From 3c81cdc66329773b804bedaa518fc9d19ce007b6 Mon Sep 17 00:00:00 2001 From: Donny Bell <63249187+donnybell@users.noreply.github.com> Date: Wed, 16 Apr 2025 17:44:35 -0400 Subject: [PATCH] Create Manual-Intervention-User-Restrictions-Enforcement.json --- ...vention-User-Restrictions-Enforcement.json | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 step-templates/Manual-Intervention-User-Restrictions-Enforcement.json diff --git a/step-templates/Manual-Intervention-User-Restrictions-Enforcement.json b/step-templates/Manual-Intervention-User-Restrictions-Enforcement.json new file mode 100644 index 000000000..19a41e145 --- /dev/null +++ b/step-templates/Manual-Intervention-User-Restrictions-Enforcement.json @@ -0,0 +1,55 @@ +{ + "Id": "06080873-f7f1-47e9-aaac-7ec1927f8146", + "Name": "Manual Intervention User Restrictions Enforcement", + "Description": "Use directly after a Manual Intervention step to enforce additional restrictions.\n\nUse cases include: \n- Preventing users from approving their own deployments\n- Restricting certain users (up to 2) from approving deployments", + "ActionType": "Octopus.Script", + "Version": 1, + "CommunityActionTemplateId": null, + "Packages": [], + "GitDependencies": [], + "Properties": { + "Octopus.Action.Script.ScriptSource": "Inline", + "Octopus.Action.Script.Syntax": "PowerShell", + "Octopus.Action.Script.ScriptBody": "$manIntStepName = $OctopusParameters[\"URE.ManualInterventionStepName\"]\n\nWrite-Host \"Created by: \"$OctopusParameters[\"Octopus.Deployment.CreatedBy.Username\"]\nWrite-Host \"Approved by: \"$OctopusParameters[\"Octopus.Action[$manIntStepName].Output.Manual.ResponsibleUser.Username\"]\n\nIf ($OctopusParameters[\"URE.PreventDeployerFromApproving\"] -eq $true) {\n $deploymentCreatedByUsername = $OctopusParameters[\"Octopus.Deployment.CreatedBy.Username\"]\n}\n$approvedByUsername = $OctopusParameters[\"Octopus.Action[$manIntStepName].Output.Manual.ResponsibleUser.Username\"]\n\nIf ($approvedByUsername -eq $deploymentCreatedByUsername) {\n Write-Warning \"The same user may not be used to both start the deployment and approve the deployment.\"\n Write-Warning \"Please retry the deployment with a different approver for the $manIntStepName step.\"\n throw \"Terminating deployment...\"\n}\nElse {\n $excludedUserList = $OctopusParameters[\"URE.ExcludedUsers\"].Split([System.Environment]::NewLine)\n If ($excludedUserList -contains $approvedByUsername) {\n Write-Warning \"The user $approvedByUsername may not approve this deployment.\"\n Write-Warning \"Please retry the deployment with a different approver for the $manIntStepName step.\"\n throw \"Terminating deployment...\"\n }\n}\n\nIf (($OctopusParameters[\"URE.PreventDeployerFromApproving\"] -ne $true) -and (!$excludedUserList)) {\n Write-Host \">>>PreventDeployerFromApproving set to FALSE\" \n Write-Host \">>>ExcludedUsers contain no value(s)\"\n}\nWrite-Host \"Check complete\"\nWrite-Host \"Continuing...\"\n " + }, + "Parameters": [ + { + "Id": "d3e12917-2af0-4cff-988a-083e30a36314", + "Name": "URE.PreventDeployerFromApproving", + "Label": "Prevent Deployer from approving?", + "HelpText": "When enabled, this terminates a deployment when the user who initiated the deployment also approves the manual intervention step", + "DefaultValue": "True", + "DisplaySettings": { + "Octopus.ControlType": "Checkbox" + } + }, + { + "Id": "4ec5ca6e-b033-44f9-8746-e926d853b4ec", + "Name": "URE.ManualInterventionStepName", + "Label": "Manual Intervention step name", + "HelpText": "Select the step name from drop down", + "DefaultValue": "", + "DisplaySettings": { + "Octopus.ControlType": "StepName" + } + }, + { + "Id": "fed4cffe-d286-4793-ac6b-0d0b3ac35b27", + "Name": "URE.ExcludedUsers", + "Label": "Excluded Users", + "HelpText": "Usernames of users to be excluded from manual intervention approvals (one per line)", + "DefaultValue": "", + "DisplaySettings": { + "Octopus.ControlType": "MultiLineText" + } + } + ], + "StepPackageId": "Octopus.Script", + "$Meta": { + "ExportedAt": "2025-04-16T21:40:42.587Z", + "OctopusVersion": "2025.2.6682", + "Type": "ActionTemplate" + }, + "LastModifiedBy": "donnybell", + "Category": "Octopus" +}