Skip to content

Instantly share code, notes, and snippets.

@duboisf

duboisf/operations.graphql

Last active March 18, 2024 15:46
Show Gist options
  • Star 11 You must be signed in to star a gist
  • Fork 5 You must be signed in to fork a gist
  • Save duboisf/68fb6e22ac0a2165ca298074f0e3b553 to your computer and use it in GitHub Desktop.
Save duboisf/68fb6e22ac0a2165ca298074f0e3b553 to your computer and use it in GitHub Desktop.
Download ZIP
Add branch protection to a repo using GitHub's Graphql API
Raw
operations.graphql
fragment branchProtection on BranchProtectionRule {
allowsDeletions
allowsForcePushes
creator {
login
}
id
isAdminEnforced
requiredStatusCheckContexts
requiredApprovingReviewCount
requiresApprovingReviews
requiresCodeOwnerReviews
requiresStatusChecks
restrictsPushes
restrictsReviewDismissals
dismissesStaleReviews
pattern
}
fragment repositoryPaging on RepositoryConnection {
pageInfo {
hasNextPage
endCursor
}
totalCount
}
query listAllReposInOrg($orgLogin: String!, $endCursor: String) {
organization(login: $orgLogin) {
repositories(first: 100, after: $endCursor) {
nodes {
name
}
...repositoryPaging
}
}
}
query allOrgRepoDirectCollaborators($orgLogin: String!, $endCursor: String) {
organization(login: $orgLogin) {
repositories(first: 100, after: $endCursor) {
nodes {
name
isArchived
collaborators(affiliation: DIRECT) {
edges {
node {
login
}
permission
permissionSources {
permission
source {
__typename
... on Organization {
login
}
... on Repository {
name
}
... on Team {
slug
}
}
}
}
}
}
...repositoryPaging
}
}
}
query showBranchProtection($owner:String!, $repo:String!) {
repository(name: $repo, owner: $owner) {
id
name
branchProtectionRules(first: 10) {
totalCount
nodes {
...branchProtection
}
}
}
}
mutation addBranchProtection($repositoryId:ID!, $branchPattern:String!, $requiredStatusChecks:[String!]) {
createBranchProtectionRule(input: {
allowsDeletions: false
allowsForcePushes:false
dismissesStaleReviews:true
isAdminEnforced:true
pattern: $branchPattern
repositoryId: $repositoryId
requiresApprovingReviews:true
requiredApprovingReviewCount:1
requiresCodeOwnerReviews:true
requiredStatusCheckContexts:$requiredStatusChecks
requiresStatusChecks:true
restrictsReviewDismissals:false
}) {
branchProtectionRule {
...branchProtection
}
}
}
mutation deleteBranchProtection($ruleId:ID!) {
deleteBranchProtectionRule(input:{branchProtectionRuleId:$ruleId}) {
clientMutationId
}
}
@duboisf
Copy link
Author

duboisf commented May 3, 2021
edited

It's easy to use with GitHub's gh cli:

gh api graphql \
    -f query="$(curl -s https://gist.githubusercontent.com/duboisf/68fb6e22ac0a2165ca298074f0e3b553/raw/9699f58208e7917f08d7f5eb3b217ea5b2f8fc0c/operations.graphql)" \
    -f operationName=showBranchProtection \
    -F owner=:owner -F repo=:repo

The :owner and :repo placeholders resolve with the values of the repo in the current directory where you invoke gh.

@sammcj
Copy link

sammcj commented Nov 15, 2022

FYI this is missing requiresApprovingReviews:true which can be added along the other requires.

@duboisf
Copy link
Author

duboisf commented Mar 24, 2023

FYI this is missing requiresApprovingReviews:true which can be added along the other requires.

Where? I have it in the addBranchProtection mutation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment