Skip to content

Instantly share code, notes, and snippets.

@KyMidd

KyMidd/asdf.sh Secret

Created February 19, 2023 18:04
Show Gist options
  • Save KyMidd/83cd77cab8588e0c7cb3cfb9c62b7d38 to your computer and use it in GitHub Desktop.
Save KyMidd/83cd77cab8588e0c7cb3cfb9c62b7d38 to your computer and use it in GitHub Desktop.
#/bin/bash
# Secure vars
# export GITHUB_TOKEN=ghp_xxxxxx
# Vars
WORKING_DIR=$(pwd)
CLONE_DIR="/tmp"
# Repo vars
GH_ORG=your-github-org-name
# Loop over every line in CSV. On valid lines, set all repo permissions
while IFS="," read -r GH_REPO_NAME DEPLOY_COMMIT_CHECKER DEPLOY_ANY_VALIDATE DEPLOY_MERGE_COMMIT_NOTIFY CODEOWNERS_TEAM_SLUG COLLECTION_MIGRATION_TICKET
do
# Ignore the headers line of the CSV
if [[ $GH_REPO_NAME == "GH_REPO_NAME" ]]; then
continue
# Ignore any blank lines in CSV
elif [[ -z $GH_REPO_NAME ]]; then
continue
fi
# Ignore any comment lines
if [[ $GH_REPO_NAME =~ ^\# ]]; then
continue
fi
# If blank, default to true
if [ -z "$DEPLOY_COMMIT_CHECKER" ]; then
echo "DEPLOY_COMMIT_CHECKER missing, deploying"
DEPLOY_COMMIT_CHECKER=true
fi
if [ -z "$DEPLOY_ANY_VALIDATE" ]; then
echo "DEPLOY_ANY_VALIDATE missing, deploying"
DEPLOY_ANY_VALIDATE=true
fi
if [ -z "$DEPLOY_MERGE_COMMIT_NOTIFY" ]; then
echo "DEPLOY_MERGE_COMMIT_NOTIFY missing, deploying"
DEPLOY_MERGE_COMMIT_NOTIFY=true
fi
# Default ticket number if blank
if [ -z "$COLLECTION_MIGRATION_TICKET" ]; then
echo "COLLECTION_MIGRATION_TICKET missing, using default value DO-4812"
COLLECTION_MIGRATION_TICKET='DO-4812'
fi
# Print out info
echo "##################################"
echo "Focusing on: $GH_REPO_NAME"
# If COLLECITON_LEAD_TEAM_SLUG populated, print
if [ -z "$CODEOWNERS_TEAM_SLUG" ]; then
echo "CodeOwners team slug not populated, not building that file"
else
echo "CodeOwners team slug is: $CODEOWNERS_TEAM_SLUG"
BUILD_CODEOWNERS=true
fi
# Reset repo in case it's cloned already
rm -rf $CLONE_DIR/$GH_REPO_NAME
# Prep for clone
GH_REPO_NAME=$(echo $GH_REPO_NAME | tr '[:upper:]' '[:lower:]')
cd $CLONE_DIR
# Clone repo
git clone https://github.com/$GH_ORG/$GH_REPO_NAME.git > /dev/null 2>&1
# Enter repo
cd $GH_REPO_NAME
# Check which branches exist
BRANCHES=$(curl -s \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $GITHUB_TOKEN" \
https://api.github.com/repos/$GH_ORG/$GH_REPO_NAME/branches | jq -r '.[].name')
# If branch exists, set as default
if [[ $(echo "$BRANCHES" | grep -E "develop") ]]; then
echo "The develop branch exists, using that for base"
base_branch='develop'
# Checkout develop branch (likely redundant, safety measure)
git checkout develop
else
base_branch=$(curl -s \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $GITHUB_TOKEN"\
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/$GH_ORG/$GH_REPO_NAME | jq -r '.default_branch')
echo "Develop doesn't exist, using default branch: $base_branch"
# Checkout default branch (likely redundant, safety measure)
git checkout "$base_branch"
fi
# Make path if not exist
mkdir -p ".github/workflows"
# Init var
MADE_CHANGE=false
# Copy CODEOWNER file
if [ "$BUILD_CODEOWNERS" = true ] ; then
# Copy CODEOWNERS template
cp $WORKING_DIR/srcCodeOwners/CODEOWNERS CODEOWNERS
# Construct team names
SERVICES_LEADS_TEAM_NAME="$CODEOWNERS_TEAM_SLUG"ServicesLeads
TEST_LEADS_TEAM_NAME="$CODEOWNERS_TEAM_SLUG"TestLeads
UI_LEADS_TEAM_NAME="$CODEOWNERS_TEAM_SLUG"UiLeads
DATA_LEADS_TEAM_NAME="$CODEOWNERS_TEAM_SLUG"DataLeads
# Confirm lower-case slug
SERVICES_LEADS_TEAM_SLUG=$(echo $SERVICES_LEADS_TEAM_NAME | tr '[A-Z]' '[a-z]')
TEST_LEADS_TEAM_SLUG=$(echo $TEST_LEADS_TEAM_NAME | tr '[A-Z]' '[a-z]')
UI_LEADS_TEAM_SLUG=$(echo $UI_LEADS_TEAM_NAME | tr '[A-Z]' '[a-z]')
DATA_LEADS_TEAM_SLUG=$(echo $DATA_LEADS_TEAM_NAME | tr '[A-Z]' '[a-z]')
# Logic to build CODEOWNERS_TEAM_SLUG
# If database repo, set automatic reviewers to database team only
if [[ $GH_REPO_NAME == *"database"* ]]; then
# CODEOWNERS should contain all 4 leads groups for this project
CODEOWNERS="@$GH_ORG/${SERVICES_LEADS_TEAM_SLUG} @$GH_ORG/${TEST_LEADS_TEAM_SLUG} @$GH_ORG/${UI_LEADS_TEAM_SLUG} @$GH_ORG/${DATA_LEADS_TEAM_SLUG}"
#echo "database"
# If endpoint, api, or apiendpoint ends repo name
elif [[ $GH_REPO_NAME == *"endpoint" ]] || [[ $GH_REPO_NAME == *"api" ]] || [[ $GH_REPO_NAME == *"apiendpoint" ]]; then
# CODEOWNERS should contain ServiceLeads, UILeads, TestLeads (but not DataLeads)
CODEOWNERS="@$GH_ORG/${SERVICES_LEADS_TEAM_SLUG} @$GH_ORG/${TEST_LEADS_TEAM_SLUG} @$GH_ORG/${UI_LEADS_TEAM_SLUG}"
#echo "api/endpoint"
# All others assumed that ServicesLeads are owners
else
# CODEOWNERS should contain ServicesLeads only
CODEOWNERS="@$GH_ORG/${SERVICES_LEADS_TEAM_SLUG}"
#echo "services owned"
fi
# Sed in CODEOWNERS var to file
sed -i '' "s#PF_CODEOWNER#$CODEOWNERS#g" CODEOWNERS
# Set changes canary var
MADE_CHANGE=true
fi
# Copy Action files
if [ "$DEPLOY_COMMIT_CHECKER" = true ] ; then
cp $WORKING_DIR/srcActions/_PfGitCommitChecker.yml .github/workflows/
MADE_CHANGE=true
fi
if [ "$DEPLOY_ANY_VALIDATE" = true ] ; then
echo "Deploying Jenkins Any Validate Action"
cp $WORKING_DIR/srcActions/ActionPRValidate_AnyJobRun.yaml .github/workflows/
MADE_CHANGE=true
fi
if [ "$DEPLOY_MERGE_COMMIT_NOTIFY" = true ] ; then
echo "Deploying Merge notify Action"
cp $WORKING_DIR/srcActions/MergeCommitNotify.yml .github/workflows/
MADE_CHANGE=true
fi
# If we've made any changes, create branch, add files, push
if [ $MADE_CHANGE = true ]; then
# Checkout local branch
git checkout -b feature/${COLLECTION_MIGRATION_TICKET}-Create-GitHubActions-and-CODEOWNERS
# Add files to git
git add .github/workflows/_PfGitCommitChecker.yml &>/dev/null
git add .github/workflows/ActionPRValidate_AnyJobRun.yaml &>/dev/null
git add .github/workflows/MergeCommitNotify.yml &>/dev/null
git add CODEOWNERS &>/dev/null
# Commit changes
COMMIT=$(git commit -m "${COLLECTION_MIGRATION_TICKET} Create GitHub Actions and CODEOWNERS")
if [[ $(echo "$COMMIT" | grep 'nothing to commit' | wc -l | awk 'NF') -eq 1 ]] ; then
echo "No changes, nothing to commit"
else
# Changes detected, print commit info and do PR
echo "$COMMIT"
# Delete remote branch for idempotence
#git push origin --delete feature/DO-4812-Create-GitHubActions-and-CODEOWNERS 2>&1
# Push and open PR
pr_body="Initial PR of Required Actions + CODEOWNERS. Please approve and merge this PR as soon as possible to avoid blocking other work."
pr_title="😸 Initial GitHub Actions + CODEOWNERS 😸"
git push origin feature/${COLLECTION_MIGRATION_TICKET}-Create-GitHubActions-and-CODEOWNERS
gh pr create -b "$pr_body" -t "$pr_title" -B "$base_branch" --fill
# Sleep
echo "Sleeping a few seconds to avoid graphql rate-limits"
sleep 3
fi
fi
# Reset location
cd $WORKING_DIR
# cleanup
rm -rf $CLONE_DIR/$GH_REPO_NAME
done < actions_deployer_repos.csv
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment