audit-kubernetes-repos.md

org/repo	in sigs.yaml?	has owners?	has CONTRIBUTING.md?	has code-of-conduct.md?	has approve?	in tide?	branch protected?
kubernetes/kubelet	missing	no owners	no CONTRIBUTING.md	no code-of-conduct.md
kubernetes/kube-scheduler	missing	no owners	no CONTRIBUTING.md	no code-of-conduct.md
kubernetes/kube-proxy	missing	no owners	no CONTRIBUTING.md	no code-of-conduct.md
kubernetes/kube-controller-manager	missing	no owners	no CONTRIBUTING.md	no code-of-conduct.md
kubernetes/sample-cli-plugin		no owners	no CONTRIBUTING.md	no code-of-conduct.md
kubernetes/cli-runtime		no owners	no CONTRIBUTING.md	no code-of-conduct.md
kubernetes-sigs/kube-storage-version-migrator			no CONTRIBUTING.md	no code-of-conduct.md		not in tide
kubernetes-sigs/kustomize			no CONTRIBUTING.md	no code-of-conduct.md
kubernetes-csi/kubernetes-csi.github.io			no CONTRIBUTING.md	no code-of-conduct.md
kubernetes-incubator/apiserver-builder			no CONTRIBUTING.md		no approve	not in tide
kubernetes/federation			no CONTRIBUTING.md
kubernetes-csi/external-snapshotter			no CONTRIBUTING.md
kubernetes-csi/external-attacher			no CONTRIBUTING.md
kubernetes-csi/driver-registrar			no CONTRIBUTING.md
kubernetes-sigs/aws-iam-authenticator				no code-of-conduct.md		not in tide
kubernetes/website				no code-of-conduct.md
kubernetes/kubernetes-docs-zh				no code-of-conduct.md
kubernetes/kubernetes-anywhere					no approve	not in tide
kubernetes/kompose					no approve	not in tide
kubernetes/k8s.io					no approve	not in tide
kubernetes/git-sync					no approve	not in tide
kubernetes/frakti					no approve	not in tide
kubernetes/autoscaler					no approve	not in tide
kubernetes-incubator/spartakus					no approve	not in tide
kubernetes-incubator/rktlet					no approve	not in tide
kubernetes-incubator/reference-docs					no approve	not in tide
kubernetes-incubator/node-feature-discovery					no approve	not in tide
kubernetes-incubator/nfs-provisioner					no approve	not in tide
kubernetes-incubator/metrics-server					no approve	not in tide
kubernetes-incubator/kube-aws					no approve	not in tide
kubernetes-incubator/kube-arbitrator					no approve	not in tide
kubernetes-incubator/external-storage					no approve	not in tide
kubernetes-incubator/external-dns					no approve	not in tide
kubernetes-incubator/descheduler					no approve	not in tide
kubernetes-incubator/custom-metrics-apiserver					no approve	not in tide
kubernetes-incubator/cluster-proportional-vertical-autoscaler					no approve	not in tide
kubernetes-incubator/cluster-proportional-autoscaler					no approve	not in tide
kubernetes-incubator/cluster-capacity					no approve	not in tide
kubernetes-incubator/bootkube					no approve	not in tide
kubernetes-sigs/aws-alb-ingress-controller						not in tide
kubernetes/utils
kubernetes/test-infra
kubernetes/steering
kubernetes/sig-release
kubernetes/sample-controller
kubernetes/sample-apiserver
kubernetes/repo-infra
kubernetes/release
kubernetes/publishing-bot
kubernetes/perf-tests
kubernetes/org
kubernetes/node-problem-detector
kubernetes/minikube
kubernetes/metrics
kubernetes/kubernetes
kubernetes/kubernetes-template-project
kubernetes/kubernetes-docs-ko
kubernetes/kubernetes-docs-ja
kubernetes/kubectl
kubernetes/kubeadm
kubernetes/kube-state-metrics
kubernetes/kube-openapi
kubernetes/kube-deploy
kubernetes/kube-aggregator
kubernetes/kops
kubernetes/ingress-nginx
kubernetes/ingress-gce
kubernetes/heapster
kubernetes/gengo
kubernetes/features
kubernetes/examples
kubernetes/dns
kubernetes/dashboard
kubernetes/csi-api
kubernetes/contrib
kubernetes/community
kubernetes/code-generator
kubernetes/cluster-registry
kubernetes/cloud-provider-vsphere
kubernetes/cloud-provider-openstack
kubernetes/cloud-provider-gcp
kubernetes/cloud-provider-azure
kubernetes/cloud-provider-aws
kubernetes/client-go
kubernetes/apiserver
kubernetes/apimachinery
kubernetes/apiextensions-apiserver
kubernetes/api
kubernetes-sigs/testing_frameworks
kubernetes-sigs/structured-merge-diff
kubernetes-sigs/poseidon
kubernetes-sigs/kubebuilder
kubernetes-sigs/kubeadm-dind-cluster
kubernetes-sigs/gcp-filestore-csi-driver
kubernetes-sigs/gcp-compute-persistent-disk-csi-driver
kubernetes-sigs/federation-v2
kubernetes-sigs/cri-tools
kubernetes-sigs/cri-o
kubernetes-sigs/controller-tools
kubernetes-sigs/controller-runtime
kubernetes-sigs/contributor-site
kubernetes-sigs/contributor-playground
kubernetes-sigs/cluster-api
kubernetes-sigs/cluster-api-provider-vsphere
kubernetes-sigs/cluster-api-provider-openstack
kubernetes-sigs/cluster-api-provider-gcp
kubernetes-sigs/cluster-api-provider-aws
kubernetes-sigs/aws-encryption-provider
kubernetes-sigs/architecture-tracking
kubernetes-sigs/application
kubernetes-incubator/service-catalog
kubernetes-incubator/kubespray
kubernetes-incubator/ip-masq-agent
kubernetes-csi/livenessprobe
kubernetes-csi/external-provisioner
kubernetes-csi/drivers
kubernetes-csi/docs
kubernetes-csi/csi-test
kubernetes-client/ruby
kubernetes-client/python
kubernetes-client/python-base
kubernetes-client/javascript
kubernetes-client/java
kubernetes-client/haskell
kubernetes-client/go
kubernetes-client/go-base
kubernetes-client/gen
kubernetes-client/csharp

audit-kubernetes-repos.sh

#!/usr/bin/env bash

name=$(basename ${0%.*})
data_dir=data/${name}
mkdir -p ${data_dir}

orgs="kubernetes kubernetes-sigs kubernetes-incubator kubernetes-client kubernetes-csi"

sigs_yaml=${data_dir}/sigs.yaml
prow_config_yaml=${data_dir}/config.yaml
prow_plugins_yaml=${data_dir}/plugins.yaml
testgrid_config_yaml=${data_dir}/testgrid.yaml
staging_src_build=${data_dir}/staging-build

refresh_sigs_yaml=false
refresh_repos=false
refresh_root_owners=false
refresh_prow_plugins_yaml=false
refresh_prow_config_yaml=false
refresh_testgrid_config_yaml=false
refresh_staging_src_build=false

if ${refresh_sigs_yaml}; then
  curl -s https://raw.githubusercontent.com/kubernetes/community/master/sigs.yaml > "${sigs_yaml}" 
fi

if ${refresh_prow_config_yaml}; then
  curl -s https://raw.githubusercontent.com/kubernetes/test-infra/master/prow/config.yaml > "${prow_config_yaml}" 
fi

if ${refresh_prow_plugins_yaml}; then
  curl -s https://raw.githubusercontent.com/kubernetes/test-infra/master/prow/plugins.yaml > "${prow_plugins_yaml}" 
fi

if ${refresh_testgrid_config_yaml}; then
  curl -s https://raw.githubusercontent.com/kubernetes/test-infra/master/testgrid/config.yaml > "${testgrid_config_yaml}" 
fi

if ${refresh_staging_src_build}; then
  curl -s https://raw.githubusercontent.com/kubernetes/kubernetes/master/staging/src/BUILD > "${staging_src_build}"
fi

sigs=$(<${sigs_yaml} yq -r '.sigs[].dir')

staging_repos=${data_dir}/staging-repos.txt
grep //staging ${staging_src_build} | tr -d '",' | cut -d/ -f5,6 | cut -d: -f1 | sort | uniq | sed -e 's/k8s.io/kubernetes/' >${staging_repos}

branch_protected_orgs=${data_dir}/orgs-with-branch-protection.txt
<${prow_config_yaml} yq '.["branch-protection"].orgs | keys[]' > ${branch_protected_orgs}

orgs_with_tide=${data_dir}/orgs-with-tide.txt
<${prow_config_yaml} yq '.tide.queries | map(.orgs // []) | flatten[]' > ${orgs_with_tide}

org_repos_with_tide=${data_dir}/org-repos-with-tide.txt
<${prow_config_yaml} yq '.tide.queries | map(.repos // []) | flatten[]' > ${org_repos_with_tide}

# TODO: which repos are using prow for presubmits, postsubmits, periodics
# org_repos_with_presubmits=$(<${prow_config_yaml} yq -r '.presubmits | keys[]')
# org_repos_with_postsubmits=$(<${prow_config_yaml} yq -r '.postsubmits | keys[]')

echo "| org/repo | in sigs.yaml? | has owners? | has approve? | in tide? | branch protected? |"
echo "| -------- | ------------- | ----------- | ------------ | -------- | ----------------- |"
for org in ${orgs}; do
  repos_json=${data_dir}/${org}-repos.json
  if ${refresh_repos}; then
    curl -sH "Authorization: token ${GITHUB_TOKEN}" \
           "https://api.github.com/orgs/${org}/repos?per_page=100" > ${repos_json}
  fi
  org_repos=$(<${repos_json} jq -r .[].full_name)
  for org_repo in ${org_repos}; do
    repo=$(echo ${org_repo} | cut -d/ -f2)
    repo_dir=${data_dir}/${org_repo}
    mkdir -p ${repo_dir}
    root_owners=${repo_dir}/OWNERS
    if ${refresh_root_owners}; then
      curl -s https://raw.githubusercontent.com/${org_repo}/master/OWNERS > ${root_owners}
    fi
    
    in_sigs=$(grep -q ${org_repo} ${sigs_yaml} || echo -n "missing")

    has_owners=$(grep -q "404: Not Found" ${root_owners} && echo -n "no owners")

    if grep -q ${org_repo} ${staging_repos}; then
      # since k/k is done, assume staging repos done
      has_approve=""
      in_tide=""
      branch_protected=""
    else
      has_approve=$(<${prow_plugins_yaml} yq -r \
        --arg o ${org} \
        --arg o_r ${org_repo} \
        'if ([.plugins[$o] // [], .plugins[$o_r] // []] | flatten | contains(["approve"])) then "" else "no approve" end')
      
      in_tide=$(echo "{}" | jq -r \
        --slurpfile owt "${orgs_with_tide}" \
        --slurpfile orwt "${org_repos_with_tide}" \
        --arg o "${org}" \
        --arg o_r "${org_repo}" \
        'if ($owt | contains([$o]) // $orwt | contains([$o_r])) then "" else "not in tide" end')

      branch_protected=$(echo "{}" | jq -r \
        --slurpfile bpo "${branch_protected_orgs}" \
        --arg o "${org}" \
        --arg o_r "${org_repo}" \
        'if ($bpo | contains([$o])) then "" else "no branch protection" end')
    fi

    echo -n "| [${org_repo}](https://github.com/${org_repo}) | "
    echo -n "${in_sigs} | "
    echo -n "${has_owners} | "
    echo -n "${has_approve} | "
    echo -n "${in_tide} | "
    echo -n "${branch_protected} | "
    echo
  done
  # sort by sigs, owners, branch_protected, approve, in_tide, name
done | sort -r -t '|' -k 3 -k 4 -k 5 -k 6 -k 7 -k 2