diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..0cfc43c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,10 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/open-pr.yml b/.github/workflows/open-pr.yml new file mode 100644 index 0000000..2920ad1 --- /dev/null +++ b/.github/workflows/open-pr.yml @@ -0,0 +1,23 @@ +name: Set expectations on PR + +on: + pull_request_target: + types: + - opened + - reopened + +jobs: + comment-on-pull-request: + name: Comment on PR to set expectations + runs-on: ubuntu-latest + steps: + - uses: actions/github-script@v7 + with: + github-token: ${{secrets.GITHUB_TOKEN}} + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: '👋 Thanks for opening a pull request! I try to review this repo at least once a week.' + }) diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml new file mode 100644 index 0000000..0c9d218 --- /dev/null +++ b/.github/workflows/pull-request.yml @@ -0,0 +1,50 @@ +name: Pull Request Checks! + +on: + pull_request: + branches: + - main + +permissions: + contents: read + packages: read + statuses: write + +jobs: + lint: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Super-linter + uses: super-linter/super-linter@v5 + env: + DEFAULT_BRANCH: main + VALIDATE_GITHUB_ACTIONS: true + VALIDATE_GO: true + VALIDATE_MARKDOWN: true + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: 1.21 + + - name: Build + run: go build -v ./... + + dependency-review: + runs-on: ubuntu-latest + steps: + - name: "Checkout Repository" + uses: actions/checkout@v4 + + - name: "Dependency Review" + uses: actions/dependency-review-action@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..8dfe1ca --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,21 @@ +name: release + +on: + push: + tags: + - "v*" + +permissions: + contents: write + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Precompile all gh extension architectures + uses: cli/gh-extension-precompile@v1 + with: + go_version: "1.21" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5ba7154 --- /dev/null +++ b/.gitignore @@ -0,0 +1,30 @@ +# If you prefer the allow list template instead of the deny list, see community template: +# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore +# +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Dependency directories (remove the comment below to include it) +# vendor/ + +# Go workspace file +go.work + +# Binary output for local testing +gh-org-admin-promote + +# Test token file +token.txt + +# Ignore all CSV files +*.csv diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..d866958 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,5 @@ +# For more information, see [docs](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners#codeowners-syntax) + +## This repository is maintained by + +* @some-natalie diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..6dc4b12 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,74 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +nationality, personal appearance, race, religion, or sexual identity and +orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or +advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at . All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at [http://contributor-covenant.org/version/1/4][version] + +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..ef5b265 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,28 @@ +# Contributing + +Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great. + +Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license](LICENSE). + +Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms. + +## Submitting a pull request + +1. Fork and clone the repository +1. Configure and install the dependencies: `pip3 install -r requirements.txt` +1. Create a new branch: `git checkout -b my-branch-name` +1. Push to your fork and submit a pull request +1. Pat your self on the back and wait for your pull request to be reviewed! :tada: + +Here are a few things you can do that will increase the likelihood of your pull request being accepted: + +- Follow the [style guide](https://black.readthedocs.io/en/stable/) - it'll automatically run via the [super-linter](https://github.com/github/super-linter). +- Write tests. +- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests. +- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). + +## Resources + +- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) +- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) +- [GitHub Help](https://help.github.com) diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..3efbd36 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2023 Natalie Somersall + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..ded43c2 --- /dev/null +++ b/README.md @@ -0,0 +1,55 @@ +# gh-org-admin-promote + +GitHub CLI extension to promote an enterprise admin to an organization admin for all orgs in the enterprise. This is an API-first replacement of `ghe-org-admin-promote` on GitHub Enterprise Server. It also outputs an inventory of all organizations in the enterprise as a CSV file. + +Should work on [all supported versions](https://docs.github.com/en/enterprise-server@latest/admin/all-releases#releases-of-github-enterprise-server) of GitHub Enterprise Server, as well as GitHub Enterprise Cloud. + +## Permissions check + +> [!IMPORTANT] +> This requires the `admin:enterprise` and `admin:org` scopes, which are only available to enterprise owners and not default for logging in to the gh cli. + +Run `ghe auth status` to check your permissions. You should see `admin:enterprise` and `admin:org` in the list of scopes. + +```console +$ gh auth status + +ghes-test-instance.com + ✓ Logged in to ghes-test-instance.com account some-natalie (keyring) + - Active account: true + - Git operations protocol: https + - Token: gho_************************************ + - Token scopes: 'admin:enterprise', 'admin:org', 'gist', 'repo', 'workflow' +``` + +If you don't, do the following to add the right scopes: + +```console +gh auth refresh -s admin:enterprise -s admin:org -h ghes-test-instance.com +``` + +## Installation + +```console +gh extension install some-natalie/gh-org-admin-promote +``` + +## Usage + +```console +$ export GH_HOST=ghes-test-instance.com # option for GHES, defaults to github.com + +$ gh org-admin-promote enterprise-name + +Getting total count of organizations in github... +Total count of organizations in github: 4 +Getting list of organizations in github... +Promoting user to admin for testorg-00002... +User promoted to admin for testorg-00002 +Promoting user to admin for testorg-00003... +User promoted to admin for testorg-00003 +``` + +## Limitations + +This will promote you to own all organizations, but it will not capture anything in a user-namespaced repository (e.g. `some-natalie/gh-org-admin-promote`). If you need reporting on all of these, for GHES, use the [all_repositories.csv report](https://docs.github.com/en/enterprise-server@latest/admin/administering-your-instance/administering-your-instance-from-the-web-ui/site-admin-dashboard#reports) to get a list. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..e706d76 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,9 @@ +# Security Policy + +## Supported Versions + +Only the latest major semver will receive security attention. + +## Reporting a Vulnerability + +Please open an issue with all information you can provide and add the "security" label. diff --git a/SUPPORT.md b/SUPPORT.md new file mode 100644 index 0000000..68ce264 --- /dev/null +++ b/SUPPORT.md @@ -0,0 +1,13 @@ +# Support + +## How to file issues and get help + +This project uses GitHub issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new issue. + +For help or questions about using this project, please search the existing discussions and issues, then open a new discussion. Thanks! + +**gh-org-admin-promote** is actively developed and is maintained by GitHub staff **AND THE COMMUNITY** on a best-effort basis. We will do our best to respond to support and community questions in a timely manner. + +## GitHub Support Policy + +Support for this project is limited to the resources listed above. diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..3384587 --- /dev/null +++ b/go.mod @@ -0,0 +1,26 @@ +module github.com/some-natalie/gh-org-admin-promote + +go 1.21.5 + +require ( + github.com/cli/go-gh/v2 v2.4.0 + github.com/cli/shurcooL-graphql v0.0.4 +) + +require ( + github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect + github.com/cli/safeexec v1.0.1 // indirect + github.com/henvic/httpretty v0.1.3 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/lucasb-eyer/go-colorful v1.2.0 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect + github.com/muesli/termenv v0.15.2 // indirect + github.com/rivo/uniseg v0.4.4 // indirect + github.com/stretchr/testify v1.8.1 // indirect + github.com/thlib/go-timezone-local v0.0.0-20210907160436-ef149e42d28e // indirect + golang.org/x/sys v0.15.0 // indirect + golang.org/x/term v0.15.0 // indirect + golang.org/x/text v0.14.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..a0805d2 --- /dev/null +++ b/go.sum @@ -0,0 +1,60 @@ +github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= +github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= +github.com/cli/go-gh/v2 v2.4.0 h1:6j3YxA8uJVOL4lBWjqDmMiAQNnJ2fiZagCuEmQXl+pU= +github.com/cli/go-gh/v2 v2.4.0/go.mod h1:h3salfqqooVpzKmHp6aUdeNx62UmxQRpLbagFSHTJGQ= +github.com/cli/safeexec v1.0.1 h1:e/C79PbXF4yYTN/wauC4tviMxEV13BwljGj0N9j+N00= +github.com/cli/safeexec v1.0.1/go.mod h1:Z/D4tTN8Vs5gXYHDCbaM1S/anmEDnJb1iW0+EJ5zx3Q= +github.com/cli/shurcooL-graphql v0.0.4 h1:6MogPnQJLjKkaXPyGqPRXOI2qCsQdqNfUY1QSJu2GuY= +github.com/cli/shurcooL-graphql v0.0.4/go.mod h1:3waN4u02FiZivIV+p1y4d0Jo1jc6BViMA73C+sZo2fk= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw= +github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI= +github.com/henvic/httpretty v0.1.3 h1:4A6vigjz6Q/+yAfTD4wqipCv+Px69C7Th/NhT0ApuU8= +github.com/henvic/httpretty v0.1.3/go.mod h1:UUEv7c2kHZ5SPQ51uS3wBpzPDibg2U3Y+IaXyHy5GBg= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= +github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= +github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/muesli/termenv v0.15.2 h1:GohcuySI0QmI3wN8Ok9PtKGkgkFIk7y6Vpb5PvrY+Wo= +github.com/muesli/termenv v0.15.2/go.mod h1:Epx+iuz8sNs7mNKhxzH4fWXGNpZwUaJKRS1noLXviQ8= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= +github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/thlib/go-timezone-local v0.0.0-20210907160436-ef149e42d28e h1:BuzhfgfWQbX0dWzYzT1zsORLnHRv3bcRcsaUk0VmXA8= +github.com/thlib/go-timezone-local v0.0.0-20210907160436-ef149e42d28e/go.mod h1:/Tnicc6m/lsJE0irFMA0LfIwTBo4QP7A8IfyIv4zZKI= +golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= +golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/h2non/gock.v1 v1.1.2 h1:jBbHXgGBK/AoPVfJh5x4r/WxIrElvbLel8TCZkkZJoY= +gopkg.in/h2non/gock.v1 v1.1.2/go.mod h1:n7UGz/ckNChHiK05rDoiC4MYSunEC/lyaUm2WWaDva0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/main.go b/main.go new file mode 100644 index 0000000..8b00406 --- /dev/null +++ b/main.go @@ -0,0 +1,183 @@ +/* +Copyright © 2023 Natalie Somersall +*/ +package main + +import ( + "encoding/csv" + "fmt" + "log" + "os" + + "github.com/cli/go-gh/v2/pkg/api" + graphql "github.com/cli/shurcooL-graphql" +) + +func main() { + // -h flag or no arguments provided + if len(os.Args) < 1 || os.Args[1] == "-h" { + fmt.Println("Usage: gh org-admin-promote GITHUB_ENTERPRISE_SLUG") + fmt.Println("Promotes the authenticated user to admin for all organizations in the specified enterprise") + fmt.Println("GH_TOKEN requires the following scopes: admin:enterprise, admin:org") + fmt.Println("See https://cli.github.com/manual/gh_auth_login to add scopes to gh cli!") + os.Exit(0) + } + + // Get the enterprise slug from args + enterpriseSlug := os.Args[1] + + // Get the hostname from the environment variable, otherwise default to github.com + hostname := os.Getenv("GH_HOST") + if hostname == "" { + hostname = "github.com" + } + + // Create a GraphQL client using the hostname from the gh cli + opts := api.ClientOptions{ + Host: hostname, + } + client, err := api.NewGraphQLClient(opts) + if err != nil { + log.Fatal(err) + } + + // Get the enterprise ID from the enterprise slug + var enterpriseIDQuery struct { + Enterprise struct { + ID string `graphql:"id"` + } `graphql:"enterprise(slug: $slug)"` + } + variables := map[string]interface{}{ + "slug": graphql.String(enterpriseSlug), + } + err = client.Query("EnterpriseID", &enterpriseIDQuery, variables) + if err != nil { + log.Fatal(err) + } + enterpriseID := enterpriseIDQuery.Enterprise.ID + + // Get a total count of organizations in the enterprise + var orgCountQuery struct { + Enterprise struct { + Organizations struct { + TotalCount int `graphql:"totalCount"` + } `graphql:"organizations"` + } `graphql:"enterprise(slug: $slug)"` + } + fmt.Printf("Getting total count of organizations in %s...\n", enterpriseSlug) + variables = map[string]interface{}{ + "slug": graphql.String(enterpriseSlug), + } + err = client.Query("OrgCount", &orgCountQuery, variables) + if err != nil { + log.Fatal(err) + } + orgCount := orgCountQuery.Enterprise.Organizations.TotalCount + fmt.Printf("Total count of organizations in %s: %d\n", enterpriseSlug, orgCount) + + // Create a CSV file + csvFile, err := os.Create("all_orgs.csv") + if err != nil { + log.Fatal(err) + } + defer csvFile.Close() + + writer := csv.NewWriter(csvFile) + defer writer.Flush() + + // Write CSV header + err = writer.Write([]string{"ID", "CreatedAt", "Login", "Email", "ViewerCanAdminister", "ViewerIsAMember", "Repo_TotalCount", "Repo_TotalDiskUsage"}) + if err != nil { + log.Fatal(err) + } + + // Get a list of organizations in the enterprise + var orgListQuery struct { + Enterprise struct { + Organizations struct { + Edges []struct { + Node struct { + ID string `graphql:"id"` + CreatedAt string `graphql:"createdAt"` + Login string `graphql:"login"` + Email string `graphql:"email"` + ViewerCanAdminister bool `graphql:"viewerCanAdminister"` + ViewerIsAMember bool `graphql:"viewerIsAMember"` + Repositories struct { + TotalCount int `graphql:"totalCount"` + TotalDiskUsage int `graphql:"totalDiskUsage"` + } `graphql:"repositories"` + } `graphql:"node"` + } `graphql:"edges"` + PageInfo struct { + EndCursor string `graphql:"endCursor"` + HasNextPage bool `graphql:"hasNextPage"` + } + } `graphql:"organizations(first: 100, after: $cursor)"` + } `graphql:"enterprise(slug: $slug)"` + } + fmt.Printf("Getting list of organizations in %s...\n", enterpriseSlug) + variables = map[string]interface{}{ + "slug": graphql.String(enterpriseSlug), + "cursor": (*graphql.String)(nil), + } + page := 1 + for { + if err := client.Query("OrgList", &orgListQuery, variables); err != nil { + log.Fatal(err) + } + + // Write each organization to the CSV file + for _, org := range orgListQuery.Enterprise.Organizations.Edges { + err = writer.Write([]string{org.Node.ID, org.Node.CreatedAt, org.Node.Login, org.Node.Email, fmt.Sprintf("%t", org.Node.ViewerCanAdminister), fmt.Sprintf("%t", org.Node.ViewerIsAMember), fmt.Sprintf("%d", org.Node.Repositories.TotalCount), fmt.Sprintf("%d", org.Node.Repositories.TotalDiskUsage)}) + if err != nil { + log.Fatal(err) + } + } + + // Promote this user to enterprise admin for all organizations where ViewerCanAdminister is false + for _, org := range orgListQuery.Enterprise.Organizations.Edges { + if !org.Node.ViewerCanAdminister { + fmt.Printf("Promoting user to admin for %s...\n", org.Node.Login) + var promoteAdmin struct { + UpdateEnterpriseOwnerOrganizationRole struct { + ClientMutationId string + } `graphql:"updateEnterpriseOwnerOrganizationRole(input: $input)"` + } + + type UpdateEnterpriseOwnerOrganizationRoleInput struct { + EnterpriseId graphql.ID `json:"enterpriseId"` + OrganizationId graphql.ID `json:"organizationId"` + OrganizationRole graphql.String `json:"organizationRole"` + } + + variables := map[string]interface{}{ + "input": UpdateEnterpriseOwnerOrganizationRoleInput{ + EnterpriseId: graphql.ID(enterpriseID), + OrganizationId: graphql.ID(org.Node.ID), + OrganizationRole: graphql.String("OWNER"), + }, + } + + err = client.Mutate("PromoteAdmin", &promoteAdmin, variables) + if err != nil { + log.Fatal(err) + } + fmt.Printf("User promoted to admin for %s\n", org.Node.Login) + } + } + + // If there are no more pages, break out of the loop + if !orgListQuery.Enterprise.Organizations.PageInfo.HasNextPage { + break + } + + // Otherwise, update the cursor and page number + variables["cursor"] = graphql.String(orgListQuery.Enterprise.Organizations.PageInfo.EndCursor) + page++ + } + + // Close the CSV file + csvFile.Close() + +}