enable workflow at organization level (#88)

* enable workflow at organization level * added more error checking * added README, minor fixes * added support for specifying repo list * skip repo checks, started writing test * dynamically pull latest workflow file * cleanup * test file resources * reverted to statically storing workflow file * removed token * updated readme * skip repo upon failure instead of exiting * renamed global var Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
ossf · Feb 23, 2022 · 8c3e2c2 · 8c3e2c2
1 parent 07d3fdb
commit 8c3e2c2
Show file tree

Hide file tree

Showing 6 changed files with 688 additions and 0 deletions.
diff --git a/multi-repo-action/README.md b/multi-repo-action/README.md
@@ -0,0 +1,18 @@
+# Enable OSSF Scorecard Action at an Organization Level
+
+This tool will add the [OpenSSF's Scorecard workflow](https://github.com/ossf/scorecard-action) to all accessible repositories under a given organization. A PR will be created so that owners can decide whether or not they want to include the workflow.
+
+## Setup
+
+Running this tool requires three parameters, which are defined at the top of `org-workflow-add.go`:
+1. ORG_NAME - the name of the organization for which the workflow should be enabled.
+2. PAT - a Personal Access Token with the following scopes:
+    - `repo > public_repo`
+    - `admin:org > read:org`
+3. REPO_LIST (OPTIONAL) - repository names under the organization that the workflow should be added to. If not provided, every repository will be updated.
+
+Another PAT should also be defined as an organization secret for `scorecards-analysis.yml` using steps listed in [scorecard-action](https://github.com/ossf/scorecard-action#pat-token-creation).
+
+## Execution
+
+Execute this process by running `go run org-workflow-add.go` in the command line. Output will be produced for each successfully updated repository.
diff --git a/multi-repo-action/go.mod b/multi-repo-action/go.mod
@@ -0,0 +1,20 @@
+module github.com/ossf/scorecard-actions/cli
+
+go 1.17
+
+require (
+	github.com/google/go-github/v42 v42.0.0
+	github.com/migueleliasweb/go-github-mock v0.0.6
+	golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8
+)
+
+require (
+	github.com/golang/protobuf v1.4.2 // indirect
+	github.com/google/go-github/v41 v41.0.0 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/gorilla/mux v1.8.0 // indirect
+	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
+	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.25.0 // indirect
+)