Skip to content

Instantly share code, notes, and snippets.

View joshjohanning's full-sized avatar
:octocat:

Josh Johanning joshjohanning

:octocat:
123 followers · 68 following
View GitHub Profile
@joshjohanning
joshjohanning / gitlab-create-merge-request.sh
Created March 30, 2023 21:52
create gitlab merge requests via the api
#!/bin/bash
GITLAB_URL="https://example.gitlab.com/"
PROJECT_ID="2" # get this id via the repo/project's overview page
ACCESS_TOKEN="glpat-abc"
# Create a new merge request
curl --header "Private-Token: $ACCESS_TOKEN" \
"$GITLAB_URL/api/v4/projects/$PROJECT_ID/merge_requests" \
--data "source_branch=my-branch" \
--data "target_branch=main" \
@joshjohanning
joshjohanning / 1-orgs-archetype.md
Created July 19, 2023 18:34 — forked from whatupfoo/1-orgs-archetype.md
Orgs and Teams Best Practices

Organization archetypes

The intention of this document is to provide some guidance and suggestions to customers who are wondering how they should structure organizations and teams in their GitHub Enterprise environment. The idea isn't to give hard and fast rules on which approach is better than the other, but to give examples of when one approach might be preferable to another depending on the use case.

1. A single organization with direct organization membership for repository access (not teams)

          ________________
          |     Org      |
          |    ______    |
          |   |      |\  |

| | Repo | \ |

@joshjohanning
joshjohanning / github-delete-branch-protection.ps1
Created January 27, 2021 12:08
Delete GitHub Branch Protection Rules based upon pattern
##############################################################
# Delete branch protection rules
##############################################################
[CmdletBinding()]
param (
[parameter (Mandatory = $true)][string]$PersonalAccessToken,
[parameter (Mandatory = $true)][string]$GitHubOrg,
[parameter (Mandatory = $true)][string]$GitHubRepo,
[parameter (Mandatory = $true)][string]$PatternToDelete # If you want to delete all branch protection rules that start with "test", pass in "test*"
@joshjohanning
joshjohanning / rewriting-history.md
Created March 27, 2024 15:32 — forked from robandpdx/rewriting-history.md

Rewriting repository history

Sometimes history rewrites are required in order to migrate repositories into github.com. Several factors can dictate the need to rewrite history of a repository:

  • objects larger than 100Mb
  • commits larger than the 2GB push limit

Although rewriting history might not be required for your repository to migrate to github.com, you may consider rewriting history for several reasons:

  • migrate large objects to LFS
  • cleanup previous mistakes or bad practices that caused repo bloat
  • remove secrets from repo history
@joshjohanning
joshjohanning / pipeline.yml
Created October 3, 2023 16:51
GitHub Advanced Security in Azure DevOps
trigger:
- main
pool:
vmImage: windows-latest
variables:
advancedsecurity.codeql.querysuite: security-extended
advancedsecurity.submittoadvancedsecurity: true
@joshjohanning
joshjohanning / dependency-review.yml
Created October 2, 2023 16:23
dependency-review.yml
# Dependency Review Action
#
# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
name: 'Dependency Review'
on: [pull_request]
permissions:
@joshjohanning
joshjohanning / deploy.yml
Last active June 25, 2023 23:29
Extracting, replacing values, and re-signing iOS app (IPA)
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: ipa-output
# TODO: set up build certificates and provisioning profiles - see note below
- name: extract ipa
run: |
unzip -q -o -d ${{ runner.temp }}/app ${{ github.workspace }}/$APPNAME.ipa
rm ${{ github.workspace }}/$APPNAME.ipa
@joshjohanning
joshjohanning / backup-utils-ssh-agent.sh
Created June 19, 2023 20:04
Using SSH Agent with GitHub's backup-utils
eval "$(ssh-agent -s)"
pass=$(az keyvault secret show --vault-name josh-key-vault-test --name passphrase --query value -o tsv)
# sudo yum install -y expect
expect << EOF
spawn ssh-add /home/codespace/.ssh/id_rsa
expect "Enter passphrase"
send "$pass\r"
expect eof
@joshjohanning
joshjohanning / terraform-plan.yml
Created May 24, 2023 14:52
terraform plan in github acitons
name: terraform plan # this doesn't show up in ui
on:
workflow_call:
inputs:
runs-on:
description: Platform to execute on
type: string
default: ubuntu-latest
additional-args:
@joshjohanning
joshjohanning / dependency-review.yml
Created April 25, 2023 17:46
A required workflow for using dependency-review-action
# Dependency Review Action
#
# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
name: 'Dependency Review'
on: [pull_request]
permissions: