Last active
February 7, 2024 13:52
-
-
Save shivanshs9/2d1357ffb7a7056f57cee542b4b47914 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| # Function to display help | |
| display_help() { | |
| echo "Usage: $0 [options] org repo" | |
| echo "Options:" | |
| echo " -d, --default-branch BRANCH Set the default branch for the repository" | |
| echo " -t, --teams TEAMS Set repository access permissions for specified teams" | |
| echo " -j, --rule-json JSON Set ruleset for the repository" | |
| echo " --token, --github-token TOKEN Use provided github token for API authentication" | |
| echo " -h, --help Display this help message" | |
| exit 1 | |
| } | |
| # Function to parse teams argument and validate format | |
| parse_teams() { | |
| teams=$1 | |
| # Check if teams argument is provided | |
| if [[ -z $teams ]]; then | |
| echo "Teams argument is required" | |
| exit 1 | |
| fi | |
| # Split teams by comma | |
| IFS=',' read -r -a teams_array <<< "$teams" | |
| # Loop through each team and validate format | |
| for team in "${teams_array[@]}"; do | |
| if [[ ! $team =~ ^[a-zA-Z0-9_/-]+=(read|write|admin)$ ]]; then | |
| echo "Invalid format for teams argument: $team" | |
| echo "Should be \`$team=(read|write|admin)\`" | |
| exit 1 | |
| fi | |
| done | |
| } | |
| # Function to update default branch | |
| update_default_branch() { | |
| default_branch=$1 | |
| echo "Setting default branch to $default_branch..." | |
| # Call GitHub API to update default branch | |
| curl_response=$(curl -X PATCH "https://api.github.com/repos/$org/$repo" \ | |
| -H "Authorization: token $github_token" \ | |
| -H "Content-Type: application/json" \ | |
| -d "{\"default_branch\": \"$default_branch\"}" 2>/dev/null) | |
| # echo "$curl_response" | jq '.' | |
| # Check if the request was successful (status code 2xx) | |
| if [[ $(echo "$curl_response" | grep -c "\"message\": \"") -gt 0 ]]; then | |
| echo "Error updating default branch for repository $repo: $curl_response" | |
| exit 1 | |
| else | |
| echo "=> Done!" | |
| fi | |
| } | |
| # Function to set repository access permissions for teams | |
| set_repo_access_permissions() { | |
| teams=$1 | |
| # Loop through each team and set access permissions | |
| for team in "${teams_array[@]}"; do | |
| team_slug=$(echo "$team" | cut -d '=' -f 1) | |
| permission=$(echo "$team" | cut -d '=' -f 2) | |
| # Map permission to GitHub API permissions | |
| case $permission in | |
| read) | |
| github_permission="pull" | |
| ;; | |
| write) | |
| github_permission="push" | |
| ;; | |
| admin) | |
| github_permission="admin" | |
| ;; | |
| esac | |
| echo "Granting $github_permission to $team_slug..." | |
| # Call GitHub API to grant permission to the team for the repository | |
| curl_response=$(curl -X PUT "https://api.github.com/orgs/$org/teams/$team_slug/repos/$org/$repo" \ | |
| -H "Authorization: token $github_token" \ | |
| -d "{\"permission\": \"$github_permission\"}" 2>/dev/null) | |
| # echo "$curl_response" | jq '.' | |
| # # Check if the request was successful (status code 2xx) | |
| if [[ $(echo "$curl_response" | grep -c "\"message\": \"") -gt 0 ]]; then | |
| echo "Error setting access permissions for team $team_slug: $curl_response" | |
| exit 1 | |
| else | |
| echo "=> Done!" | |
| fi | |
| done | |
| } | |
| # Function to create ruleset for the repository | |
| create_ruleset() { | |
| echo "Creating ruleset from $1 json..." | |
| rule_json=$(cat $1 | jq '.') | |
| # Call GitHub API to create a repository ruleset | |
| curl_response=$(curl -X POST "https://api.github.com/repos/$org/$repo/rulesets" \ | |
| -H "Authorization: token $github_token" \ | |
| -H "Content-Type: application/json" \ | |
| -d "$rule_json" 2>/dev/null) | |
| # echo "$curl_response" | jq '.' | |
| # Check if the request was successful (status code 2xx) | |
| if [[ $(echo "$curl_response" | grep -c "\"message\": \"") -gt 0 ]]; then | |
| echo "Error creating ruleset for repository $repo: $curl_response" | |
| exit 1 | |
| else | |
| echo "=> Done!" | |
| fi | |
| } | |
| # Parse command-line options | |
| while [[ "$#" -gt 0 ]]; do | |
| case $1 in | |
| -d|--default-branch) | |
| default_branch="$2" | |
| shift | |
| ;; | |
| -t|--teams) | |
| teams="$2" | |
| shift | |
| ;; | |
| -j|--rule-json) | |
| rule_json="$2" | |
| shift | |
| ;; | |
| --token|--github-token) | |
| github_token="$2" | |
| shift | |
| ;; | |
| -h|--help) | |
| display_help | |
| exit 0 | |
| ;; | |
| *) | |
| ARGS+=("$1") | |
| ;; | |
| esac | |
| shift | |
| done | |
| set -- "${ARGS[@]}" | |
| org="$1" | |
| repo="$2" | |
| echo "Processing $repo" | |
| # Validate and process options | |
| if [[ -n $teams ]]; then | |
| parse_teams "$teams" | |
| fi | |
| if [[ -n $repo && -n $org ]]; then | |
| if [[ -n $default_branch ]]; then | |
| update_default_branch "$default_branch" | |
| fi | |
| if [[ -n $teams ]]; then | |
| set_repo_access_permissions "$teams" | |
| fi | |
| if [[ -n $rule_json ]]; then | |
| create_ruleset "$rule_json" | |
| fi | |
| else | |
| echo "Organization and Repository argument are required" | |
| exit 1 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment