Welcome to mirror list, hosted at ThFree Co, Russian Federation.

create.rb « rule « protection « container_registry « mutations « graphql « app - gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/graphql/mutations/container_registry/protection/rule/create.rb
blob: 5b01d13d8cb1e0b94f448f03ad3b9c135d7270db (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

# frozen_string_literal: true

module Mutations
  module ContainerRegistry
    module Protection
      module Rule
        class Create < ::Mutations::BaseMutation
          graphql_name 'CreateContainerRegistryProtectionRule'
          description 'Creates a protection rule to restrict access to a project\'s container registry. ' \
                      'Available only when feature flag `container_registry_protected_containers` is enabled.'

          include FindsProject

          authorize :admin_container_image

          argument :project_path,
            GraphQL::Types::ID,
            required: true,
            description: 'Full path of the project where a protection rule is located.'

          argument :repository_path_pattern,
            GraphQL::Types::String,
            required: true,
            description:
              'Container repository path pattern protected by the protection rule. ' \
              'For example `my-project/my-container-*`. Wildcard character `*` allowed.'

          argument :push_protected_up_to_access_level,
            Types::ContainerRegistry::Protection::RuleAccessLevelEnum,
            required: true,
            description:
              'Max GitLab access level to prevent from pushing container images to the container registry. ' \
              'For example `DEVELOPER`, `MAINTAINER`, `OWNER`.'

          argument :delete_protected_up_to_access_level,
            Types::ContainerRegistry::Protection::RuleAccessLevelEnum,
            required: true,
            description:
              'Max GitLab access level to prevent from deleting container images in the container registry. ' \
              'For example `DEVELOPER`, `MAINTAINER`, `OWNER`.'

          field :container_registry_protection_rule,
            Types::ContainerRegistry::Protection::RuleType,
            null: true,
            description: 'Container registry protection rule after mutation.'

          def resolve(project_path:, **kwargs)
            project = authorized_find!(project_path)

            if Feature.disabled?(:container_registry_protected_containers, project)
              raise_resource_not_available_error!("'container_registry_protected_containers' feature flag is disabled")
            end

            response = ::ContainerRegistry::Protection::CreateRuleService.new(project, current_user, kwargs).execute

            { container_registry_protection_rule: response.payload[:container_registry_protection_rule],
              errors: response.errors }
          end
        end
      end
    end
  end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-10 16:51:35 +0300