6. Develop Concept for IssueOps - np-reddy/git-issue-ops GitHub Wiki

Develop concept for issueops to

  • Read existing users from GitHub org members/roles/teams/outside collaborators
  • Map the users to user groups.
  • on new issue, create artifactory repos, groups, permission targets according to users maps.

Things to consider

  1. GH organization membership can be either owner or member, so mapping users/members from GH organization to artifactory is not effective and granular. Instead, consider repository collaborators where different permission levels like admin, read, write are possible.
  2. IssueOps can be implemented in different ways, either using Probot-Webhook combination or GitHub action workflows. Probot needs GitHub app to be hosted on the internet that can receive payloads from GH webhooks and process them, that means we need an additional component to be procured and build/setup. This is not a cost effective solution and also a overhead on the operations.
    Using GitHub action workflows is more convenient and easy on pocket. No additional component is needed and action runners can be allocated automatically by github for free.

Approach

  1. Create a GH repository under an organization where this issueops needs to be implemented. This will be used for requisition.
  2. Have an issue template defined which will be used to ask for information like GH repository name, artifactory repository type and other information needed to create repositories and permission targets in artifactory.
  3. Define an action workflow which will trigger on issue creation in requisition repository and captures the issue description.
  4. Create a script to process the issue description, extract the necessary values and prepare the mappings of users, repos that need to be created in artifactory.
  5. Use JFrog CLI or REST api in the same action workflow to create required objects.
  6. Pass the information back to the issue creator by commenting on the issue.

Interesting Findings

  • Issue forms can be used for creating issue templates, but these are in beta phase and only available in public repos.
  • Storage class (PVC) with ReadWriteMany is not supported in gcloud.
  • Artifactory OSS or CE has very limited REST api endpoints, most of the user security and administration related end points including create user, create repo etc., are not supported. Consider setting up Artifactory Pro version with trial license.

Read existing users from GitHub repo

GH Repo name will be provided by the user while creating the issue by selecting the template. Apart from repo name, artifactory repo type, package type will also be provided. Collaborators api can be used to find the user access levels.

Mapping the GitHub users to Artifactory users

Following user mapping will be used for this demonstration.

GitHub Artifacotry
Admin Manage
Write Delete
Read Read

Create necessary objects on Issue creation

A GitHub action workflow will be defined to trigger on issue creation, extract the information from issue description, fetch the github repo users, group them according to the access and finillary create necessary objects in artifactory.