in packages/repocop/src/remediation/branch-protector/branch-protection.ts [29:100]
teamNameSlugs: findContactableOwners(repo.full_name, repoOwners),
};
})
.filter((repo) => repo.teamNameSlugs.length > 0);
const resultsCount = reposWithContactableOwners.length;
const sliceLength = Math.min(resultsCount, msgCount);
return shuffle(reposWithContactableOwners).slice(0, sliceLength);
}
export async function protectBranches(
evaluatedRepos: repocop_github_repository_rules[],
repoOwners: view_repo_ownership[],
config: Config,
unarchivedRepositories: Repository[],
octokit: Octokit,
) {
//repos with a 'production' or 'documentation' topic
const productionOrDocs = unarchivedRepositories
.filter(
(repo) =>
repo.topics.includes('production') ||
repo.topics.includes('documentation'),
)
.map((repo) => repo.full_name);
const relevantRepos = evaluatedRepos.filter((repo) =>
productionOrDocs.includes(repo.full_name),
);
const branchProtectionEvents: UpdateMessageEvent[] =
createBranchProtectionEvents(relevantRepos, repoOwners, 5);
await Promise.all(
branchProtectionEvents.map((event) =>
protectBranch(octokit, config, event),
),
);
}
async function protectBranch(
octokit: Octokit,
config: Config,
event: UpdateMessageEvent,
) {
const [owner, repo] = event.fullName.split('/');
if (!owner || !repo) {
throw new Error(`Invalid repo name: ${event.fullName}`);
}
let defaultBranchName = undefined;
try {
defaultBranchName = await getDefaultBranchName(owner, repo, octokit);
} catch (error) {
throw new Error(`Could not find default branch for repo: ${repo}`);
}
const branchIsProtected = await isBranchProtected(
octokit,
owner,
repo,
defaultBranchName,
);
const stageIsProd = config.stage === 'PROD';
if (stageIsProd && !branchIsProtected && config.branchProtectionEnabled) {
await updateBranchProtection(octokit, owner, repo, defaultBranchName);
for (const slug of event.teamNameSlugs) {