-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup-repo.sh
More file actions
executable file
·143 lines (117 loc) · 3.83 KB
/
Copy pathsetup-repo.sh
File metadata and controls
executable file
·143 lines (117 loc) · 3.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
#!/usr/bin/env bash
set -euo pipefail
ORG="towlion"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
LABELS_FILE="$SCRIPT_DIR/labels.json"
# Colors
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
RED='\033[0;31m'
NC='\033[0m'
usage() {
echo "Usage: $(basename "$0") <repo-name>"
echo
echo "Configure governance settings for a towlion repository."
echo "Applies repo settings, branch protection, and standard labels."
echo
echo "Examples:"
echo " $(basename "$0") uku-companion"
echo " $(basename "$0") app-template"
}
info() { echo -e "${GREEN}[OK]${NC} $1"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
error() { echo -e "${RED}[ERROR]${NC} $1"; exit 1; }
if [[ "${1:-}" == "--help" || "${1:-}" == "-h" ]]; then
usage
exit 0
fi
if [[ $# -ne 1 ]]; then
usage
exit 1
fi
REPO="$1"
FULL_REPO="$ORG/$REPO"
# --- Preflight ---
if ! command -v gh &>/dev/null; then
error "gh CLI is not installed. Install it from https://cli.github.com"
fi
if ! gh auth status &>/dev/null; then
error "gh CLI is not authenticated. Run 'gh auth login' first."
fi
if ! gh repo view "$FULL_REPO" &>/dev/null; then
error "Repository $FULL_REPO does not exist or is not accessible."
fi
echo "Configuring $FULL_REPO..."
echo
# --- Repo Settings ---
gh api -X PATCH "repos/$FULL_REPO" \
-f has_wiki=false \
-f delete_branch_on_merge=true \
-f allow_squash_merge=true \
-f allow_merge_commit=false \
-f allow_rebase_merge=false \
--silent
# These may fail if the org has the feature disabled — that's fine
gh api -X PATCH "repos/$FULL_REPO" -f has_projects=false --silent 2>/dev/null || true
gh api -X PATCH "repos/$FULL_REPO" -f has_discussions=false --silent 2>/dev/null || true
info "Repo settings: wiki disabled, squash-only merge, auto-delete branches"
# --- Branch Protection ---
# Check if main branch exists
if gh api "repos/$FULL_REPO/branches/main" --silent 2>/dev/null; then
gh api -X PUT "repos/$FULL_REPO/branches/main/protection" \
--input - --silent <<'PROTECTION'
{
"required_status_checks": {
"strict": true,
"contexts": ["validate"]
},
"enforce_admins": false,
"required_pull_request_reviews": {
"dismiss_stale_reviews": true,
"require_code_owner_reviews": false,
"required_approving_review_count": 1
},
"restrictions": null
}
PROTECTION
info "Branch protection: PR reviews, status checks, no force push on main"
else
warn "Branch 'main' does not exist yet — skipping branch protection (re-run after first push)"
fi
# --- Labels ---
if [[ ! -f "$LABELS_FILE" ]]; then
error "Labels file not found at $LABELS_FILE"
fi
label_count=0
while IFS= read -r label; do
name=$(echo "$label" | python3 -c "import sys,json; print(json.load(sys.stdin)['name'])")
color=$(echo "$label" | python3 -c "import sys,json; print(json.load(sys.stdin)['color'])")
description=$(echo "$label" | python3 -c "import sys,json; print(json.load(sys.stdin)['description'])")
# Try to create; if it already exists (422), update instead
if gh api -X POST "repos/$FULL_REPO/labels" \
-f name="$name" -f color="$color" -f description="$description" \
--silent 2>/dev/null; then
: # created
else
gh api -X PATCH "repos/$FULL_REPO/labels/$name" \
-f color="$color" -f description="$description" \
--silent 2>/dev/null || true
fi
label_count=$((label_count + 1))
done < <(python3 -c "
import json, sys
with open('$LABELS_FILE') as f:
for item in json.load(f):
print(json.dumps(item))
")
info "Labels: $label_count standard labels created/updated"
# --- Summary ---
echo
echo -e "${GREEN}=== Setup complete for $FULL_REPO ===${NC}"
echo " - Repo settings configured"
if gh api "repos/$FULL_REPO/branches/main" --silent 2>/dev/null; then
echo " - Branch protection applied to main"
else
echo " - Branch protection skipped (no main branch)"
fi
echo " - $label_count labels created/updated"