I have a script to download all the repos in my Organization, and it works fine.
We have recently added Teams, and I would like to target a specific team to download all the repos in that team.
To get for the whole org I can do this: (changing the page number to walk them)
Works:
https://api.github.com/orgs/MY_ORG/repos?access_token=MY_TOKEN&per_page=100&page=1
How do I do it for a team in the Org? I've tried:
Does not work
https://api.github.com/orgs/MY_ORG/teams/TEAM_SLUG/repos?access_token=MY_TOKEN
As well as a few others, none of which works.
By looking at the API Documentation it seems like what I'm trying should work. I can't even get the list of teams which the docs have as:
GET /orgs/:org/teams/:team_slug
So if I do:
https://api.github.com/orgs/MY_ORG/teams/TEAM_SLUG?access_token=MY_TOKEN
I just get back a Not Found, error with a link to the docs.
Anyone have success in doing this?
You are not trying correct API to get the Repos in a team
try
GET /teams/:team_id/repos
To get the team ID you can list all your Organisation teams as follows:
GET https://api.github.com/orgs/<ORGANISATION>/teams
If you are self hosting your GitHub Enterprise then replace https://api.github.com with https://<HOSTNAME>/api/v3/
Send personal access token as:
Authorization: token <PERSONALACCESSTOKEN>
Using Curl:
To get team Repos:
curl -H "Authorization: token <PERSONALACCESSTOKEN>" -X GET https://api.github.com/teams/:team_id/repos
To get the team ID :
curl -H "Authorization: token PERSONALACCESSTOKEN" -X GET https://api.github.com/orgs/<ORGANISATION>/teams
Further reading:
API Authentication: https://developer.github.com/v3/#authentication
Listing teams: https://developer.github.com/v3/teams/#list-team-repos
Related
I'm attempting to create a Terraform-integrated script that will create and configure a Google Cloud VM that will install Github Runner as self-hosted. The repository is under my workplace's 'organization' and it is closed to the public. Everything goes smoothly until I need to configure the runner. In repository instructions for creating self-hosted runner written as this:
# Create the runner and start the configuration experience
$ ./config.cmd --url https://github.com/my_work_place_organizaiton_name/repository_name --token ASZER2QS4UVEAL3YLMZ3DIMUIC
The issue is that, because it is an unattended script, it will run entirely on its own with no strings attached, and everything should be generated as automatically as possible. So I need a way to generate/retrieve this token ASZER2QS4UVEAL3YLMZ3DIMUIC automatically.
I think I found a way (correct me if I wrong) here: Create a registration token for an organization. So far so good. I managed to create a powershell script to execute all steps in new Github self-hosted runner until the step where I need to generate token. Once I run the command (even in Github CLI) I get an error back like this:
gh api --method POST -H "Accept: application/vnd.github+json" /orgs/my_work_place_organizaiton_name/actions/runners/registration-token
{
"message": "Must have admin rights to Repository.",
"documentation_url": "https://docs.github.com/rest/reference/actions#create-a-registration-token-for-an-organization"
}
gh: Must have admin rights to Repository. (HTTP 403)
gh: This API operation needs the "admin:org" scope. To request it, run: gh auth refresh -h github.com -s admin:org
I am an admin in this repository but not in the organization, and I am afraid that no one will grant me admin access to the organization, and even more, I cannot simply put admin:org credentials in some script - this is a "no go."
So, my question is, how can I fully automate the generation of this Github token (which is generated for everyone in the instructions page without any admin privileges)?
After a lot of try and catches it seems I found an answer. What is work for me is generating token for repository and not generating token for repository in organization.
According to Github documentation: Create a registration token for a repository this is a POST request you must send from Github CLI for example:
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
/repos/OWNER/REPO/actions/runners/registration-token
and according to documentation:
OWNER
string
Required
The account owner of the repository. The name is not case sensitive.
REPO
string
Required
The name of the repository. The name is not case sensitive.
So I put my organization name as an OWNER and not my username and voila ! it is worked !
so - instead sending request as:
/repos/my_user_name/REPO/actions/runners/registration-token
I send it as:
/repos/my_organization_name/REPO/actions/runners/registration-token
and immediately get a valid token back.
Background:
In Github, we have a shared project which can be updated by all the teams. In this project we have a lot of files belong to one or multiple teams. We can identify a file belong to which team by checking the files(.py) header, like:
# protected-by: teamA, teamB
Now, I am working on protecting the file by adding the teamA and teamB as must reviewers when anyone send a PR having updates on the file.
Problem
So far, I can use CircleCI to detect the changed files, extract the protectors list and set them as reviewers by using Github API like this:
curl --location --request POST -u $GH_USER:$GH_TOKEN \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/OWNER/PROJECT/pulls/${pr_number}/requested_reviewers \
-d "{\"team_reviewers\":[$reviewers]}"
The problem is the reviewers I added are not must reviewers like CODEOWNER, users still could be able to merge without protectors' review. So I am thinking is there anyway to make PR must be reviewed by some reviewers, otherwise can not be merged by using Github API or other methods?
I'm trying to update the permission of collaborators across all repos in a Github Organisation. The collaborators are also Organisation members. I want to change permisssion from admin to pull (read). Unable to do so using the github api (v3). Tried with the go package github.com/google/go-github/v28/github and also CURL like mentioned in the doc . Got 204 No Content Response but the changes did not happen.
curl -H "Authorization: token $TOKEN" https://github.com/api/v3/repos/$ORG/$REPO/collaborators/$USER -X PUT -d '{"permission":"pull"}'
Is there any other better way to change the collaborator permissions from admin to pull ?
Please note: the same api allows to change the permission if they are Outside Collaborators (non organisation members)
Usually one must click link "Invite teams or people" after accessing "https://github.com///settings/access" in a web browser.
But, I wish to do this through a command line interface, because I must invite
many persons. Is it possible?
You could use the GitHub API in order to add a collaborator
PUT /repos/:owner/:repo/collaborators/:username
See for instance here:
curl -H "Authorization: token YOUR_TOKEN" "https://api.github.com/repos/YOUR_USER_NAME/YOUR_REPO/collaborators/COLLABORATOR_USER_NAME" -X PUT -d '{"permission":"admin"}'
With permission level being one of:
pull - can pull, but not push to or administer this repository.
push - can pull and push, but not administer this repository.
admin - can pull, push and administer this repository.
maintain - Recommended for project managers who need to manage the repository without access to sensitive or destructive actions.
triage - Recommended for contributors who need to proactively manage issues and pull requests without write access.
(default is "push")
Update Sept. 2020, considering GitHub CLI gh is now 1.0, it could be a good feature to add (a kind of gh repo invite)
In the meantime, you can use gh pi to make a similar API call, automatically authenticated, with -f to add POST fields.
gh api repos/YOUR_USER_NAME/YOUR_REPO/collaborators/COLLABORATOR_USER_NAME" -f '{"permission":"admin"}'
An alternative using hub:
1- Check all users with permissions in your repo:
hub api --flat 'repos/YOUR_USER_OR_ORGANIZATION_NAME/YOUR_REPO/collaborators' | grep -E 'login|permissions'
2- Give permission to an user :
hub api 'repos/YOUR_USER_OR_ORGANIZATION_NAME/YOUR_REPO/collaborators/COLLABORATOR_USER_NAME' -H X:PUT -H d:'{"permission":"admin"}'
You can use the github cli or call the github api directly through curl. In this example I add a member to a company repo using the github cli:
gh api "orgs/$target_repo/teams/$team/repos/$target_repo/$repo_new_name" -X PUT -f permission=admin
Also see the docs: https://docs.github.com/en/rest/reference/teams#add-or-update-team-repository-permissions
For your situation you can use this endpoint:
https://docs.github.com/en/rest/reference/repos#add-a-repository-collaborator
I’m trying to use the Github v3 API - I already implemented the required OAuth flow and it works well.
Now I’m trying some of the Repos API endpoints (http://developer.github.com/v3/repos/).
So far, I’m able to get a List of my repos using: GET /user/repos
However, when I try to create a repo using POST /user/repos, I get a 404.
Any thoughts what I might be doing wrong?
Joubert
Can you please tell us how exactly you did the HTTP request? The 404 sounds like you were using a wrong path, probably. But to give a reliable answer instead a wild guess, we need to see your request, including how you are sending your token, just mask it with 'xxx' or something.
I'll show you in the meantime an example request, that is working:
curl -XPOST -H 'Authorization: token S3CR3T' https://api.github.com/user/repos -d '{"name":"my-new-repo","description":"my new repo description"}'
You would need to replace the OAuth token of course: S3CR3T
I had the same issue. The reason why you are getting a 404 with your oauth access token is that when you authorize to github you need to also additionally pass the scopes you want. For example, in the header you should see "X-OAuth-Scopes: repo, user", which means this user has read/write access to his profile and repositories. Once you have set the correct scopes you should be able to do POST/PUT requests just fine.
To see whether or not you have the correct permissions. You can do something like the following. Substitute the XXXXXXX with your access token.
curl -I https://api.github.com/user?access_token=XXXXXXXX
For creating repositories as a user you can use an personal access token and basic auth, which can be much simpler when you are fluffing around on the command line and have 2FA enabled.
curl -d '{"name":"test"}' -u githubuser:personaccesstoken https://api.github.com/user/repos
Create a personal access token here https://github.com/settings/tokens and make sure it has the 'repo' scope.
This script lets you read in in the token and project name as variables so you can use it in a script
#!/usr/bin/env bash -u
#
TOKEN=`cat token_file`
PROJECT=myproject
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -d '{"name": "'"$PROJECT"'"}' https://api.github.com/user/repos?access_token=$TOKEN