Automate Your GitHub Access: Script for Read/Write Repository Permissions

Mihir SuratwalaMihir Suratwala
4 min read

Table of contents

Last Blog Review

In the last blog we understood, the use of echo with double parenthesis, expr, and use of basic calculator in shell scripting.

Scenario →

Say we have a GitHub repository. And I am owning & monitoring that repository. This means all the activity happening on that repository is under my control for ex. which user has read/write access to repository. Which pipeline gets trigger when some changes happen in code of the repository, likewise.

So, one of my employee comes and says that he wants to know which users have the access to the repository. And such information is required on weekly basis. Or say one of my employee wants to keep a track of the PR made every to the GitHub repository.

Solution →

Now if we need to do same task again and again every week, why not automate with a script. As we will run the script and get the desired information from the repository. So, instead of going on to the repository via. console(UI/UX) again and again, we will write a shell script that will fetch us this information as and when we want.

Lets understand how -

  1. For our shell script to get the information from the GitHub repository, we will require our script to be integrated with the GitHub. To communicate with any
    applications there are 2 ways "API" and "CLI". "API" is the most traditional way which is used by multiple languages to communicate with applications.

  2. Now as a DevOps engineer we dont need to create "API" but we use the "API". And when an API is created, there is a "API reference" page given for it so that the
    DevOps Engineers get to know how to use the "API" i.e. what is the URL of the API.

  3. Now when you are working in a organization and you own a repository then you can see which users have the access to the repository. Go to the Settings -> Collaborators and teams -> Manage access where you can see the users

    Now for personal use you can create an org. by yourself in the repository. I have created one as "DevOpsWithMihir" which has a repository called as "Entry_Form" So, I will write a shell script to get the user list from DevOpsWithMihir Org's "Entry_Form" repository which i own. The GitHub REST API to pull requests is "https://api.github.com/repos/OWNER/REPO/collaborators"

ShellScript

i-abcdefgh1342 (Linux)
---------------------------
ubuntu@ip-172-----:~$ vim list_user.sh
ubuntu@ip-172-----:~$ cat list-user.sh 
#!/bin/bash

# GitHub API URL
API_URL="https://api.github.com"

# GitHub username and personal access token
USERNAME=$username
TOKEN=$token

# User and Repository information
REPO_OWNER=$1
REPO_NAME=$2

# Function to make a GET request to the GitHub API
function github_api_get {
    local endpoint="$1"
    local url="${API_URL}/${endpoint}"

    # Send a GET request to the GitHub API with authentication
    curl -s -u "${USERNAME}:${TOKEN}" "$url"
}

# Function to list users with read access to the repository
function list_users_with_read_access {
    local endpoint="repos/${REPO_OWNER}/${REPO_NAME}/collaborators"

    # Fetch the list of collaborators on the repository
    collaborators="$(github_api_get "$endpoint" | jq -r '.[] | select(.permissions.pull == true) | .login')"

    # Display the list of collaborators with read access
    if [[ -z "$collaborators" ]]; then
        echo "No users with read access found for ${REPO_OWNER}/${REPO_NAME}."
    else
        echo "Users with read access to ${REPO_OWNER}/${REPO_NAME}:"
        echo "$collaborators"
    fi
}

# Main script

echo "Listing users with read access to ${REPO_OWNER}/${REPO_NAME}..."
list_users_with_read_access
ubuntu@ip-172-----:~$ 
ubuntu@ip-172-----:~$ chmod 777 list-user.sh
ubuntu@ip-172-----:~$ export username="DevOpsWithMihir"          -> Here we should put the org. name as username
ubuntu@ip-172-----:~$ export token="****"                        -> Here put the Personal access token
ubuntu@ip-172-----:~$ sudo apt install jq -y
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
jq is already the newest version (1.7.1-3build1).
jq set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
ubuntu@ip-172-31-18-124:~$ ./list-user.sh DevOpsWithMihir Entry_Form
Listing users with read access to DevOpsWithMihir/Entry_Form...
Users with read access to DevOpsWithMihir/Entry_Form:
mihirsuratwala7
ubuntu@ip-172-31-18-124:~$

Conclusion

In the this blog we understood, how to write a shell script to get the read/write access of users to the github repository.

💡
That’s a wrap for today’s post! I hope this has given you some valuable insights. Be sure to explore more articles on our blog for further tips and advice. See you in the next post!
0
Subscribe to my newsletter

Read articles from Mihir Suratwala directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Mihir Suratwala WritesAzureAWSCloudCloud ComputingDevopsDevOps Journey#Devopscommunityec2Linuxautomationshell scriptBloggingTrendingHashnode

Written by

Mihir Suratwala
Mihir Suratwala

Hi, How are you !! Hope you doing good.... I got introduced to Cloud initially. As I went ahead learning what is cloud and how it works, then got to know a field which is DevOps that makes Cloud model more effective. So, as I started working & got good experience on AWS. I have been learning the DevOps tool and technologies on how to use it with the Cloud, which will give me good understanding on how Cloud and DevOps go hand in hand to deploy my applications.