✨ Support setting & checking AutomatedSecurityFixes. https://docs.git…

…hub.com/en/rest/repos/repos?apiVersion=2022-11-28#check-if-automated-security-fixes-are-enabled-for-a-repository.
hub4j · Aug 28, 2024 · 37ab9a9 · 37ab9a9
1 parent 338de9a
commit 37ab9a9
Show file tree

Hide file tree

Showing 14 changed files with 482 additions and 33 deletions.
diff --git a/src/main/java/org/kohsuke/github/GHRepository.java b/src/main/java/org/kohsuke/github/GHRepository.java
@@ -125,6 +125,41 @@ public class GHRepository extends GHObject {
     private Boolean isTemplate;
     private boolean compareUsePaginatedCommits;
 
+    /**
+     * Extra API call to /automated-security-fixes to get the status of automated security fixes.
+     *
+     * @return GHAutomatedSecurityFixes
+     * @throws IOException
+     */
+    public GHAutomatedSecurityFixes getAutomatedSecurityFixes() throws IOException {
+        return root().createRequest()
+                .method("GET")
+                .with("name", name)
+                .withUrlPath(getApiTailUrl("/automated-security-fixes"))
+                .fetch(GHAutomatedSecurityFixes.class);
+    }
+
+    public static class GHAutomatedSecurityFixes {
+        private boolean enabled;
+        private boolean paused;
+
+        public boolean isEnabled() {
+            return enabled;
+        }
+
+        public void setEnabled(boolean enabled) {
+            this.enabled = enabled;
+        }
+
+        public boolean isPaused() {
+            return paused;
+        }
+
+        public void setPaused(boolean paused) {
+            this.paused = paused;
+        }
+    }
+
     /**
      * Read.
      *
@@ -621,7 +656,8 @@ public Map<String, Long> listLanguages() throws IOException {
      */
     public String getOwnerName() {
         // consistency of the GitHub API is super... some serialized forms of GHRepository populate
-        // a full GHUser while others populate only the owner and email. This later form is super helpful
+        // a full GHUser while others populate only the owner and email. This later form is super
+        // helpful
         // in putting the login in owner.name not owner.login... thankfully we can easily identify this
         // second set because owner.login will be null
         return owner.login != null ? owner.login : owner.name;
@@ -726,6 +762,24 @@ public boolean isDeleteBranchOnMerge() {
         return delete_branch_on_merge;
     }
 
+    /**
+     * Shows whether automated security fixes are enabled or disabled.
+     *
+     * @return the boolean
+     */
+    public boolean isAutomatedSecurityFixesEnabled() throws IOException {
+        return this.getAutomatedSecurityFixes().isEnabled();
+    }
+
+    /**
+     * Shows whether automated security fixes are paused or not.
+     *
+     * @return the boolean
+     */
+    public boolean isAutomatedSecurityFixesPaused() throws IOException {
+        return this.getAutomatedSecurityFixes().isPaused();
+    }
+
     /**
      * Returns the number of all forks of this repository. This not only counts direct forks, but also forks of forks,
      * and so on.
@@ -766,9 +820,7 @@ public boolean isPrivate() {
         return _private;
     }
 
-    /**
-     * Visibility of a repository.
-     */
+    /** Visibility of a repository. */
     public enum Visibility {
 
         /** The public. */
@@ -783,9 +835,11 @@ public enum Visibility {
         /**
          * Placeholder for unexpected data values.
          *
+         * <p>
          * This avoids throwing exceptions during data binding or reading when the list of allowed values returned from
          * GitHub is expanded.
          *
+         * <p>
          * Do not pass this value to any methods. If this value is returned during a request, check the log output and
          * report an issue for the missing value.
          */
@@ -927,6 +981,7 @@ public String getDefaultBranch() {
     /**
      * Gets default branch.
      *
+     * <p>
      * Name is an artifact of when "master" was the most common default.
      *
      * @return the default branch
@@ -956,9 +1011,7 @@ public int getSize() {
         return size;
     }
 
-    /**
-     * Affiliation of a repository collaborator.
-     */
+    /** Affiliation of a repository collaborator. */
     public enum CollaboratorAffiliation {
 
         /** The all. */
@@ -1187,7 +1240,6 @@ public void addCollaborators(GHOrganization.Permission permission, GHUser... use
      *            the permission level
      * @param users
      *            the users
-     *
      * @throws IOException
      *             the io exception
      */
@@ -1493,6 +1545,22 @@ public void deleteBranchOnMerge(boolean value) throws IOException {
         set().deleteBranchOnMerge(value);
     }
 
+    public void enableAutomatedSecurityFixes(boolean value) throws IOException {
+        if (value) {
+            root().createRequest()
+                    .method("PUT")
+                    .with("name", name)
+                    .withUrlPath(getApiTailUrl("/automated-security-fixes"))
+                    .send();
+        } else {
+            root().createRequest()
+                    .method("DELETE")
+                    .with("name", name)
+                    .withUrlPath(getApiTailUrl("/automated-security-fixes"))
+                    .send();
+        }
+    }
+
     /**
      * Deletes this repository.
      *
@@ -1551,9 +1619,7 @@ public Setter set() {
         return new Setter(this);
     }
 
-    /**
-     * Sort orders for listing forks.
-     */
+    /** Sort orders for listing forks. */
     public enum ForkSort {
 
         /** The newest. */
@@ -1849,6 +1915,7 @@ public void deleteHook(int id) throws IOException {
      * Sets {@link #getCompare(String, String)} to return a {@link GHCompare} that uses a paginated commit list instead
      * of limiting to 250 results.
      *
+     * <p>
      * By default, {@link GHCompare} returns all commits in the comparison as part of the request, limited to 250
      * results. More recently GitHub added the ability to return the commits as a paginated query allowing for more than
      * 250 results.
@@ -1861,8 +1928,8 @@ public void setCompareUsePaginatedCommits(boolean value) {
     }
 
     /**
-     * Gets a comparison between 2 points in the repository. This would be similar to calling
-     * <code>git log id1...id2</code> against a local repository.
+     * Gets a comparison between 2 points in the repository. This would be similar to calling <code>
+     * git log id1...id2</code> against a local repository.
      *
      * @param id1
      *            an identifier for the first point to compare from, this can be a sha1 ID (for a commit, tag etc) or a
@@ -2160,7 +2227,6 @@ public PagedIterable<GHCommitComment> listCommitComments() {
      *
      * @param commitSha
      *            the hash of the commit
-     *
      * @return the paged iterable
      */
     public PagedIterable<GHCommitComment> listCommitComments(String commitSha) {
@@ -2364,6 +2430,7 @@ public PagedIterable<GHEventInfo> listEvents() throws IOException {
 
     /**
      * Lists labels in this repository.
+     *
      * <p>
      * https://developer.github.com/v3/issues/labels/#list-all-labels-for-this-repository
      *
@@ -2433,6 +2500,7 @@ public PagedIterable<GHInvitation> listInvitations() {
 
     /**
      * Lists all the subscribers (aka watchers.)
+     *
      * <p>
      * https://developer.github.com/v3/activity/watching/
      *
@@ -2541,9 +2609,7 @@ public Set<URL> getPostCommitHooks() {
         }
     }
 
-    /**
-     * Live set view of the post-commit hook.
-     */
+    /** Live set view of the post-commit hook. */
     @SuppressFBWarnings(value = "DMI_COLLECTION_OF_URLS",
             justification = "It causes a performance degradation, but we have already exposed it to the API")
     @SkipFromToString
@@ -3080,9 +3146,7 @@ public PagedIterable<Contributor> listContributors() throws IOException {
         return root().createRequest().withUrlPath(getApiTailUrl("contributors")).toIterable(Contributor[].class, null);
     }
 
-    /**
-     * The type Contributor.
-     */
+    /** The type Contributor. */
     public static class Contributor extends GHUser {
         private int contributions;
 
@@ -3181,6 +3245,7 @@ public PagedIterable<GHProject> listProjects() throws IOException {
 
     /**
      * Render a Markdown document.
+     *
      * <p>
      * In {@linkplain MarkdownMode#GFM GFM mode}, issue numbers and user mentions are linked accordingly.
      *
@@ -3597,6 +3662,7 @@ void populate() throws IOException {
     /**
      * A {@link GHRepositoryBuilder} that allows multiple properties to be updated per request.
      *
+     * <p>
      * Consumer must call {@link #done()} to commit changes.
      */
     @BetaApi
@@ -3688,6 +3754,7 @@ public PagedIterable<GHRepositoryRule> listRulesForBranch(String branch) throws
     /**
      * A {@link GHRepositoryBuilder} that allows multiple properties to be updated per request.
      *
+     * <p>
      * Consumer must call {@link #done()} to commit changes.
      */
     @BetaApi

diff --git a/src/test/java/org/kohsuke/github/GHRepositoryTest.java b/src/test/java/org/kohsuke/github/GHRepositoryTest.java
@@ -1,28 +1,29 @@
 package org.kohsuke.github;
 
+import static org.hamcrest.Matchers.*;
+import static org.hamcrest.core.IsInstanceOf.instanceOf;
+import static org.junit.Assert.*;
+import static org.kohsuke.github.GHVerification.Reason.GPGVERIFY_ERROR;
+import static org.kohsuke.github.GHVerification.Reason.UNKNOWN_SIGNATURE_TYPE;
+
 import com.fasterxml.jackson.databind.JsonMappingException;
 import com.google.common.collect.Sets;
-import org.apache.commons.io.IOUtils;
-import org.junit.Assert;
-import org.junit.Test;
-import org.kohsuke.github.GHCheckRun.Conclusion;
-import org.kohsuke.github.GHOrganization.RepositoryRole;
-import org.kohsuke.github.GHRepository.Visibility;
-
 import java.io.ByteArrayInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
 import java.time.LocalDate;
 import java.util.*;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 import java.util.stream.Collectors;
-
-import static org.hamcrest.Matchers.*;
-import static org.hamcrest.core.IsInstanceOf.instanceOf;
-import static org.junit.Assert.assertThrows;
-import static org.kohsuke.github.GHVerification.Reason.GPGVERIFY_ERROR;
-import static org.kohsuke.github.GHVerification.Reason.UNKNOWN_SIGNATURE_TYPE;
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.kohsuke.github.GHCheckRun.Conclusion;
+import org.kohsuke.github.GHOrganization.RepositoryRole;
+import org.kohsuke.github.GHRepository.Visibility;
 
 // TODO: Auto-generated Javadoc
 /**
@@ -1937,4 +1938,24 @@ private void verifyPluralResult(PagedSearchIterable<GHPullRequest> searchResult,
         assertThat(searchResult.toList().get(0).getNumber(), is(expectedPR1.getNumber()));
         assertThat(searchResult.toList().get(1).getNumber(), is(expectedPR2.getNumber()));
     }
+
+    /**
+     * Test repository automated security fix settings.
+     */
+    @Test
+    public void testAutomatedSecurityFixSettings() throws IOException {
+        GHRepository repo = getTempRepository();
+        var initialEnabled = repo.isAutomatedSecurityFixesEnabled();
+        assertThat(initialEnabled, is(instanceOf(Boolean.class)));
+        var initialPaused = repo.isAutomatedSecurityFixesPaused();
+        assertThat(initialPaused, is(instanceOf(Boolean.class)));
+
+        repo.enableAutomatedSecurityFixes(true);
+        assertTrue("isAutomatedSecurityFixesEnabled should be true", repo.isAutomatedSecurityFixesEnabled());
+        assertFalse("isAutomatedSecurityFixesPaused should be false", repo.isAutomatedSecurityFixesPaused());
+
+        repo.enableAutomatedSecurityFixes(false);
+        assertFalse("isAutomatedSecurityFixesEnabled should be true", repo.isAutomatedSecurityFixesEnabled());
+        assertFalse("isAutomatedSecurityFixesPaused should be false", repo.isAutomatedSecurityFixesPaused());
+    }
 }
diff --git a/...github/GHRepositoryTest/wiremock/testAutomatedSecurityFixSettings/__files/1-get_user.json b/...github/GHRepositoryTest/wiremock/testAutomatedSecurityFixSettings/__files/1-get_user.json
@@ -0,0 +1,35 @@
+{
+  "login": "ranma2913",
+  "id": 4295880,
+  "node_id": "MDQ6VXNlcjQyOTU4ODA=",
+  "avatar_url": "https://avatars.githubusercontent.com/u/4295880?v=4",
+  "gravatar_id": "",
+  "url": "https://api.github.com/users/ranma2913",
+  "html_url": "https://github.com/ranma2913",
+  "followers_url": "https://api.github.com/users/ranma2913/followers",
+  "following_url": "https://api.github.com/users/ranma2913/following{/other_user}",
+  "gists_url": "https://api.github.com/users/ranma2913/gists{/gist_id}",
+  "starred_url": "https://api.github.com/users/ranma2913/starred{/owner}{/repo}",
+  "subscriptions_url": "https://api.github.com/users/ranma2913/subscriptions",
+  "organizations_url": "https://api.github.com/users/ranma2913/orgs",
+  "repos_url": "https://api.github.com/users/ranma2913/repos",
+  "events_url": "https://api.github.com/users/ranma2913/events{/privacy}",
+  "received_events_url": "https://api.github.com/users/ranma2913/received_events",
+  "type": "User",
+  "site_admin": false,
+  "name": "Joel Sticha",
+  "company": "Optum Technology",
+  "blog": "",
+  "location": "MN, USA",
+  "email": null,
+  "hireable": null,
+  "bio": null,
+  "twitter_username": null,
+  "notification_email": null,
+  "public_repos": 51,
+  "public_gists": 2,
+  "followers": 4,
+  "following": 5,
+  "created_at": "2013-04-29T20:05:40Z",
+  "updated_at": "2024-08-28T16:13:33Z"
+}