Name:         managesf-resources-tooling-config-map
Namespace:    sf
Labels:       <none>
Annotations:  <none>

Data
====
create-ci-user.sh:
----
#!/bin/bash

user_name="${1}"
user_sshkey="${2}"
user_mail="${3}"
user_http_password="${4}"
# Capitalize user_name, e.g. "Zuul CI"
user_fullname="$(tr '[:lower:]' '[:upper:]' <<< ${user_name:0:1})${user_name:1} CI"

# Check if user does not exist yet
user_exists=$(ssh gerrit gerrit ls-members \"Service Users\" | awk '{ print $2 }' | { grep ${user_name} || true; })

if [ -z "$user_exists" ]; then
  echo "$user_sshkey" | ssh gerrit gerrit create-account ${user_name} \
      -g \"Service Users\"                \
      --full-name \"${user_fullname}\"    \
      --ssh-key -
  ssh gerrit gerrit set-account --add-email "${user_mail}" ${user_name}
  ssh gerrit gerrit set-account ${user_name} --http-password "${user_http_password}"
fi

create-repo.sh:
----
#!/bin/bash

REPO_NAME=$1

[ ! -n "${REPO_NAME}" ] && {
  echo "Usage: create-repo.sh <repo_name>"
  exit 1
}

cat << EOF > ~/prev.yaml
resources: {}
EOF

cat << EOF > ~/new.yaml
resources:
  acls:
    ${REPO_NAME}-acl:
      file: |
        [access "refs/*"]
          read = group ${REPO_NAME}-core
          owner = group ${REPO_NAME}-ptl
        [access "refs/heads/*"]
          label-Code-Review = -2..+2 group ${REPO_NAME}-core
          label-Code-Review = -2..+2 group ${REPO_NAME}-ptl
          label-Verified = -2..+2 group ${REPO_NAME}-ptl
          label-Workflow = -1..+1 group ${REPO_NAME}-core
          label-Workflow = -1..+1 group ${REPO_NAME}-ptl
          label-Workflow = -1..+0 group Registered Users
          rebase = group ${REPO_NAME}-core
          abandon = group ${REPO_NAME}-core
          submit = group ${REPO_NAME}-ptl
          read = group ${REPO_NAME}-core
          read = group Registered Users
          push = group Service Users
        [access "refs/meta/config"]
          read = group ${REPO_NAME}-core
          read = group Registered Users
        [receive]
          requireChangeId = true
        [submit]
          mergeContent = false
          action = fast forward only
      groups:
        - ${REPO_NAME}-core
        - ${REPO_NAME}-ptl
      name: ${REPO_NAME}-acl
  groups:
    ${REPO_NAME}-core:
      description: Team core for the ${REPO_NAME} repo
      members: []
      name: ${REPO_NAME}-core
    ${REPO_NAME}-ptl:
      description: Team lead for the ${REPO_NAME} repo
      members:
        - "admin@${FQDN}"
      name: ${REPO_NAME}-ptl
  repos:
    ${REPO_NAME}:
      acl: ${REPO_NAME}-acl
      description: ${REPO_NAME} repository
      name: ${REPO_NAME}
EOF

managesf-resources --managesf-config /etc/managesf/config.py \
    --cache-dir ~/ direct-apply --new-yaml ~/new.yaml --prev-yaml ~/prev.yaml


BinaryData
====

Events:  <none>