Last active
January 12, 2021 08:25
-
-
Save sfowl/cb3ba9f935064aa0d68baa06155a6e67 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/bash | |
# prereqs and token code written by Joel Smith | |
allprereqs=1 | |
for i in cat shyaml hub jq curl git; do | |
if ! command -v $i &> /dev/null; then | |
echo $? | |
echo "Missing prerequisite: $i" | |
allprereqs=0 | |
fi | |
done | |
[ "$allprereqs" = "1" ] || exit 1 | |
token="$(shyaml get-value github\\.com.0.oauth_token < ~/.config/hub)" | |
[ $? -eq 0 ] || { echo unable to get GitHub token from ~/.config/hub; exit 1; } | |
# Path to directory container target OWNERS + SECURITY_CONTACTS in checked out repo | |
DIR_PATH=$1 | |
cat <<EOF > /tmp/all_psc_usernames | |
cjcullen | |
cji | |
joelsmith | |
lukehinds | |
micahhausler | |
swamymsft | |
tallclair | |
philips | |
jessfraz | |
jonpulsifer | |
liggitt | |
EOF | |
OWNERS_FILE="$DIR_PATH/OWNERS" | |
SEC_CONTACTS_FILE="$DIR_PATH/SECURITY_CONTACTS" | |
OWNERS_ALIASES_FILE=/tmp/owners_aliases | |
shyaml keys aliases < OWNERS_ALIASES > $OWNERS_ALIASES_FILE | |
# Remove Aliases from approvers, limit security contacts to individuals | |
APPROVERS=$(shyaml get-values approvers < $OWNERS_FILE | grep -v -F -f $OWNERS_ALIASES_FILE) | |
# Remove PSC members from existing security contacts | |
NON_PSC_CONTACTS=$(grep -v -F -f /tmp/all_psc_usernames $SEC_CONTACTS_FILE | sed 's/^#.*//') | |
# Add approvers to new security contacts | |
NEW_SEC_CONTACTS=$(echo "$NON_PSC_CONTACTS $APPROVERS" | tr " " "\n" | sort -u) | |
# whitespace convention differs across OWNERS | |
PREFIX=$(grep -o -m1 -E '^[^\-]*\-' $OWNERS_FILE | sed 's/\-//') | |
echo -e "\nsecurity_contacts:" | |
for u in $NEW_SEC_CONTACTS; do | |
# Include email from github profile, can be 'null' | |
email=$(curl -s -H "Authorization: token $token" https://api.github.com/users/$u | jq -r .email | sed 's/\@/\ at\ /; s/\./\ dot\ /g;') | |
# email=FOO | |
echo "$PREFIX- github: $u" | |
echo "$PREFIX email: $email" | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment