From 484d7e5251d25f50c1187365b9603be6be6054bb Mon Sep 17 00:00:00 2001 From: Matěj Cepl Date: Tue, 14 Feb 2023 19:48:05 +0100 Subject: Preserve shell history --- gh-clone.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100755 gh-clone.sh diff --git a/gh-clone.sh b/gh-clone.sh new file mode 100755 index 0000000..2a2687e --- /dev/null +++ b/gh-clone.sh @@ -0,0 +1,12 @@ +#!/bin/bash +USERNAME=$(git config github.user) +PASSWORD=$(pass show dev/github.com|awk '/^token:/ {print $2}') +ORGANIZATION="openSUSE-Python" + + + +curl -s -u mcepl:$PASSWORD --json "{ \"organization\": \"$ORGANIZATION\" }" https://api.github.com/repos/JimmXinu/FanFicFare/forks |tee /tmp/curl-output.json +git remote update +git remote -v +git remote add github (curl -s -u mcepl:(pass show dev/github.com|awk '/^token:/ {print $2}') https://api.github.com/repos/JimmXinu/FanFicFare/forks -d ''|awk -F '"' '/clone_url/ {print $4 ; exit}') +git remote set-url --push github (curl -s -u mcepl:(pass show dev/github.com|awk '/^token:/ {print $2}') https://api.github.com/repos/JimmXinu/FanFicFare/forks -d ''|awk -F '"' '/ssh_url/ {print $4 ; exit}') -- cgit From 7a21420a25904703d0e1ed4fc3f39961c5932fe2 Mon Sep 17 00:00:00 2001 From: Matěj Cepl Date: Tue, 14 Feb 2023 20:14:51 +0100 Subject: First tests --- gh-clone.sh | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/gh-clone.sh b/gh-clone.sh index 2a2687e..4f3fc64 100755 --- a/gh-clone.sh +++ b/gh-clone.sh @@ -1,12 +1,26 @@ #!/bin/bash +set -eux + USERNAME=$(git config github.user) PASSWORD=$(pass show dev/github.com|awk '/^token:/ {print $2}') ORGANIZATION="openSUSE-Python" +cd /home/pymirrors/repos/ + +ORIG_REPO="$1" + +GH_TMP_DATA=$(mktemp /tmp/gh_data.XXXXXX.json) || exit 1 +trap 'rm -f "${GH_TMP_DATA}"' EXIT +git clone "https://github.com/${ORIG_REPO}.git" +cd "$(basename ${ORIG_REPO})" -curl -s -u mcepl:$PASSWORD --json "{ \"organization\": \"$ORGANIZATION\" }" https://api.github.com/repos/JimmXinu/FanFicFare/forks |tee /tmp/curl-output.json +curl -s -u "${USERNAME}:${PASSWORD}" \ + --json "{ \"organization\": \"${ORGANIZATION}\" }" \ + "https://api.github.com/repos/${ORIG_REPO}/forks" >"${GH_TMP_DATA}" +git remote add github \ + "$(awk -F '"' '/clone_url/ {print $4 ; exit}' "${GH_TMP_DATA}")" +git remote set-url --push github \ + "$(awk -F '"' '/ssh_url/ {print $4 ; exit}' "${GH_TMP_DATA}")" git remote update git remote -v -git remote add github (curl -s -u mcepl:(pass show dev/github.com|awk '/^token:/ {print $2}') https://api.github.com/repos/JimmXinu/FanFicFare/forks -d ''|awk -F '"' '/clone_url/ {print $4 ; exit}') -git remote set-url --push github (curl -s -u mcepl:(pass show dev/github.com|awk '/^token:/ {print $2}') https://api.github.com/repos/JimmXinu/FanFicFare/forks -d ''|awk -F '"' '/ssh_url/ {print $4 ; exit}') -- cgit From 7886d6d785444d54383c35fa1da7ac5b0863aece Mon Sep 17 00:00:00 2001 From: Matěj Cepl Date: Tue, 14 Feb 2023 23:22:03 +0100 Subject: More robust handling of arguments. --- gh-clone.sh | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/gh-clone.sh b/gh-clone.sh index 4f3fc64..1cefa32 100755 --- a/gh-clone.sh +++ b/gh-clone.sh @@ -8,15 +8,28 @@ cd /home/pymirrors/repos/ ORIG_REPO="$1" +# Argument can be both full URL as well as just owner/reponame string +if [[ "$ORIG_REPO" =~ "http" ]]; then + OR="${ORIG_REPO##*.com/}" + ORIG_REPO="${OR%%.git}" +fi + GH_TMP_DATA=$(mktemp /tmp/gh_data.XXXXXX.json) || exit 1 trap 'rm -f "${GH_TMP_DATA}"' EXIT +DIRNAME="$(basename "${ORIG_REPO}")" +NEW_REPO="${ORGANIZATION}/${DIRNAME}" + +# Repository has been already checked out +[ -d "$DIRNAME" ] && exit 0 + git clone "https://github.com/${ORIG_REPO}.git" -cd "$(basename ${ORIG_REPO})" +cd "${DIRNAME}" curl -s -u "${USERNAME}:${PASSWORD}" \ - --json "{ \"organization\": \"${ORGANIZATION}\" }" \ + --json "{ \"organization\": \"${ORGANIZATION}\" , \ + \"default_branch_only\": \"true\" }" \ "https://api.github.com/repos/${ORIG_REPO}/forks" >"${GH_TMP_DATA}" git remote add github \ "$(awk -F '"' '/clone_url/ {print $4 ; exit}' "${GH_TMP_DATA}")" -- cgit From c8464d17de51ba92e0cdef149d131f1d0e3e4be8 Mon Sep 17 00:00:00 2001 From: Matěj Cepl Date: Wed, 15 Feb 2023 00:19:09 +0100 Subject: Set some attributes of new repository Also, don't use user specific credential helpers, but git-credentials(1) --- gh-clone.sh | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/gh-clone.sh b/gh-clone.sh index 1cefa32..76e7787 100755 --- a/gh-clone.sh +++ b/gh-clone.sh @@ -1,8 +1,6 @@ #!/bin/bash set -eux -USERNAME=$(git config github.user) -PASSWORD=$(pass show dev/github.com|awk '/^token:/ {print $2}') ORGANIZATION="openSUSE-Python" cd /home/pymirrors/repos/ @@ -27,10 +25,31 @@ git clone "https://github.com/${ORIG_REPO}.git" cd "${DIRNAME}" -curl -s -u "${USERNAME}:${PASSWORD}" \ +# Get credentials +CREDS=$(echo 'url=https://github.com/${ORIG_REPO}.git'|git credential fill) +PASSWORD=$(awk -F= '/password/ { print $2 ; exit }') + +# Fork repository +curl -s -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${PASSWORD}" \ --json "{ \"organization\": \"${ORGANIZATION}\" , \ \"default_branch_only\": \"true\" }" \ "https://api.github.com/repos/${ORIG_REPO}/forks" >"${GH_TMP_DATA}" + +# Set defaults of the repository (we have to first switch alerts on, to switch off fixes) +curl -s -X PUT -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${PASSWORD}" \ + "https://api.github.com/repos/${NEW_REPO}/vulnerability-alerts" +curl -s -X DELETE -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${PASSWORD}" \ + "https://api.github.com/repos/${NEW_REPO}/automated-security-fixes" +curl -s -X DELETE -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${PASSWORD}" \ + "https://api.github.com/repos/${NEW_REPO}/vulnerability-alerts" + +# Set the main branch protected +# DEF_BRANCH=$(awk -F '"' '/default_branch/ {print $4; exit}' "${GH_TMP_DATA}") +# Somehow doesn't work FIXME +# curl -s -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${PASSWORD}" \ +# "https://api.github.com/repos/${NEW_REPO}/branches/${DEF_BRANCH}/protection/enforce_admins" + +# Set remotes correctly git remote add github \ "$(awk -F '"' '/clone_url/ {print $4 ; exit}' "${GH_TMP_DATA}")" git remote set-url --push github \ -- cgit From ce071d4a5db215cce8417162a6d50bb3060c57e1 Mon Sep 17 00:00:00 2001 From: Matěj Cepl Date: Wed, 15 Feb 2023 01:02:29 +0100 Subject: Actually, we cannot switch to git-credentials. git-credential(1) cannot provide anything else than login/password duo, and we need GH personal access token. --- gh-clone.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/gh-clone.sh b/gh-clone.sh index 76e7787..04c3f3d 100755 --- a/gh-clone.sh +++ b/gh-clone.sh @@ -26,8 +26,13 @@ git clone "https://github.com/${ORIG_REPO}.git" cd "${DIRNAME}" # Get credentials -CREDS=$(echo 'url=https://github.com/${ORIG_REPO}.git'|git credential fill) -PASSWORD=$(awk -F= '/password/ { print $2 ; exit }') +# This is still not sufficiently general: git-credential(1) cannot provide +# anything else than login/password duo, and we need GH personal access +# token. +# PASSWORD=$(echo 'url=https://github.com/${ORIG_REPO}.git'|git credential fill| \ +# awk -F= '/password/ { print $2 ; exit }') +# So, I use this directly, but it is not general enough +PASSWORD=$(pass show dev/github.com|awk '/^token:/ {print $2}') # Fork repository curl -s -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${PASSWORD}" \ -- cgit