRequest($owner, $repositoryName, $branchName);
|
||||
if (!empty($pullRequest)) {
|
||||
|
@ -488,11 +491,26 @@ $createGitDeployments = function (GitHub $github, string $installationId, string
|
|||
} else {
|
||||
$comment = new Comment();
|
||||
$comment->parseComment($github->getComment($owner, $repositoryName, $latestCommentId));
|
||||
$comment->addBuild($project, $function, 'waiting', $deploymentId);
|
||||
$comment->addBuild($project, $function, $commentStatus, $deploymentId);
|
||||
|
||||
$latestCommentId = $github->updateComment($owner, $repositoryName, $latestCommentId, $comment->generateComment());
|
||||
}
|
||||
|
||||
$targetUrl = $request->getProtocol() . '://' . $request->getHostname() . "/console/project-$projectId/functions/function-$functionId";
|
||||
|
||||
if(!$isAuthorized) {
|
||||
$functionName = $function->getAttribute('name');
|
||||
$projectName = $project->getAttribute('name');
|
||||
$name = "{$functionName} ({$projectName})";
|
||||
$message = 'Unauthorized. Must have write permissions on repository.';
|
||||
|
||||
$repositoryId = $resource->getAttribute('repositoryId');
|
||||
$repositoryName = $github->getRepositoryName($repositoryId);
|
||||
$owner = $github->getOwnerName($installationId);
|
||||
$github->updateCommitStatus($repositoryName, $SHA, $owner, 'failed', $message, $targetUrl, $name);
|
||||
continue;
|
||||
}
|
||||
|
||||
$deployment = $dbForProject->createDocument('deployments', new Document([
|
||||
'$id' => $deploymentId,
|
||||
'$permissions' => [
|
||||
|
@ -517,8 +535,6 @@ $createGitDeployments = function (GitHub $github, string $installationId, string
|
|||
'activate' => $activate,
|
||||
]));
|
||||
|
||||
$targetUrl = $request->getProtocol() . '://' . $request->getHostname() . "/console/project-$projectId/functions/function-$functionId";
|
||||
|
||||
if (!empty($SHA) && $function->getAttribute('vcsSilentMode', false) === false) {
|
||||
$functionName = $function->getAttribute('name');
|
||||
$projectName = $project->getAttribute('name');
|
||||
|
|
Loading…
Reference in a new issue