sid137/gist:f01dcf84f7382f1f2af4f6243e7e4c55

## gistfile1.txt
import { Octokit } from '@octokit/rest'

// Set your token here or set as an environment variable
const token = process.env.GITHUB_TOKEN
const octokit = new Octokit({ auth: token })

// Define Dependabot config.yml content
const dependabotContent = `
version: 2
updates:
  # Maintain dependencies for GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"

  # Maintain dependencies for npm
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "daily"
`
// Define Github Actions main.yml content
const githubActionsContent = `
name: CI
on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]
  schedule:
    - cron: '0 0 * * *'

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Use Node.js
        uses: actions/setup-node@v2
`

/*
 * creates a github repositoy using the security contraints required by
 * SOC 2 and HIPAA and other security standards
 *
 * Includes config files for Dependabot and Github Actions
 * to ensure that the repository is always up to date and secure
 *
 * Dependabot will automatically create pull requests to update
 * dependencies when new versions are released on a branch called 'dependabot
 *
 * Github Actions will run tests and linting on every pull request
 * and push to the repository
 *
 * Github Actions will also run tests and linting on a schedule
 * to ensure that the repository is always up to date and secure
 *
 * @param {string} name - the name of the repository
 */
async function create_repository(org: string, name: string) {
    try {
        // Create a new repository
        await octokit.repos.createInOrg({
            org,
            name,
            private: true,
            delete_branch_on_merge: true,
            allow_auto_merge: true,
            git_ignore_template: 'Node'
        })

        // Create Dependabot config file
        await octokit.repos.createOrUpdateFileContents({
            owner: org,
            repo: name,
            path: '.github/dependabot.yml',
            message: 'Initial dependabot config',
            content: Buffer.from(dependabotContent).toString('base64'),
            branch: 'main'
        })

        // Create GitHub Actions config file
        await octokit.repos.createOrUpdateFileContents({
            owner: org,
            repo: name,
            path: '.github/workflows/main.yml',
            message: 'Initial GitHub Actions config',
            content: Buffer.from(githubActionsContent).toString('base64'),
            branch: 'main'
        })

        // Get the SHA of the latest commit in the 'main' branch
        const { data: refData } = await octokit.git.getRef({
            owner: org,
            repo: name,
            ref: 'heads/main'
        })

        // Create a new 'production' branch from the latest commit SHA
        await octokit.git.createRef({
            owner: org,
            repo: name,
            ref: 'refs/heads/production',
            sha: refData.object.sha
        })

        await octokit.rest.repos.createOrgRuleset({
            org,
            name: 'Boundless Default Ruleset',
            target: 'branch',
            enforcement: 'active',
            conditions: {
                ref_name: {
                    include: ['refs/heads/main', 'refs/heads/production']
                }
            },
            rules: [
                {
                    type: 'deletion'
                },
                {
                    type: 'pull_request',
                    parameters: {
                        dismiss_stale_reviews_on_push: true,
                        require_code_owner_review: true,
                        require_last_push_approval: false,
                        required_approving_review_count: 1,
                        required_review_thread_resolution: false
                    }
                },
                {
                    type: 'required_status_checks'
                },
                {
                    type: 'commit_message_pattern',
                    parameters: {
                        name: 'Commit message pattern',
                        pattern: '^(\\w+)(\\((\\w+)\\))?\\:\\s(.+)$',
                        operator: 'regex'
                    }
                }
            ]
        })
    } catch (error) {
        console.log(error)
    }
}

async function invite_user(
    org: string,
    email: string,
    role:
        | 'direct_member'
        | 'admin'
        | 'billing_manager'
        | undefined = 'direct_member',
    team_ids: number[] = []
) {
    try {
        await octokit.orgs.createInvitation({
            org,
            email,
            role,
            team_ids
        })
    } catch (error) {
        console.log(error)
    }
}

async function remove_user(org: string, username: string) {
    try {
        await octokit.orgs.removeMember({
            org,
            username
        })
    } catch (error) {
        console.log(error)
    }
}

export const Github = {
    create_repository,
    invite_user,
    remove_user
}
	import { Octokit } from '@octokit/rest'

	// Set your token here or set as an environment variable
	const token = process.env.GITHUB_TOKEN
	const octokit = new Octokit({ auth: token })

	// Define Dependabot config.yml content
	const dependabotContent = `
	version: 2
	updates:
	# Maintain dependencies for GitHub Actions
	- package-ecosystem: "github-actions"
	directory: "/"
	schedule:
	interval: "daily"

	# Maintain dependencies for npm
	- package-ecosystem: "npm"
	directory: "/"
	schedule:
	interval: "daily"
	`
	// Define Github Actions main.yml content
	const githubActionsContent = `
	name: CI
	on:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]
	schedule:
	- cron: '0 0 * * *'

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v2
	- name: Use Node.js
	uses: actions/setup-node@v2
	`

	/*
	* creates a github repositoy using the security contraints required by
	* SOC 2 and HIPAA and other security standards
	*
	* Includes config files for Dependabot and Github Actions
	* to ensure that the repository is always up to date and secure
	*
	* Dependabot will automatically create pull requests to update
	* dependencies when new versions are released on a branch called 'dependabot
	*
	* Github Actions will run tests and linting on every pull request
	* and push to the repository
	*
	* Github Actions will also run tests and linting on a schedule
	* to ensure that the repository is always up to date and secure
	*
	* @param {string} name - the name of the repository
	*/
	async function create_repository(org: string, name: string) {
	try {
	// Create a new repository
	await octokit.repos.createInOrg({
	org,
	name,
	private: true,
	delete_branch_on_merge: true,
	allow_auto_merge: true,
	git_ignore_template: 'Node'
	})

	// Create Dependabot config file
	await octokit.repos.createOrUpdateFileContents({
	owner: org,
	repo: name,
	path: '.github/dependabot.yml',
	message: 'Initial dependabot config',
	content: Buffer.from(dependabotContent).toString('base64'),
	branch: 'main'
	})

	// Create GitHub Actions config file
	await octokit.repos.createOrUpdateFileContents({
	owner: org,
	repo: name,
	path: '.github/workflows/main.yml',
	message: 'Initial GitHub Actions config',
	content: Buffer.from(githubActionsContent).toString('base64'),
	branch: 'main'
	})

	// Get the SHA of the latest commit in the 'main' branch
	const { data: refData } = await octokit.git.getRef({
	owner: org,
	repo: name,
	ref: 'heads/main'
	})

	// Create a new 'production' branch from the latest commit SHA
	await octokit.git.createRef({
	owner: org,
	repo: name,
	ref: 'refs/heads/production',
	sha: refData.object.sha
	})

	await octokit.rest.repos.createOrgRuleset({
	org,
	name: 'Boundless Default Ruleset',
	target: 'branch',
	enforcement: 'active',
	conditions: {
	ref_name: {
	include: ['refs/heads/main', 'refs/heads/production']
	}
	},
	rules: [
	{
	type: 'deletion'
	},
	{
	type: 'pull_request',
	parameters: {
	dismiss_stale_reviews_on_push: true,
	require_code_owner_review: true,
	require_last_push_approval: false,
	required_approving_review_count: 1,
	required_review_thread_resolution: false
	}
	},
	{
	type: 'required_status_checks'
	},
	{
	type: 'commit_message_pattern',
	parameters: {
	name: 'Commit message pattern',
	pattern: '^(\\w+)(\\((\\w+)\\))?\\:\\s(.+)$',
	operator: 'regex'
	}
	}
	]
	})
	} catch (error) {
	console.log(error)
	}
	}

	async function invite_user(
	org: string,
	email: string,
	role:
	\| 'direct_member'
	\| 'admin'
	\| 'billing_manager'
	\| undefined = 'direct_member',
	team_ids: number[] = []
	) {
	try {
	await octokit.orgs.createInvitation({
	org,
	email,
	role,
	team_ids
	})
	} catch (error) {
	console.log(error)
	}
	}

	async function remove_user(org: string, username: string) {
	try {
	await octokit.orgs.removeMember({
	org,
	username
	})
	} catch (error) {
	console.log(error)
	}
	}

	export const Github = {
	create_repository,
	invite_user,
	remove_user
	}