feat: Add script to generate contributor repo lists

2025-07-10 02:06:16 -07:00 · 2025-07-10 02:06:16 -07:00 · 13b871cbb2
commit 13b871cbb2
parent 6a6bfb5d12
5 changed files with 208 additions and 0 deletions
--- a/github_access_scripts/README.md
+++ b/github_access_scripts/README.md
@ -0,0 +1,63 @@
+# GitHub Access Scripts
+
+This directory contains scripts to check user access to GitHub repositories.
+
+## Setup
+
+1.  **Create `accounts.json`:** Before running the scripts, you need to create an `accounts.json` file in the root of this project. This file should contain an array of GitHub accounts, each with a username and a personal access token (PAT).
+
+    *Example `accounts.json`:*
+    ```json
+    [
+      {
+        "user": "your_github_username",
+        "token": "your_personal_access_token"
+      },
+      {
+        "user": "another_github_username",
+        "token": "another_personal_access_token"
+      }
+    ]
+    ```
+
+2.  **Permissions:** The personal access tokens require the `repo` scope to read repository information and collaborator lists.
+
+> **Security Warning:** Storing personal access tokens in a plaintext file is a security risk. If this file is ever exposed, your accounts could be compromised. For better security, consider using environment variables or a dedicated secrets management tool to handle these credentials.
+
+## Usage
+
+Make sure the scripts are executable before running them:
+```bash
+chmod +x github_access_scripts/check_repo_access.sh
+chmod +x github_access_scripts/list_user_repos.sh
+```
+
+### `check_repo_access.sh`
+
+This script checks if a specific user has collaborator access to a single, specified repository.
+
+**Command:**
+```bash
+./github_access_scripts/check_repo_access.sh <GITHUB_USER_NAME> <REPO_FULL_NAME>
+```
+
+**Example:**
+```bash
+./github_access_scripts/check_repo_access.sh DARKenergem saravanakumardb/vv-note-mcp-agent-intern-naman
+```
+
+### `list_user_repos.sh`
+
+This script attempts to list all repositories a given user has access to, by scanning through the repositories of the accounts listed in `accounts.json`.
+
+**Note:** This script has limitations. It only checks for access on repositories that the authenticated users (from `accounts.json`) are members of. It may not find all repositories a user has access to if they have access to repos outside of those organizations/users. For checking access to a *specific* repository, `check_repo_access.sh` is more reliable.
+
+**Command:**
+```bash
+./github_access_scripts/list_user_repos.sh <GITHUB_USER_NAME>
+```
+
+**Example:**
+```bash
+./github_access_scripts/list_user_repos.sh DARKenergem
+```
--- a/github_access_scripts/check_repo_access.sh
+++ b/github_access_scripts/check_repo_access.sh
@ -0,0 +1,33 @@
+#!/bin/bash
+
+# Check if GITHUB_USER_NAME and REPO_FULL_NAME are provided
+if [ -z "$1" ] || [ -z "$2" ]; then
+  echo "Usage: $0 <GITHUB_USER_NAME> <REPO_FULL_NAME>"
+  echo "Example: $0 DARKenergem saravanakumardb/vv-note-mcp-agent-intern-naman"
+  exit 1
+fi
+
+GITHUB_USER_NAME="$1"
+REPO_FULL_NAME="$2"
+ACCOUNTS_FILE="accounts.json"
+
+# Check if accounts.json exists
+if [ ! -f "$ACCOUNTS_FILE" ]; then
+  echo "Error: $ACCOUNTS_FILE not found."
+  exit 1
+fi
+
+# Use the first account in accounts.json for authentication
+USER=$(jq -r '.[0].user' "$ACCOUNTS_FILE")
+TOKEN=$(jq -r '.[0].token' "$ACCOUNTS_FILE")
+
+echo "Checking access for $GITHUB_USER_NAME on repo $REPO_FULL_NAME using account $USER"
+
+# Get collaborators for the repo
+COLLABORATORS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/repos/$REPO_FULL_NAME/collaborators" | jq -r '.[].login')
+
+if echo "$COLLABORATORS" | grep -q "$GITHUB_USER_NAME"; then
+  echo "  - $GITHUB_USER_NAME has access to $REPO_FULL_NAME"
+else
+  echo "  - $GITHUB_USER_NAME does not have access to $REPO_FULL_NAME"
+fi
--- a/github_access_scripts/list_user_repos.sh
+++ b/github_access_scripts/list_user_repos.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+
+# Check if GITHUB_USER_NAME is provided
+if [ -z "$1" ]; then
+  echo "Usage: $0 <GITHUB_USER_NAME>"
+  exit 1
+fi
+
+GITHUB_USER_NAME="$1"
+ACCOUNTS_FILE="accounts.json"
+
+# Check if accounts.json exists
+if [ ! -f "$ACCOUNTS_FILE" ]; then
+  echo "Error: $ACCOUNTS_FILE not found."
+  exit 1
+fi
+
+# Loop through each account in accounts.json
+jq -c '.[]' "$ACCOUNTS_FILE" | while read -r account; do
+  USER=$(echo "$account" | jq -r '.user')
+  TOKEN=$(echo "$account" | jq -r '.token')
+
+  echo "Scanning repos for account: $USER"
+
+  # Get all repos for the user
+  REPOS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/user/repos?type=all&per_page=100" | jq -r '.[].full_name')
+
+  for REPO in $REPOS; do
+    # Get collaborators for each repo
+    COLLABORATORS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/repos/$REPO/collaborators" | jq -r '.[].login')
+    if echo "$COLLABORATORS" | grep -q "$GITHUB_USER_NAME"; then
+      echo "  - $GITHUB_USER_NAME has access to $REPO"
+    fi
+  done
+done
--- a/github_repo_scanners/create_contributor_repo_lists.sh
+++ b/github_repo_scanners/create_contributor_repo_lists.sh
@ -0,0 +1,50 @@
+#!/bin/bash
+
+ACCOUNTS_FILE="accounts.json"
+OUTPUT_DIR="contributor_repos"
+
+# Check if accounts.json exists
+if [ ! -f "$ACCOUNTS_FILE" ]; then
+  echo "Error: $ACCOUNTS_FILE not found."
+  exit 1
+fi
+
+# Create output directory
+mkdir -p "$OUTPUT_DIR"
+
+# Use a temporary directory to store repo lists for each contributor
+TMP_DIR=$(mktemp -d)
+trap 'rm -rf "$TMP_DIR"' EXIT
+
+# Loop through each account in accounts.json
+jq -c '.[]' "$ACCOUNTS_FILE" | while read -r account; do
+  USER=$(echo "$account" | jq -r '.user')
+  TOKEN=$(echo "$account" | jq -r '.token')
+
+  echo "Scanning repos for account: $USER"
+
+  # Get all repos for the user
+  REPOS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/user/repos?type=all&per_page=100" | jq -r '.[].full_name')
+
+  for REPO in $REPOS; do
+    echo "  - Processing repo: $REPO"
+    # Get contributors for each repo
+    CONTRIBUTORS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/repos/$REPO/contributors" | jq -r '.[].login')
+
+    for CONTRIBUTOR in $CONTRIBUTORS; do
+      # Append the repo to the contributor's list
+      echo "$REPO" >> "$TMP_DIR/$CONTRIBUTOR"
+    done
+  done
+done
+
+# Process the temporary files to create the final JSON files
+for contributor_file in "$TMP_DIR"/*; do
+  CONTRIBUTOR_LOGIN=$(basename "$contributor_file")
+  echo "Creating JSON for contributor: $CONTRIBUTOR_LOGIN"
+
+  # Sort and unique the repo list, then format as a JSON array
+  sort -u "$contributor_file" | jq -R . | jq -s . > "$OUTPUT_DIR/${CONTRIBUTOR_LOGIN}.json"
+done
+
+echo "Contributor repository lists have been created in the '$OUTPUT_DIR' directory."
--- a/github_repo_scanners/create_user_repo_lists.sh
+++ b/github_repo_scanners/create_user_repo_lists.sh
@ -0,0 +1,27 @@
+#!/bin/bash
+
+ACCOUNTS_FILE="accounts.json"
+
+# Check if accounts.json exists
+if [ ! -f "$ACCOUNTS_FILE" ]; then
+  echo "Error: $ACCOUNTS_FILE not found."
+  exit 1
+fi
+
+# Loop through each account in accounts.json
+jq -c '.[]' "$ACCOUNTS_FILE" | while read -r account; do
+  USER=$(echo "$account" | jq -r '.user')
+  TOKEN=$(echo "$account" | jq -r '.token')
+
+  echo "Fetching repos for account: $USER"
+
+  # Get all repos the user has access to (owner, collaborator, org member)
+  # and format the output as a JSON array.
+  curl -s -H "Authorization: token $TOKEN" "https://api.github.com/user/repos?type=all&per_page=100" | \
+jq -r '[.[] | .full_name]' > "${USER}.json"
+
+  echo "Successfully created ${USER}.json"
+done
+
+echo "All user repository lists have been created."
+