Specify internal employee project visibility

.github/workflows/functional-test.yml

@@ -24,14 +24,25 @@ jobs:
         with:
           python-version: 3.8.6
 
+      - name: Install Python dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+
       - name: Install Gauge
         uses: getgauge/setup-gauge@master
         with:
           gauge-version: master
-          gauge-plugins: python, html-report
+          gauge-plugins: python, html-report, screenshot
 
       - name: FTs
-        run: gauge run specs
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_ADMIN_USERNAME: ${{ secrets.JIRA_ADMIN_USERNAME }}
+          JIRA_ADMIN_PASSWORD: ${{ secrets.JIRA_ADMIN_PASSWORD }}
+          INTERNAL_EMPLOYEE_USERNAME: ${{ secrets.INTERNAL_EMPLOYEE_USERNAME }}
+          INTERNAL_EMPLOYEE_PASSWORD: ${{ secrets.INTERNAL_EMPLOYEE_PASSWORD }}
+        run: gauge run specs --tags \!in-progress
 
       - name: Upload logs
         uses: actions/[email protected]

.github/workflows/reviewdog.yml

@@ -82,7 +82,7 @@ jobs:
             **/*.spec
             **/*.txt
           language: en
-          disabled_rules: "DOUBLE_PUNCTUATION,WHITESPACE_RULE,EN_QUOTES,DASH_RULE,WORD_CONTAINS_UNDERSCORE,UPPERCASE_SENTENCE_START,ARROWS,COMMA_PARENTHESIS_WHITESPACE,UNLIKELY_OPENING_PUNCTUATION,SENTENCE_WHITESPACE,CURRENCY,EN_UNPAIRED_BRACKETS,PHRASE_REPETITION,PUNCTUATION_PARAGRAPH_END,METRIC_UNITS_EN_US,ENGLISH_WORD_REPEAT_BEGINNING_RULE,GITHUB" # yamllint disable-line
+          disabled_rules: "DOUBLE_PUNCTUATION,WHITESPACE_RULE,EN_QUOTES,DASH_RULE,WORD_CONTAINS_UNDERSCORE,UPPERCASE_SENTENCE_START,ARROWS,COMMA_PARENTHESIS_WHITESPACE,UNLIKELY_OPENING_PUNCTUATION,SENTENCE_WHITESPACE,CURRENCY,EN_UNPAIRED_BRACKETS,PHRASE_REPETITION,PUNCTUATION_PARAGRAPH_END,METRIC_UNITS_EN_US,ENGLISH_WORD_REPEAT_BEGINNING_RULE,GITHUB,A_NNS" # yamllint disable-line
 
   black: # Black is an opinionated Python linter
     name: runner / black formatter

requirements.txt

@@ -1 +1,2 @@
 getgauge
+jira

specs/group_membership.spec

@@ -0,0 +1,8 @@
+# Group membership
+
+Our implementation of group membership rules is based on
+https://www.atlassian.com/blog/archives/share-jira-external-partners
+
+## All employees are members of the internal employees group
+
+* An internal employee is a member of the internal employees group

specs/groups.spec

@@ -0,0 +1,10 @@
+# Groups
+
+Our groups are based on the ideas in
+https://www.atlassian.com/blog/archives/share-jira-external-partners
+
+## There is an internal employees group
+
+This group is for all internal employees who currently need access to this Jira instance
+
+* There is a jira-internal-employee-users group

specs/project_visibility.spec

@@ -0,0 +1,25 @@
+# Project visibility
+
+Our implementation of project visibility rules is based on
+https://www.atlassian.com/blog/archives/share-jira-external-partners
+
+## All internal employees can see all projects
+
+This is in line with our [InnerSource](https://about.gitlab.com/solutions/innersource/) principles.
+
+* An internal employee can see all projects
+
+## All external partners can only see the projects they are currently working on
+
+tags: in-progress
+
+Question: what about individual contractors, as opposed to external partner companies?
+
+* Not implemented yet
+
+## Closed projects are no longer viewable by any external partners
+
+tags: in-progress
+
+* Not implemented yet
+

step_impl/jira.py

@@ -0,0 +1,27 @@
+from getgauge.python import before_suite
+from jira import JIRA
+import os
+
+
+class Jira:
+    def __init__(self, username, password):
+        self.jira = JIRA(
+            auth=(username, password),
+            options={"server": os.getenv("JIRA_BASE_URL")},
+        )
+
+    def has_group(self, group_name):
+        return len(self.jira.group_members(group_name)) >= 0
+
+    def projects(self):
+        return self.jira.projects()
+
+    def is_internal_employee_in_internal_employees_group(self):
+        internal_employees = self.jira.group_members("jira-internal-employee_users")
+        return bool(
+            [
+                emp
+                for emp in internal_employees.values()
+                if (emp["name"] == os.getenv("INTERNAL_EMPLOYEE_USERNAME"))
+            ]
+        )

step_impl/step_impl.py

@@ -1,45 +1,33 @@
-from getgauge.python import step, before_scenario, Messages
+from getgauge.python import step
+from step_impl.jira import Jira
+import os
 
-vowels = ["a", "e", "i", "o", "u"]
 
+def jira_admin():
+    return Jira(os.getenv("JIRA_ADMIN_USERNAME"), os.getenv("JIRA_ADMIN_PASSWORD"))
 
-def number_of_vowels(word):
-    return len([elem for elem in list(word) if elem in vowels])
 
+def internal_employee():
+    return Jira(
+        os.getenv("INTERNAL_EMPLOYEE_USERNAME"), os.getenv("INTERNAL_EMPLOYEE_PASSWORD")
+    )
 
-# --------------------------
-# Gauge step implementations
-# --------------------------
 
+@step("An internal employee can see all projects")
+def an_internal_employee_can_see_all_projects():
+    assert len(jira_admin().projects()) == len(internal_employee().projects())
 
-@step("The word <word> has <number> vowels.")
-def assert_no_of_vowels_in(word, number):
-    assert str(number) == str(number_of_vowels(word))
 
+@step("An internal employee is a member of the internal employees group")
+def an_internal_employee_is_a_member_of_the_internal_employees_group():
+    assert jira_admin().is_internal_employee_in_internal_employees_group()
 
-@step("Vowels in English language are <vowels>.")
-def assert_default_vowels(given_vowels):
-    Messages.write_message("Given vowels are {0}".format(given_vowels))
-    assert given_vowels == "".join(vowels)
 
+@step("There is a jira-internal-employee-users group")
+def there_is_a_jira_internal_employee_users_group():
+    assert jira_admin().has_group("jira-internal-employee_users")
 
-@step("Almost all words have vowels <table>")
-def assert_words_vowel_count(table):
-    actual = [
-        str(number_of_vowels(word))
-        for word in table.get_column_values_with_name("Word")
-    ]
-    expected = [
-        str(count) for count in table.get_column_values_with_name("Vowel Count")
-    ]
-    assert expected == actual
 
-
-# ---------------
-# Execution Hooks
-# ---------------
-
-
-@before_scenario()
-def before_scenario_hook():
-    assert "".join(vowels) == "aeiou"
+@step("Not implemented yet")
+def not_implemented_yet():
+    assert False, "Add implementation code"