Commit 264257aa authored by Shinya Maeda's avatar Shinya Maeda

Merge branch 'ali/deployment-approvals-mvc-3' into 'master'

Add required_approval_count to Protected Environments API

See merge request gitlab-org/gitlab!76165
parents b9c97f8e f66b7341
......@@ -48,12 +48,13 @@ Example response:
"name":"production",
"deploy_access_levels":[
{
"access_level":40,
"access_level_description":"Maintainers",
"user_id":null,
"group_id":null
"access_level": 40,
"access_level_description": "Maintainers",
"user_id": null,
"group_id": null
}
]
],
"required_approval_count": 0
}
]
```
......@@ -87,7 +88,8 @@ Example response:
"user_id":null,
"group_id":null
}
]
],
"required_approval_count": 0
}
```
......@@ -104,6 +106,7 @@ POST /groups/:id/protected_environments
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) maintained by the authenticated user. |
| `name` | string | yes | The deployment tier of the protected environment. One of `production`, `staging`, `testing`, `development`, or `other`. Read more about [deployment tiers](../ci/environments/index.md#deployment-tier-of-environments).|
| `deploy_access_levels` | array | yes | Array of access levels allowed to deploy, with each described by a hash. One of `user_id`, `group_id` or `access_level`. They take the form of `{user_id: integer}`, `{group_id: integer}` or `{access_level: integer}` respectively. |
| `required_approval_count` | integer | no | The number of approvals required to deploy to this environment. This is part of Deployment Approvals, which isn't yet available for use. For details, see [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/343864). |
The assignable `user_id` are the users who belong to the given group with the Maintainer role (or above).
The assignable `group_id` are the sub-groups under the given group.
......@@ -119,12 +122,13 @@ Example response:
"name":"production",
"deploy_access_levels":[
{
"access_level":40,
"access_level_description":"protected-access-group",
"user_id":null,
"group_id":9899826
"access_level": 40,
"access_level_description": "protected-access-group",
"user_id": null,
"group_id": 9899826
}
]
],
"required_approval_count": 0
}
```
......
......@@ -49,7 +49,8 @@ Example response:
"user_id":null,
"group_id":null
}
]
],
"required_approval_count": 0
}
]
```
......@@ -78,12 +79,13 @@ Example response:
"name":"production",
"deploy_access_levels":[
{
"access_level":40,
"access_level_description":"Maintainers",
"user_id":null,
"group_id":null
"access_level": 40,
"access_level_description": "Maintainers",
"user_id": null,
"group_id": null
}
]
],
"required_approval_count": 0
}
```
......@@ -107,6 +109,7 @@ curl --header 'Content-Type: application/json' --request POST \
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. |
| `name` | string | yes | The name of the environment. |
| `deploy_access_levels` | array | yes | Array of access levels allowed to deploy, with each described by a hash. |
| `required_approval_count` | integer | no | The number of approvals required to deploy to this environment. This is part of Deployment Approvals, which isn't yet available for use. For details, see [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/343864). |
Elements in the `deploy_access_levels` array should be one of `user_id`, `group_id` or
`access_level`, and take the form `{user_id: integer}`, `{group_id: integer}` or
......@@ -125,7 +128,8 @@ Example response:
"user_id": null,
"group_id": 9899826
}
]
],
"required_approval_count": 0
}
```
......
......@@ -51,6 +51,7 @@ module API
end
params do
requires :name, type: String, desc: 'The name of the protected environment'
optional :required_approval_count, type: Integer, desc: 'The number of approvals required to deploy to this environment', default: 0
requires :deploy_access_levels, type: Array, desc: 'An array of users/groups allowed to deploy environment' do
optional :access_level, type: Integer, values: ::ProtectedEnvironment::DeployAccessLevel::ALLOWED_ACCESS_LEVELS
......@@ -137,6 +138,7 @@ module API
end
params do
requires :name, type: String, desc: 'The tier name of the protected environment'
optional :required_approval_count, type: Integer, desc: 'The number of approvals required to deploy to this environment', default: 0
requires :deploy_access_levels, as: :deploy_access_levels_attributes, type: Array, desc: 'An array of users/groups allowed to deploy environment' do
optional :access_level, type: Integer, values: ::ProtectedEnvironment::DeployAccessLevel::ALLOWED_ACCESS_LEVELS
......
......@@ -6,6 +6,7 @@ module EE
class ProtectedEnvironment < Grape::Entity
expose :name
expose :deploy_access_levels, using: ::API::Entities::ProtectedRefAccess
expose :required_approval_count
end
end
end
......
......@@ -6,7 +6,8 @@
],
"properties": {
"name": { "type": "string" },
"deploy_access_levels": { "type": "array", "items": { "$ref": "protected_ref_access.json" } }
"deploy_access_levels": { "type": "array", "items": { "$ref": "protected_ref_access.json" } },
"required_approval_count": { "type": "integer" }
},
"additionalProperties": false
}
......@@ -12,8 +12,8 @@ RSpec.describe API::ProtectedEnvironments do
let(:protected_environment_name) { 'production' }
before do
create(:protected_environment, :maintainers_can_deploy, :project_level, project: project, name: protected_environment_name)
create(:protected_environment, :maintainers_can_deploy, :group_level, group: group, name: protected_environment_name)
create(:protected_environment, :maintainers_can_deploy, :project_level, project: project, name: protected_environment_name, required_approval_count: 1)
create(:protected_environment, :maintainers_can_deploy, :group_level, group: group, name: protected_environment_name, required_approval_count: 2)
end
shared_examples 'requests for non-maintainers' do
......@@ -64,6 +64,7 @@ RSpec.describe API::ProtectedEnvironments do
expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
expect(json_response['name']).to eq(protected_environment_name)
expect(json_response['deploy_access_levels'][0]['access_level']).to eq(::Gitlab::Access::MAINTAINER)
expect(json_response['required_approval_count']).to eq(1)
end
context 'when protected environment does not exist' do
......@@ -90,12 +91,13 @@ RSpec.describe API::ProtectedEnvironments do
deployer = create(:user)
project.add_developer(deployer)
post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }] }
post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }], required_approval_count: 3 }
expect(response).to have_gitlab_http_status(:created)
expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
expect(json_response['name']).to eq('staging')
expect(json_response['deploy_access_levels'].first['user_id']).to eq(deployer.id)
expect(json_response['required_approval_count']).to eq(3)
end
it 'protects the environment with group allowed to deploy' do
......@@ -207,6 +209,7 @@ RSpec.describe API::ProtectedEnvironments do
expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
expect(json_response['name']).to eq(protected_environment_name)
expect(json_response['deploy_access_levels'][0]['access_level']).to eq(::Gitlab::Access::MAINTAINER)
expect(json_response['required_approval_count']).to eq(2)
end
context 'when protected environment does not exist' do
......@@ -233,12 +236,13 @@ RSpec.describe API::ProtectedEnvironments do
deployer = create(:user)
group.add_maintainer(deployer)
post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }] }
post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }], required_approval_count: 3 }
expect(response).to have_gitlab_http_status(:created)
expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
expect(json_response['name']).to eq('staging')
expect(json_response['deploy_access_levels'].first['user_id']).to eq(deployer.id)
expect(json_response['required_approval_count']).to eq(3)
end
it 'protects the environment with group allowed to deploy' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment