goliac

module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 27, 2023 License: MIT

README

Goliac Goliac

Goliac (Github Organization Leveraged by Infrastructure As Code), is a tool to manage your Github Organization (users/teams/repositories) via

  • yaml manifests files structured in a Github repository
  • this IAC Github repositories can be updated by teams from your organization, but only the repositories they owns
  • all repositories rules are enforced via a central configuration that only the IT/security team can update (if you are using Github Enterprice)
  • a Github App watching this repository and applying any changes

goliac workflow

For Github admin

For regular users

As a regular user, you want to be able to

  • create new team
  • edit team's definition
  • manage your team's repositories
Create a new team

If you want to create a new team (like foobar), you need to create a PR with a /teams/foobar/team.yaml file:

apiVersion: v1
kind: Team
metadata:
  name: foobar
data:
  owners:
    - user1
    - user2
  members:
    - user3
    - user4

The users defined there are in 2 different categories

  • members: are part of the team (and will be writer on all repositories of the team)
  • owners: are part of the team (and will be writer on all repositories of the team) AMD can approve PR in the foobar teams repository (when you want to change a team definition, or when you want to create/update a repository definition)

The users name used are the one defined in the /users sub directories (like alice)

Create a repository

On a given team subdirectory you can create a repository definition via a yaml file (like /teams/foobar/awesome-repository.yaml):

apiVersion: v1
kind: Repository
metadata:
  name: awesome-repository

This will create a awesome-repository repository under your organization, that will be

  • private by default
  • writable by all owners/members of this team (in our example foobar)

You can of course tweak that:

apiVersion: v1
kind: Repository
metadata:
  name: awesome-repository
data:
  public: true
  writers:
  - anotherteamA
  - anotherteamB
  readers:
  - anotherteamC
  - anotherteamD

In this last example:

  • the repository is now publci
  • other teams have write (anotherteamA, anotherteamB) or read (anotherteamC, anotherteamD) access
Archive a repository

You can archive a repository, by a PR that

  • move the yaml repository file into the /archived directory
  • and chage the repository definition like
apiVersion: v1
kind: Repository
metadata:
  name: awesome-repository
data:
  archived: true

Directories

Path Synopsis
cmd
goliac
config
entity
github
slugify
sync
usersync
swagger_gen
cmd/goliac-server
models
restapi
Package restapi goliac
 Package restapi goliac
restapi/operations
restapi/operations/app
restapi/operations/health

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.