summaryrefslogtreecommitdiff
path: root/archived/projt-launcher/ci/codeowners-validator
diff options
context:
space:
mode:
Diffstat (limited to 'archived/projt-launcher/ci/codeowners-validator')
-rw-r--r--archived/projt-launcher/ci/codeowners-validator/default.nix52
-rw-r--r--archived/projt-launcher/ci/codeowners-validator/owners-file-name.patch15
-rw-r--r--archived/projt-launcher/ci/codeowners-validator/permissions.patch36
3 files changed, 103 insertions, 0 deletions
diff --git a/archived/projt-launcher/ci/codeowners-validator/default.nix b/archived/projt-launcher/ci/codeowners-validator/default.nix
new file mode 100644
index 0000000000..469655de2c
--- /dev/null
+++ b/archived/projt-launcher/ci/codeowners-validator/default.nix
@@ -0,0 +1,52 @@
+# =============================================================================
+# ProjT Launcher - CODEOWNERS Validator
+# =============================================================================
+# Validates the OWNERS file to ensure proper maintainer assignments.
+# This helps maintain accurate code ownership across the project.
+#
+# Usage:
+# nix-build ci/codeowners-validator
+# =============================================================================
+
+{
+ buildGoModule,
+ fetchFromGitHub,
+ fetchpatch,
+ lib,
+}:
+
+buildGoModule {
+ pname = "codeowners-validator";
+ version = "0.7.4-projt";
+
+ src = fetchFromGitHub {
+ owner = "mszostok";
+ repo = "codeowners-validator";
+ rev = "f3651e3810802a37bd965e6a9a7210728179d076";
+ hash = "sha256-5aSmmRTsOuPcVLWfDF6EBz+6+/Qpbj66udAmi1CLmWQ=";
+ };
+
+ patches = [
+ # Allow checking user write access
+ (fetchpatch {
+ name = "user-write-access-check";
+ url = "https://github.com/mszostok/codeowners-validator/compare/f3651e3810802a37bd965e6a9a7210728179d076...840eeb88b4da92bda3e13c838f67f6540b9e8529.patch";
+ hash = "sha256-t3Dtt8SP9nbO3gBrM0nRE7+G6N/ZIaczDyVHYAG/6mU=";
+ })
+ # Custom permissions patch for ProjT Launcher
+ ./permissions.patch
+ # Allow custom OWNERS file path via OWNERS_FILE env var
+ ./owners-file-name.patch
+ ];
+
+ postPatch = "rm -r docs/investigation";
+
+ vendorHash = "sha256-R+pW3xcfpkTRqfS2ETVOwG8PZr0iH5ewroiF7u8hcYI=";
+
+ meta = {
+ description = "CODEOWNERS validator for ProjT Launcher";
+ homepage = "https://github.com/mszostok/codeowners-validator";
+ license = lib.licenses.asl20;
+ mainProgram = "codeowners-validator";
+ };
+}
diff --git a/archived/projt-launcher/ci/codeowners-validator/owners-file-name.patch b/archived/projt-launcher/ci/codeowners-validator/owners-file-name.patch
new file mode 100644
index 0000000000..d8b87ba2f8
--- /dev/null
+++ b/archived/projt-launcher/ci/codeowners-validator/owners-file-name.patch
@@ -0,0 +1,15 @@
+diff --git a/pkg/codeowners/owners.go b/pkg/codeowners/owners.go
+index 6910bd2..e0c95e9 100644
+--- a/pkg/codeowners/owners.go
++++ b/pkg/codeowners/owners.go
+@@ -39,6 +39,10 @@ func NewFromPath(repoPath string) ([]Entry, error) {
+ // openCodeownersFile finds a CODEOWNERS file and returns content.
+ // see: https://help.github.com/articles/about-code-owners/#codeowners-file-location
+ func openCodeownersFile(dir string) (io.Reader, error) {
++ if file, ok := os.LookupEnv("OWNERS_FILE"); ok {
++ return fs.Open(file)
++ }
++
+ var detectedFiles []string
+ for _, p := range []string{".", "docs", ".github"} {
+ pth := path.Join(dir, p)
diff --git a/archived/projt-launcher/ci/codeowners-validator/permissions.patch b/archived/projt-launcher/ci/codeowners-validator/permissions.patch
new file mode 100644
index 0000000000..38f42f4839
--- /dev/null
+++ b/archived/projt-launcher/ci/codeowners-validator/permissions.patch
@@ -0,0 +1,36 @@
+diff --git a/internal/check/valid_owner.go b/internal/check/valid_owner.go
+index a264bcc..610eda8 100644
+--- a/internal/check/valid_owner.go
++++ b/internal/check/valid_owner.go
+@@ -16,7 +16,6 @@ import (
+ const scopeHeader = "X-OAuth-Scopes"
+
+ var reqScopes = map[github.Scope]struct{}{
+- github.ScopeReadOrg: {},
+ }
+
+ type ValidOwnerConfig struct {
+@@ -223,10 +222,7 @@ func (v *ValidOwner) validateTeam(ctx context.Context, name string) *validateErr
+ for _, t := range v.repoTeams {
+ // GitHub normalizes name before comparison
+ if strings.EqualFold(t.GetSlug(), team) {
+- if t.Permissions["push"] {
+- return nil
+- }
+- return newValidateError("Team %q cannot review PRs on %q as neither it nor any parent team has write permissions.", team, v.orgRepoName)
++ return nil
+ }
+ }
+
+@@ -245,10 +241,7 @@ func (v *ValidOwner) validateGitHubUser(ctx context.Context, name string) *valid
+ for _, u := range v.repoUsers {
+ // GitHub normalizes name before comparison
+ if strings.EqualFold(u.GetLogin(), userName) {
+- if u.Permissions["push"] {
+- return nil
+- }
+- return newValidateError("User %q cannot review PRs on %q as they don't have write permissions.", userName, v.orgRepoName)
++ return nil
+ }
+ }
+
generated by cgit 0.0.5-2-1-g0f52 (git 2.46.0) at 2026-04-05 18:23:29 +0000