Merge pull request #41 from Omegapoint/feature/FixedBranchprotectionZero

Feature/fixed branchprotection zero
Omegapoint · Oct 3, 2023 · ea68b3a · ea68b3a
2 parents 86eac8b + 287985d
commit ea68b3a
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 146 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -25,11 +25,11 @@
   "dependencies": {
     "@actions/core": "^1.10.0",
     "@actions/github": "^5.1.1",
-    "@octokit/rest": "^20.0.2",
     "@vercel/ncc": "^0.36.1",
     "joi": "^17.10.1"
   },
   "devDependencies": {
+    "@octokit/types": "^12.0.0",
     "@types/chai": "^4.3.6",
     "@types/mocha": "^10.0.1",
     "@types/node": "^20.5.7",

diff --git a/src/branchprotection/BranchProtectionService.ts b/src/branchprotection/BranchProtectionService.ts
@@ -1,16 +1,17 @@
-/* eslint-disable @typescript-eslint/typedef */
-/* eslint-disable @typescript-eslint/no-explicit-any */
 import * as core from '@actions/core';
 import * as github from '@actions/github';
+import { Endpoints } from '@octokit/types';
+import { GitHub } from '@actions/github/lib/utils';
 export class BranchProtectionService {
   public static async getStateOfBranchProtection(): Promise<void> {
     try {
       console.log('\n Running branch protection control');
       const { owner, repo }: { owner: string; repo: string } = github.context.repo;
       const token: string = core.getInput('PAT-token');
 
-      const octokit = github.getOctokit(token);
-      const response = await octokit.rest.repos.getBranchProtection({
+      const octokit: InstanceType<typeof GitHub> = github.getOctokit(token);
+      type branchProtectionRepsponse = Endpoints['GET /repos/{owner}/{repo}/branches/{branch}/protection']['response'];
+      const response: branchProtectionRepsponse = await octokit.rest.repos.getBranchProtection({
         owner,
         repo,
         branch: 'main',
@@ -19,7 +20,6 @@ export class BranchProtectionService {
       if (response.data.enforce_admins?.enabled === false) {
         core.warning('Branch protection can be overridden by admins and is therefore counted as not enabled');
       }
-
       let numberOfReviewers: number = 0;
       if (
         response.data.enforce_admins?.enabled === true &&

diff --git a/tests/branchprotection.test.ts b/tests/branchprotection.test.ts
@@ -0,0 +1,75 @@
+import * as core from '@actions/core';
+import * as github from '@actions/github';
+import sinon, { SinonSandbox, SinonStub } from 'sinon';
+import { expect } from 'chai';
+import { BranchProtectionService } from '../src/branchprotection/BranchProtectionService';
+describe('BranchProtectionService', () => {
+  let sandbox: SinonSandbox;
+  let warningStub: SinonStub;
+  let exportVariableStub: SinonStub;
+  let getOctokitStub: SinonStub;
+
+  beforeEach(() => {
+    sandbox = sinon.createSandbox();
+    warningStub = sandbox.stub(core, 'warning');
+    exportVariableStub = sandbox.stub(core, 'exportVariable');
+    getOctokitStub = sandbox.stub(github, 'getOctokit');
+  });
+
+  afterEach(() => {
+    sandbox.restore();
+  });
+
+  it('should handle successful branch protection retrieval', async () => {
+    getOctokitStub.returns({
+      rest: {
+        repos: {
+          getBranchProtection: sinon.stub().resolves({
+            data: {
+              enforce_admins: { enabled: true },
+              required_pull_request_reviews: { required_approving_review_count: 1 },
+            },
+          }),
+        },
+      },
+    });
+
+    await BranchProtectionService.getStateOfBranchProtection();
+    expect(warningStub.called).to.be.false;
+    expect(exportVariableStub.calledWith('numberOfReviewers', 1)).to.be.true;
+  });
+  it('should call warning when admins can byypass branch protection rules', async () => {
+    getOctokitStub.returns({
+      rest: {
+        repos: {
+          getBranchProtection: sinon.stub().resolves({
+            data: {
+              enforce_admins: { enabled: false },
+              required_pull_request_reviews: { required_approving_review_count: 1 },
+            },
+          }),
+        },
+      },
+    });
+
+    await BranchProtectionService.getStateOfBranchProtection();
+    expect(warningStub.called).to.be.true;
+    expect(exportVariableStub.calledWith('numberOfReviewers', 0)).to.be.true;
+  });
+  it('should call warning and set numberOfReviewers to 0 when github repo is private (status = 403)', async () => {
+    getOctokitStub.returns({
+      rest: {
+        repos: {
+          getBranchProtection: sinon.stub().rejects({
+            status: 403,
+            message: 'Forbidden',
+          }),
+        },
+      },
+    });
+
+    await BranchProtectionService.getStateOfBranchProtection();
+    expect(warningStub.called).to.be.true;
+    expect(exportVariableStub.calledWith('numberOfReviewers', 0)).to.be.true;
+  });
+});
diff --git a/tests/placeholdertests.test.ts b/tests/placeholdertests.test.ts