ghctl is both a command-line utility for GitHub, and a GitHub Action that allows you to use the utility in your GitHub Actions workflows.
NOTE: ghctl is in early development and is not quite ready for production use. However, please feel free to try it out and provide feedback!
ghctl currently requires a GitHub Personal Access Token (PAT) with at least the following scopes:
read:orgrepo (full control)read:userYou can provide the access token to ghctl in one of the following ways:
$GITHUB_TOKEN environment variable--access-token optionYou can download the latest release binary (built for Debian Bookworm / Ubuntu 22.04 ) from the Releases page, using the GitHub CLI (gh) or just curl:
gh release download -R gitsudo-io/ghctl --pattern ghctl
curl -L https://github.com/gitsudo-io/ghctl/releases/download/v0.1.3/ghctl > ghctl
Then make the file executable (chmod u+x ghctl) and place it in your $PATH.
To install the ghctl binary using Cargo, you will need to have Rust 1.66.0 or later installed (rustup).
bash
cargo install ghctl
To build and install the ghctl binary locally, you will need to have Rust 1.66.0 or later installed (rustup).
Clone this repository
bash
git clone https://github.com/gitsudo-io/ghctl.git
Build and install the ghctl binary
bash
cargo install --path ghctl
ghctl repo get "{owner}/{repo}" will retrieve information about the specified GitHub repository and output it as JSON.
bash
$ ghctl repo get gitsudo-io/ghctl --access-token $GITHUB_TOKEN
ghctl repo get gitsudo-io/ghctl
{
"id": 647928865,
"node_id": "R_kgDOJp6cIQ",
"name": "ghctl",
"full_name": "gitsudo-io/ghctl",
"owner": {
"login": "gitsudo-io",
"id": 121780924,
...
ghctl repo apply "{owner}/{repo}" --config-file {config_file} will read the specified YAML configuration file and apply it to the specified GitHub repository.
The configuration file should be a YAML file and currently supports the following sections:
yaml
teams:
{team-slug}: {permission}
Where {team-slug} is the team slug on GitHub, and {permission} is one of pull, triage, push, maintain, or admin.
Example:
yaml
teams:
a-team: maintain
When applied to a repository, will grant the a-team team maintain permissions on the repository.
yaml
collaborators:
{username}: {permission}
Where {username} is the GitHub username, and {permission} is one of pull, triage, push, maintain, or admin.
Example:
yaml
collaborators:
aisrael: admin
yaml
environments:
{environment}:
reviewers:
- {username}, or
- {org}/{team-slug}
Where {environment} is the name of the deployment environment, {username} is the GitHub username, or, if {org}/{team-slug} is given, then it references a GitHub organization and team.
When applied to a repository, will create the deployment environment and configure its reviewers accordingly.
Given a gitsudo.yaml file containing:
yaml
teams:
a-team: maintain
collaborators:
aisrael: admin
environments:
gigalixir:
reviewers:
- aisrael
- gitsudo-io/a-team
When we execute:
bash
$ ghctl repo config apply gitsudo-io/gitsudo --access-token ${GHCTL_ACCESS_TOKEN} -F gitsudo.yaml
[2023-06-06T01:47:11Z INFO ] Added team a-team with permission Maintain to repository gitsudo-io/gitsudo
[2023-06-06T01:47:11Z INFO ] Updated collaborator aisrael with permission admin to repository gitsudo-io/gitsudo
[2023-06-06T01:47:11Z INFO ] Created deployment environment gigalixir in repository gitsudo-io/gitsudo
[2023-06-06T01:47:11Z INFO ] Applied configuration to gitsudo-io/gitsudo
GitHub Action for ghctl
| Name | Description | Required | Default | |------|-------------------|----------|---------| | args | Program arguments | Required | |
gitsudo-io/ghctl is also a GitHub Action that allows you to use the ghctl utility in your GitHub Actions workflows.
For example, given the following workflow:
```yaml name: Configure ghctl repository on: push: workflow_dispatch:
jobs: ghctl-repo-config-apply: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: gitsudo-io/ghctl@main with: args: repo config apply gitsudo-io/gitsudo --access-token ${{ secrets.GHCTLACCESSTOKEN }} -F gitsudo.yaml ```
Then executing the workflow above will perform the equivalent of the earlier command.