Skip to content

Instantly share code, notes, and snippets.

@spiffxp

spiffxp/kubernetes-repos-audit.md

Last active September 6, 2019 23:57
Show Gist options
  • Save spiffxp/324824f2a5bf4d6c7d56c6b3a7f795ed to your computer and use it in GitHub Desktop.
Save spiffxp/324824f2a5bf4d6c7d56c6b3a7f795ed to your computer and use it in GitHub Desktop.
Download ZIP
Raw
kubernetes-repos-audit.md
org/repo in sigs.yaml? has owners? has approve? in tide? branch protected?
kubernetes/kubelet missing
kubernetes/kube-scheduler missing
kubernetes/kube-proxy missing
kubernetes/kube-controller-manager missing
kubernetes-csi/csi-driver-fibre-channel missing
kubernetes/website
kubernetes/utils
kubernetes/test-infra
kubernetes/system-validators
kubernetes/steering
kubernetes/sig-release
kubernetes/security
kubernetes/sample-controller
kubernetes/sample-cli-plugin
kubernetes/sample-apiserver
kubernetes/repo-infra
kubernetes/release
kubernetes/publishing-bot
kubernetes/perf-tests
kubernetes/org
kubernetes/node-problem-detector
kubernetes/node-api
kubernetes/minikube
kubernetes/metrics
kubernetes/legacy-cloud-providers
kubernetes/kubernetes
kubernetes/kubernetes-template-project
kubernetes/kubernetes-anywhere
kubernetes/kubectl
kubernetes/kubeadm
kubernetes/kube-state-metrics
kubernetes/kube-openapi
kubernetes/kube-deploy
kubernetes/kube-aggregator
kubernetes/kops
kubernetes/kompose
kubernetes/klog
kubernetes/k8s.io
kubernetes/ingress-nginx
kubernetes/ingress-gce
kubernetes/git-sync
kubernetes/gengo
kubernetes/funding
kubernetes/frakti
kubernetes/examples
kubernetes/enhancements
kubernetes/dns
kubernetes/dashboard
kubernetes/csi-translation-lib
kubernetes/csi-api
kubernetes/cri-api
kubernetes/component-base
kubernetes/community
kubernetes/code-generator
kubernetes/cluster-registry
kubernetes/cluster-bootstrap
kubernetes/cloud-provider
kubernetes/cloud-provider-vsphere
kubernetes/cloud-provider-sample
kubernetes/cloud-provider-openstack
kubernetes/cloud-provider-gcp
kubernetes/cloud-provider-azure
kubernetes/cloud-provider-aws
kubernetes/cloud-provider-alibaba-cloud
kubernetes/client-go
kubernetes/cli-runtime
kubernetes/autoscaler
kubernetes/apiserver
kubernetes/apimachinery
kubernetes/apiextensions-apiserver
kubernetes/api
kubernetes-sigs/yaml
kubernetes-sigs/windows-testing
kubernetes-sigs/windows-gmsa
kubernetes-sigs/vsphere-csi-driver
kubernetes-sigs/testing_frameworks
kubernetes-sigs/structured-merge-diff
kubernetes-sigs/slack-infra
kubernetes-sigs/sig-windows-tools
kubernetes-sigs/sig-usability
kubernetes-sigs/sig-storage-local-static-provisioner
kubernetes-sigs/sig-storage-lib-external-provisioner
kubernetes-sigs/service-catalog
kubernetes-sigs/release-notes
kubernetes-sigs/poseidon
kubernetes-sigs/node-feature-discovery
kubernetes-sigs/node-feature-discovery-operator
kubernetes-sigs/mutating-trace-admission-controller
kubernetes-sigs/multi-tenancy
kubernetes-sigs/minibroker
kubernetes-sigs/legacyflag
kubernetes-sigs/kustomize
kubernetes-sigs/kubespray
kubernetes-sigs/kubefed
kubernetes-sigs/kubebuilder
kubernetes-sigs/kubebuilder-declarative-pattern
kubernetes-sigs/kube-storage-version-migrator
kubernetes-sigs/kube-batch
kubernetes-sigs/krew
kubernetes-sigs/krew-index
kubernetes-sigs/kind
kubernetes-sigs/k8s-container-image-promoter
kubernetes-sigs/image-builder
kubernetes-sigs/go-open-service-broker-client
kubernetes-sigs/gcp-filestore-csi-driver
kubernetes-sigs/gcp-compute-persistent-disk-csi-driver
kubernetes-sigs/execution-hook
kubernetes-sigs/etcdadm
kubernetes-sigs/dashboard-metrics-scraper
kubernetes-sigs/cri-tools
kubernetes-sigs/controller-tools
kubernetes-sigs/controller-runtime
kubernetes-sigs/contributor-site
kubernetes-sigs/contributor-playground
kubernetes-sigs/cluster-api
kubernetes-sigs/cluster-api-provider-vsphere
kubernetes-sigs/cluster-api-provider-openstack
kubernetes-sigs/cluster-api-provider-ibmcloud
kubernetes-sigs/cluster-api-provider-gcp
kubernetes-sigs/cluster-api-provider-docker
kubernetes-sigs/cluster-api-provider-digitalocean
kubernetes-sigs/cluster-api-provider-azure
kubernetes-sigs/cluster-api-provider-aws
kubernetes-sigs/cluster-api-bootstrap-provider-kubeadm
kubernetes-sigs/cli-utils
kubernetes-sigs/cli-experimental
kubernetes-sigs/azurefile-csi-driver
kubernetes-sigs/azuredisk-csi-driver
kubernetes-sigs/aws-iam-authenticator
kubernetes-sigs/aws-fsx-csi-driver
kubernetes-sigs/aws-encryption-provider
kubernetes-sigs/aws-efs-csi-driver
kubernetes-sigs/aws-ebs-csi-driver
kubernetes-sigs/aws-alb-ingress-controller
kubernetes-sigs/application
kubernetes-sigs/apiserver-network-proxy
kubernetes-sigs/apiserver-builder-alpha
kubernetes-sigs/alibaba-cloud-csi-driver
kubernetes-sigs/addon-operators
kubernetes-incubator/spartakus
kubernetes-incubator/rktlet
kubernetes-incubator/reference-docs
kubernetes-incubator/metrics-server
kubernetes-incubator/kube-aws
kubernetes-incubator/ip-masq-agent
kubernetes-incubator/external-storage
kubernetes-incubator/external-dns
kubernetes-incubator/descheduler
kubernetes-incubator/custom-metrics-apiserver
kubernetes-incubator/cluster-proportional-vertical-autoscaler
kubernetes-incubator/cluster-proportional-autoscaler
kubernetes-incubator/cluster-capacity
kubernetes-incubator/bootkube
kubernetes-csi/node-driver-registrar
kubernetes-csi/livenessprobe
kubernetes-csi/kubernetes-csi.github.io
kubernetes-csi/external-snapshotter
kubernetes-csi/external-resizer
kubernetes-csi/external-provisioner
kubernetes-csi/external-attacher
kubernetes-csi/drivers
kubernetes-csi/driver-registrar
kubernetes-csi/docs
kubernetes-csi/csi-test
kubernetes-csi/csi-release-tools
kubernetes-csi/csi-proxy
kubernetes-csi/csi-lib-utils
kubernetes-csi/csi-lib-iscsi
kubernetes-csi/csi-lib-fc
kubernetes-csi/csi-driver-nfs
kubernetes-csi/csi-driver-iscsi
kubernetes-csi/csi-driver-image-populator
kubernetes-csi/csi-driver-host-path
kubernetes-csi/csi-driver-flex
kubernetes-csi/cluster-driver-registrar
kubernetes-client/ruby
kubernetes-client/python
kubernetes-client/python-base
kubernetes-client/perl
kubernetes-client/javascript
kubernetes-client/java
kubernetes-client/haskell
kubernetes-client/go
kubernetes-client/go-base
kubernetes-client/gen
kubernetes-client/csharp
Raw
kubernetes-repos-audit.sh
#!/usr/bin/env bash
set -eu
name=$(basename ${0%.*})
data_dir=data/${name}
mkdir -p ${data_dir}
orgs="kubernetes kubernetes-client kubernetes-csi kubernetes-sigs kubernetes-incubator"
sigs_yaml=${data_dir}/sigs.yaml
prow_config_yaml=${data_dir}/config.yaml
prow_plugins_yaml=${data_dir}/plugins.yaml
testgrid_config_yaml=${data_dir}/testgrid.yaml
staging_src_build=${data_dir}/staging-build
online=true
refresh_sigs_yaml=${online}
refresh_repos_json=${online}
refresh_root_owners=${online}
refresh_prow_plugins_yaml=${online}
refresh_prow_config_yaml=${online}
refresh_testgrid_config_yaml=${online}
refresh_staging_src_build=${online}
refresh_contributing_md=${online}
refresh_code_of_conduct_md=${online}
output_audit_table=true
# not strictly needed yet
refresh_repo_json=false
refresh_repo_labels_txt=false
if ${refresh_sigs_yaml}; then
curl -s https://raw.githubusercontent.com/kubernetes/community/master/sigs.yaml > "${sigs_yaml}"
fi
if ${refresh_prow_config_yaml}; then
curl -s https://raw.githubusercontent.com/kubernetes/test-infra/master/prow/config.yaml > "${prow_config_yaml}"
fi
if ${refresh_prow_plugins_yaml}; then
curl -s https://raw.githubusercontent.com/kubernetes/test-infra/master/prow/plugins.yaml > "${prow_plugins_yaml}"
fi
if ${refresh_testgrid_config_yaml}; then
curl -s https://raw.githubusercontent.com/kubernetes/test-infra/master/testgrid/config.yaml > "${testgrid_config_yaml}"
fi
if ${refresh_staging_src_build}; then
curl -s https://raw.githubusercontent.com/kubernetes/kubernetes/master/staging/src/BUILD > "${staging_src_build}"
fi
sigs=$(<${sigs_yaml} yaml2json | jq -r '.sigs[].dir')
staging_repos=${data_dir}/staging-repos.txt
grep //staging ${staging_src_build} | tr -d '",' | cut -d/ -f5,6 | cut -d: -f1 | sort | uniq | sed -e 's/k8s.io/kubernetes/' >${staging_repos}
branch_protected_orgs=${data_dir}/orgs-with-branch-protection.txt
<${prow_config_yaml} yaml2json | jq '.["branch-protection"].orgs | keys[]' > ${branch_protected_orgs}
orgs_with_tide=${data_dir}/orgs-with-tide.txt
<${prow_config_yaml} yaml2json | jq '.tide.queries | map(.orgs // []) | flatten[]' > ${orgs_with_tide}
org_repos_with_tide=${data_dir}/org-repos-with-tide.txt
<${prow_config_yaml} yaml2json | jq '.tide.queries | map(.repos // []) | flatten[]' > ${org_repos_with_tide}
if ${output_audit_table}; then
echo "| org/repo | in sigs.yaml? | has owners? | has approve? | in tide? | branch protected? |"
echo "| -------- | ------------- | ----------- | ------------ | -------- | ----------------- |"
fi
for org in ${orgs}; do
repos_json=${data_dir}/${org}-repos.json
if ${refresh_repos_json}; then
curl -sH "Authorization: token ${GITHUB_TOKEN}" \
"https://api.github.com/orgs/${org}/repos?per_page=100" > ${repos_json}
fi
org_repos=$(<${repos_json} jq -r .[].full_name)
for org_repo in ${org_repos}; do
repo=$(echo ${org_repo} | cut -d/ -f2)
repo_dir=${data_dir}/${org_repo}
mkdir -p ${repo_dir}
root_owners=${repo_dir}/OWNERS
if ${refresh_root_owners}; then
curl -s https://raw.githubusercontent.com/${org_repo}/master/OWNERS > ${root_owners}
fi
contributing_md=${repo_dir}/CONTRIBUTING.md
if ${refresh_contributing_md}; then
curl -s https://raw.githubusercontent.com/${org_repo}/master/CONTRIBUTING.md > ${contributing_md}
fi
code_of_conduct_md=${repo_dir}/code-of-conduct.md
if ${refresh_code_of_conduct_md}; then
curl -s https://raw.githubusercontent.com/${org_repo}/master/code-of-conduct.md > ${code_of_conduct_md}
fi
repo_json=${repo_dir}/repo.json
if ${refresh_repo_json}; then
curl -sH "Authorization: token ${GITHUB_TOKEN}" \
"https://api.github.com/repos/${org_repo}" > ${repo_json}
fi
repo_labels_txt=${repo_dir}/labels.txt
if ${refresh_repo_labels_txt}; then
echo "" >${repo_labels_txt}
for i in $(seq 1 3); do
curl -sH "Authorization: token ${GITHUB_TOKEN}" \
"https://api.github.com/repos/${org_repo}/labels?per_page=100&page=${i}" | jq .[].name >> ${repo_labels_txt}
done
fi
if ${output_audit_table}; then
in_sigs=$(grep -q ${org_repo} ${sigs_yaml} || echo -n "missing")
has_owners=$((grep -q "404: Not Found" ${root_owners} && echo -n "no owners") || true)
has_contributing_md=$((grep -q "404: Not Found" ${contributing_md} && echo -n "no CONTRIBUTING.md") || true)
has_code_of_conduct_md=$((grep -q "404: Not Found" ${code_of_conduct_md} && echo -n "no code-of-conduct.md") || true)
if grep -q ${org_repo} ${staging_repos}; then
# since k/k is done, assume staging repos done
has_approve=""
in_tide=""
branch_protected=""
else
has_approve=$(<${prow_plugins_yaml} yaml2json | jq -r \
--arg o ${org} \
--arg o_r ${org_repo} \
'if ([.plugins[$o] // [], .plugins[$o_r] // []] | flatten | contains(["approve"])) then "" else "no approve" end')
in_tide=$(echo "{}" | jq -r \
--slurpfile owt "${orgs_with_tide}" \
--slurpfile orwt "${org_repos_with_tide}" \
--arg o "${org}" \
--arg o_r "${org_repo}" \
'if (($owt | contains([$o])) // ($orwt | contains([$o_r]))) then "" else "not in tide" end')
branch_protected=$(echo "{}" | jq -r \
--slurpfile bpo "${branch_protected_orgs}" \
--arg o "${org}" \
--arg o_r "${org_repo}" \
'if ($bpo | contains([$o])) then "" else "no branch protection" end')
fi
echo -n "| [${org_repo}](https://github.com/${org_repo}) | "
echo -n "${in_sigs} | "
echo -n "${has_owners} | "
echo -n "${has_approve} | "
echo -n "${in_tide} | "
echo -n "${branch_protected} | "
echo
fi
done
done | sort -r -t '|' -k 3 -k 4 -k 5 -k 6 -k 2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment