Skip to main content

Manage a GitHub Organization, its teams, repository permissions, and more

Project description

GitHub Organization Manager

Test suites REUSE status The latest version of GitHub Org Manager can be found on PyPI. Information on what versions of Python GitHub Org Manager supports can be found on PyPI.

A lightweight tool that helps with managing a GitHub organization, its members, teams, repository permissions and more.

The basic principle: all settings reside in YAML configuration files which will be made effective during a run of this tool.

Features

  • Manage GitHub organization owners
  • Manage GitHub teams, their members, maintainers and settings
  • Support of parent/child teams
  • Manage teams' permissions on organizations' repositories
  • Invite members to the organization if they aren't part of it yet
  • Warn about unmanaged teams
  • Warn about organization members who are not part of any team
  • Handle individual collaborator permissions to repositories

The tool's philosophy:

  • All relevant configuration shall happen in the YAML configuration files, no actions in GitHub UI shall be necessary.
  • All repository permissions shall be managed by team membership. Outside collaborators and individual permissions are discouraged.
  • All teams shall be managed by this tool. While it can deal with unmanaged teams, it's not a priority and may cause warnings.

Are you missing a feature? Please check whether it's already posted as an issue, and create one of this isn't the case.

Install

Dependencies: Python 3.10 or newer

To install: pip3 install github-org-manager

You may also want to consider using helpers such as pipx to avoid a dependency mess on your system.

Afterwards, the tool is executable with the command gh-org-mgr. The --help flag informs you about the required and available commands.

Configuration

Inside config/example, you can find an example configuration that shall help you to understand the structure:

  • app.yaml: Configuration necessary to run this tool and controlling some behaviour
  • org.yaml: Organization-wide configuration
  • teams/*.yaml: Configuration concerning the teams of your organization.

You may also be interested in the live configuration of the OpenRail Association's organization.

Authentication via token or app

As this tool issues many API requests (both on REST and GraphQL API), authentication is highly recommended. This is supported via personal access tokens of a user (PAT) or a GitHub App which you can setup yourself.

Access tokens and apps need the following permissions:

  • Repository permissions
    • Administration: read and write
    • Metadata: read
  • Organization permissions:
    • Administration: read and write
    • Members: read and write

You can set the required secrets in config/app.yaml or via environment variables (GITHUB_TOKEN or GITHUB_APP_ID and GITHUB_APP_PRIVATE_KEY).

Run the program

You can execute the program using the command gh-org-mgr. gh-org-mgr --help shows all available arguments and options.

Synchronisation examples:

  • gh-org-mgr sync -c myorgconf: synchronize the settings of the GitHub organization with your local configuration in the given configuration path (myorgconf). This may create new teams, remove/add members, and change permissions.
  • gh-org-mgr sync -c myorgconf --dry: as above, but do not make any modification. Perfect for testing your local configuration and see its potential effects.
  • gh-org-mgr sync -c myorgconf --debug: the first example, but show full debugging information.

Setup team examples:

  • gh-org-mgr setup-team -n "My Team Name" -c myorgconf: Bootstrap a team configuration for this team name. Will create a file myorgconf/teams/my-team-name.yaml, or provide options if this file already exists.
  • gh-org-mgr setup-team -n "My Team Name" -f path/to/myteam.yaml: Bootstrap a team configuration for this team name and will force to write it in the given file. If the file already exists, offer some options.

License

The content of this repository is licensed under the Apache 2.0 license.

There may be components under different, but compatible licenses or from different copyright holders. The project is REUSE compliant which makes these portions transparent. You will find all used licenses in the LICENSES directory.

The project is has been started by the OpenRail Association. You are welcome to contribute!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

github_org_manager-0.7.11.tar.gz (26.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

github_org_manager-0.7.11-py3-none-any.whl (29.8 kB view details)

Uploaded Python 3

File details

Details for the file github_org_manager-0.7.11.tar.gz.

File metadata

  • Download URL: github_org_manager-0.7.11.tar.gz
  • Upload date:
  • Size: 26.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for github_org_manager-0.7.11.tar.gz
Algorithm Hash digest
SHA256 66678c92f18727e93853a0711fe334abec4bd5ba5d17b03b8a8c1161a8cd5cec
MD5 ecaf2df163a0872033738791ad285a96
BLAKE2b-256 b19e7bce52dbab18cf1ea5feefd80fb8de8e89dbd429b55de313174fa7f52b28

See more details on using hashes here.

Provenance

The following attestation bundles were made for github_org_manager-0.7.11.tar.gz:

Publisher: publish.yaml on OpenRailAssociation/github-org-manager

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file github_org_manager-0.7.11-py3-none-any.whl.

File metadata

File hashes

Hashes for github_org_manager-0.7.11-py3-none-any.whl
Algorithm Hash digest
SHA256 0d0491e6e0a4388f5b2ab3494c4e31990c379e01ad6683b4eb005602bb9ba026
MD5 6f510d74e6ee5683e36a5b62ea95375c
BLAKE2b-256 9bb3cbc8a36b87980a97fa259999913d22efedb3efb7046e43f612feff015251

See more details on using hashes here.

Provenance

The following attestation bundles were made for github_org_manager-0.7.11-py3-none-any.whl:

Publisher: publish.yaml on OpenRailAssociation/github-org-manager

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page