1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
// Copyright The gittuf Authors
// SPDX-License-Identifier: Apache-2.0
package disablegithubappapprovals
import (
"github.com/gittuf/gittuf/experimental/gittuf"
trustpolicyopts "github.com/gittuf/gittuf/experimental/gittuf/options/trustpolicy"
"github.com/gittuf/gittuf/internal/cmd/common"
"github.com/gittuf/gittuf/internal/cmd/trust/persistent"
"github.com/gittuf/gittuf/internal/tuf"
"github.com/spf13/cobra"
)
type options struct {
p *persistent.Options
appName string
}
func (o *options) AddFlags(cmd *cobra.Command) {
cmd.Flags().StringVar(
&o.appName,
"app-name",
tuf.GitHubAppRoleName,
"name of app to add to root of trust",
)
}
func (o *options) Run(cmd *cobra.Command, _ []string) error {
repo, err := gittuf.LoadRepository(".")
if err != nil {
return err
}
signer, err := gittuf.LoadSigner(repo, o.p.SigningKey)
if err != nil {
return err
}
opts := []trustpolicyopts.Option{}
if o.p.WithRSLEntry {
opts = append(opts, trustpolicyopts.WithRSLEntry())
}
return repo.UntrustGitHubApp(cmd.Context(), signer, o.appName, true, opts...)
}
func New(persistent *persistent.Options) *cobra.Command {
o := &options{p: persistent}
cmd := &cobra.Command{
Use: "disable-github-app-approvals",
Short: "Mark GitHub app approvals as untrusted henceforth",
Long: `The 'disable-github-app-approvals' command revokes a GitHub App's ability to approve changes by marking it untrusted in the trust policy.`,
PreRunE: common.CheckForSigningKeyFlag,
RunE: o.Run,
DisableAutoGenTag: true,
}
o.AddFlags(cmd)
return cmd
}
|
