Try SpotterManage restrictions for repository branches.
| "added in version" 1.1.0 of esp.bitbucket"
Authors: Krzysztof Lewandowski (@klewan)
Install with ansible-galaxy collection install esp.bitbucket:==1.4.1
collections:
- name: esp.bitbucket
version: 1.4.1Create a restriction for the supplied branch to be applied on the given repository or all repositories in the given project.
A restriction means preventing writes on the specified branch by all except a set of users and/or groups, or preventing specific operations such as branch deletion.
Authentication can be done with I(token) or with I(username) and I(password).
- name: Create restrictions for the supplied branch
esp.bitbucket.bitbucket_branch_permissions:
url: 'https://bitbucket.example.com'
username: jsmith
password: secrect
repository: bar
project_key: FOO
branch_name: master
restrictions:
- prevent: deletion
- prevent: rewriting history
exemptions:
groups: [ group1, group2 ]
users: [ amy ]
access_keys: []
- prevent: changes without a pull request
exemptions:
groups: [ group3 ]
users: [ joe ]
access_keys: []
state: present
validate_certs: no
- name: Create restrictions for the supplied branches - bugfix branches - on all repositories in the given project
esp.bitbucket.bitbucket_branch_permissions:
url: 'https://bitbucket.example.com'
username: jsmith
password: secrect
project_key: FOO
branching_model: bugfix
restrictions:
- prevent: all changes
exemptions:
groups: [ group1, group2 ]
users: [ amy ]
access_keys: []
state: present
validate_certs: no
- name: Create restrictions for the supplied branches - matching branch_pattern - on the given repository
esp.bitbucket.bitbucket_branch_permissions:
url: 'https://bitbucket.example.com'
username: jsmith
password: secrect
repository: bar
project_key: FOO
branch_pattern: develop
restrictions:
- prevent: deletion
- prevent: changes without a pull request
exemptions:
groups: [ group4 ]
users: [ john ]
state: present
validate_certs: no
- name: Delete restrictions for the supplied branch
esp.bitbucket.bitbucket_branch_permissions:
url: 'https://bitbucket.example.com'
username: jsmith
password: secrect
project_key: FOO
repository: bar
branch_name: master
restrictions:
- prevent: 'deletion'
exemptions:
groups: []
users: [ john ]
access_keys: []
- prevent: 'rewriting history'
state: absent
validate_certs: no
url:
description:
- Bitbucket Server URL.
required: false
type: str
sleep:
default: 5
description:
- Number of seconds to sleep between API retries.
type: int
state:
choices:
- absent
- present
default: present
description:
- Whether the restriction should exist or not.
required: true
type: str
token:
description:
- Token parameter for authentication.
- This is only needed when not using I(username) and I(password).
required: false
type: str
retries:
default: 3
description:
- Number of retries to call Bitbucket API URL before failure.
type: int
password:
description:
- Password used for authentication.
- This is only needed when not using I(token).
- Required when I(username) is provided.
required: false
type: str
username:
aliases:
- user
description:
- Username used for authentication.
- This is only needed when not using I(token).
- Required when I(password) is provided.
required: false
type: str
use_proxy:
default: true
description:
- If C(no), it will not use a proxy, even if one is defined in an environment variable
on the target hosts.
type: bool
repository:
description:
- Repository name.
required: false
type: str
branch_name:
description:
- A specific branch name you want to restrict access to.
- This is only needed when not using I(branch_pattern) and I(branching_model).
- One of I(branch_name), I(branch_pattern) and I(branching_model) is required.
required: false
type: str
project_key:
aliases:
- project
description:
- Bitbucket project key.
required: true
type: str
restrictions:
description:
- Definition of the restrictions for repository branches.
suboptions:
exemptions:
description:
- Exemptions from the supplied restriction.
suboptions:
access_keys:
description:
- Access keys excluded from the restriction.
type: list
groups:
description:
- Groups excluded from the restriction.
type: list
users:
description:
- Users excluded from the restriction.
type: list
type: dict
prevent:
choices:
- deletion
- rewriting history
- changes without a pull request
- all changes
description:
- Restriction name.
required: true
type: str
type: list
branch_pattern:
description:
- A wildcard pattern that may match multiple branches you want to restrict access
to.
- This is only needed when not using I(branch_name) and I(branching_model).
- One of I(branch_name), I(branch_pattern) and I(branching_model) is required.
required: false
type: str
return_content:
default: true
description:
- Whether or not to return the body of the response as a "content" key in the dictionary
result no matter it succeeded or failed.
type: bool
validate_certs:
default: true
description:
- If C(no), SSL certificates will not be validated.
- This should only set to C(no) used on personally controlled sites using self-signed
certificates.
type: bool
branching_model:
choices:
- feature
- bugfix
- hotfix
- release
- development
- production
description:
- Branch prefixes in the Branching model. Select the branch type you want to restrict
access to.
- This is only needed when not using I(branch_name) and I(branch_pattern).
- One of I(branch_name), I(branch_pattern) and I(branching_model) is required.
required: false
type: str
branch_name:
description: A specific branch name.
returned: success
sample: master
type: str
branch_pattern:
description: A wildcard pattern that may match multiple branches.
returned: success
sample: develop
type: str
branching_model:
description: Branch prefixes in the Branching model.
returned: success
sample: bugfix
type: str
project_key:
description: Bitbucket project key.
returned: always
sample: FOO
type: str
repository:
description: Bitbucket repository name.
returned: always
sample: bar
type: str
results:
contains:
accessKeys:
description: Bitbucket access keys.
elements: str
returned: success
sample: []
type: list
groups:
description: Bitbucket groups.
elements: str
returned: success
sample:
- bitbucket-admin
type: list
id:
description: Permission ID.
returned: success
sample: 42
type: int
matcher:
description: Matcher description.
returned: success
sample:
active: true
displayId: Release
id: RELEASE
type:
id: MODEL_CATEGORY
name: Branching model category
type: dict
scope:
description: Scope.
returned: success
sample:
resourceId: 292
type: PROJECT
type: dict
users:
description: Bitbucket users.
elements: str
returned: success
sample:
- joe
- jsmith
type: list
description: List of affected branch permissions.
elements: dict
returned: success
type: list