-
Notifications
You must be signed in to change notification settings - Fork 11
3. Play with GitHub REST API
-
Ruby Gem:
octokit 6.1.1 -
Ruby Gem:
git 1.18.0 -
Ruby 2.7.1
-
Create a GitHub personal token and define it in the configuration.rb file for the
GITHUB_PERSONAL_ACCESS_TOKENvariable. -
Define the GitHub organization name in the configuration.rb file for the
GITHUB_ORGANIZATION_NAMEvariable. It will allow to send requests to query and modify your organization. -
Define also the logins of the GitHub adminsitrators of your organization so as to prevent to change their permisssion for example.
gem install octokit
gem install gitof if you have Bundler:
bundle installThis project uses Octokit Ruby client, licensed under MIT license. It also uses Git Ruby gem, under MIT license.
bash GitHubWizard.shKeywords: #organisation #GitHub #members
Run the following command and check the file with the FILENAME_MEMBERS name (configuration.rb)
bash GitHubWizard.sh get-all-membersKeywords: #organisation #GitHub #members #2FA #security
Run the following command and check the file with the FILENAME_MEMBERS_2FA_DISABLED name (configuration.rb)
bash GitHubWizard.sh get-members-2fa-disabledKeywords: #organisation #GitHub #members #company
Run the following command and check the file with the FILENAME_MEMBERS_UNDEFINED_COMPANY name (configuration.rb)
bash GitHubWizard.sh get-members-without-companyKeywords: #organisation #GitHub #members #teams
Run the following command and check the file with the FILENAME_PROJECTS_WITHOUT_TEAM name (configuration.rb)
bash GitHubWizard.sh get-projects-without-teamKeywords: #organisation #GitHub #members #email
Run the following command and check the file with the FILENAME_USERS_WITH_BAD_EMAILS name (configuration.rb)
bash GitHubWizard.sh get-users-with-bad-emailKeywords: #organisation #GitHub #members #fullname #name #handle
Run the following command and check the file with the FILENAME_USERS_WITH_BAD_FULLNAMES name (configuration.rb)
bash GitHubWizard.sh get-users-with-bad-fullnameKeywords: #organisation #GitHub #projects #licenses
Run the following command and check the file with the FILENAME_PROJECTS_WITHOUT_LICENSES (configuration.rb)
bash GitHubWizard.sh get-projects-without-licensesKeywords: #organisation #GitHub #projects #guidelines #files
Run the following command and check the file with the FILENAME_PROJECTS_WITH_UNCONFORM_REPOSITORIES name (configuration.rb)
bash GitHubWizard.sh get-projects-conformitySSH will be used to clone repositories, thus you must have your SSH configuration ready:
- Create an SSH key on your GitHub account settings
- Add the SSH key in your environment
ssh-add .ssh/id_rsaKeywords: #organisation #GitHub #projects #repository
Run the following command and check the file with the FILENAME_EMPTY_PROJECTS name (configuration.rb)
bash GitHubWizard.sh get-empty-projectsSSH will be used to clone repositories, thus you must have your SSH configuration ready:
- Create an SSH key on your GitHub account settings
- Add the SSH key in your environment
ssh-add .ssh/id_rsaKeywords: #organisation #GitHub #permissions #members #push
Run the following command to update rights of all users except GitHub teams and GitHub administrators, for all projects. Permissions will be set to "push", i.e. "write".
bash GitHubWizard.sh set-users-permissions-to-pushKeywords: #organisation #GitHub #permissions #members #admin #maintain
Run the following command to update rights of all users except GitHub teams and GitHub administrators, for all projects. Permissions will be set to "maintain" if before "admin".
bash GitHubWizard.sh downgrade-user-permissions-if-adminKeywords: #organisation #GitHub #permissions #teams #push
Run the following command to update rights of all teams, for all projects. Permissions will be set to "push", i.e. "write".
bash GitHubWizard.sh set-teams-permissions-to-pushKeywords: #organisation #GitHub #permissions #teams #read
Run the following command to update rights of all teams, for all projects. Permissions will be set to "read".
bash GitHubWizard.sh set-teams-permissions-to-readKeywords: #organisation #GitHub #KPI #year #review
You will need to define a .env file with the GitHub API token for key GITHUB_API_TOKEN, the organization name and some settings. Here the organization name is Orange-OpenSource, replace with your own and add the suitable token.
See for example:
GITHUB_API_TOKEN=your-token
ORGANIZATION_NAME=Orange-OpenSource
TOP_N_PROG_LANG=5
TOP_N_LEAST_PROG_LANG=5
TOP_N_LICENSES=5
TOP_N_CONTRIBUTORS_OVERALL=10
TOP_N_CONTRIBUTORS_FOR_YEAR=10
TOP_N_REPOS_MOST_COMMITS=5
Run the following command to compute a year review of the organization
# Do not forget to install dependencies
pip install -r requirements.txt
# For year 2024
python3.8 github-year-review.py --year 2024
# For year 2024 and commits counts computing (can be time expansive)
python3.8 github-year-review.py --year 2024 --count-commitsKeywords: #organisation #GitHub #dependencies #locks
We may need quickly to know which projects use some dependencies, because these dependencies can be compromised or because we just need to know who use it.
The script scan_github_organization_projects_for_dependencies.py will request GitHub REST API to get public projects, then check if there are known package and locks files, and check inside if there are dependencies like the ones listed in a side file given as argument.
This side file is just a text file with one dependency by line without expected format: the script will look for the text as is.
Of course a GitHub Personal Access Token (PAT) must be defined as environment variable.
# Define the PAT
export GITHUB_TOKEN=...
# Do not forget to install dependencies
pip install -r requirements.txt
# For year 2024
python3.8 scan_github_organization_projects_for_dependencies.py path/to/dependencies/file.txt