Created
September 17, 2023 12:29
-
-
Save sid137/f01dcf84f7382f1f2af4f6243e7e4c55 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { Octokit } from '@octokit/rest' | |
| // Set your token here or set as an environment variable | |
| const token = process.env.GITHUB_TOKEN | |
| const octokit = new Octokit({ auth: token }) | |
| // Define Dependabot config.yml content | |
| const dependabotContent = ` | |
| version: 2 | |
| updates: | |
| # Maintain dependencies for GitHub Actions | |
| - package-ecosystem: "github-actions" | |
| directory: "/" | |
| schedule: | |
| interval: "daily" | |
| # Maintain dependencies for npm | |
| - package-ecosystem: "npm" | |
| directory: "/" | |
| schedule: | |
| interval: "daily" | |
| ` | |
| // Define Github Actions main.yml content | |
| const githubActionsContent = ` | |
| name: CI | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| schedule: | |
| - cron: '0 0 * * *' | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Use Node.js | |
| uses: actions/setup-node@v2 | |
| ` | |
| /* | |
| * creates a github repositoy using the security contraints required by | |
| * SOC 2 and HIPAA and other security standards | |
| * | |
| * Includes config files for Dependabot and Github Actions | |
| * to ensure that the repository is always up to date and secure | |
| * | |
| * Dependabot will automatically create pull requests to update | |
| * dependencies when new versions are released on a branch called 'dependabot | |
| * | |
| * Github Actions will run tests and linting on every pull request | |
| * and push to the repository | |
| * | |
| * Github Actions will also run tests and linting on a schedule | |
| * to ensure that the repository is always up to date and secure | |
| * | |
| * @param {string} name - the name of the repository | |
| */ | |
| async function create_repository(org: string, name: string) { | |
| try { | |
| // Create a new repository | |
| await octokit.repos.createInOrg({ | |
| org, | |
| name, | |
| private: true, | |
| delete_branch_on_merge: true, | |
| allow_auto_merge: true, | |
| git_ignore_template: 'Node' | |
| }) | |
| // Create Dependabot config file | |
| await octokit.repos.createOrUpdateFileContents({ | |
| owner: org, | |
| repo: name, | |
| path: '.github/dependabot.yml', | |
| message: 'Initial dependabot config', | |
| content: Buffer.from(dependabotContent).toString('base64'), | |
| branch: 'main' | |
| }) | |
| // Create GitHub Actions config file | |
| await octokit.repos.createOrUpdateFileContents({ | |
| owner: org, | |
| repo: name, | |
| path: '.github/workflows/main.yml', | |
| message: 'Initial GitHub Actions config', | |
| content: Buffer.from(githubActionsContent).toString('base64'), | |
| branch: 'main' | |
| }) | |
| // Get the SHA of the latest commit in the 'main' branch | |
| const { data: refData } = await octokit.git.getRef({ | |
| owner: org, | |
| repo: name, | |
| ref: 'heads/main' | |
| }) | |
| // Create a new 'production' branch from the latest commit SHA | |
| await octokit.git.createRef({ | |
| owner: org, | |
| repo: name, | |
| ref: 'refs/heads/production', | |
| sha: refData.object.sha | |
| }) | |
| await octokit.rest.repos.createOrgRuleset({ | |
| org, | |
| name: 'Boundless Default Ruleset', | |
| target: 'branch', | |
| enforcement: 'active', | |
| conditions: { | |
| ref_name: { | |
| include: ['refs/heads/main', 'refs/heads/production'] | |
| } | |
| }, | |
| rules: [ | |
| { | |
| type: 'deletion' | |
| }, | |
| { | |
| type: 'pull_request', | |
| parameters: { | |
| dismiss_stale_reviews_on_push: true, | |
| require_code_owner_review: true, | |
| require_last_push_approval: false, | |
| required_approving_review_count: 1, | |
| required_review_thread_resolution: false | |
| } | |
| }, | |
| { | |
| type: 'required_status_checks' | |
| }, | |
| { | |
| type: 'commit_message_pattern', | |
| parameters: { | |
| name: 'Commit message pattern', | |
| pattern: '^(\\w+)(\\((\\w+)\\))?\\:\\s(.+)$', | |
| operator: 'regex' | |
| } | |
| } | |
| ] | |
| }) | |
| } catch (error) { | |
| console.log(error) | |
| } | |
| } | |
| async function invite_user( | |
| org: string, | |
| email: string, | |
| role: | |
| | 'direct_member' | |
| | 'admin' | |
| | 'billing_manager' | |
| | undefined = 'direct_member', | |
| team_ids: number[] = [] | |
| ) { | |
| try { | |
| await octokit.orgs.createInvitation({ | |
| org, | |
| email, | |
| role, | |
| team_ids | |
| }) | |
| } catch (error) { | |
| console.log(error) | |
| } | |
| } | |
| async function remove_user(org: string, username: string) { | |
| try { | |
| await octokit.orgs.removeMember({ | |
| org, | |
| username | |
| }) | |
| } catch (error) { | |
| console.log(error) | |
| } | |
| } | |
| export const Github = { | |
| create_repository, | |
| invite_user, | |
| remove_user | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment