feat: optionally create missing .github / .github-private repos before sync#71
Merged
Merged
Conversation
…e sync
Adds three new opt-in inputs (and matching per-org overrides in orgs.yml):
- create-missing-dot-github-repos (bool, default false)
- dot-github-repo-visibility (default 'public')
- dot-github-private-repo-visibility (default 'private')
When opted in, syncDotGithubRepo distinguishes a true 404 from 403 at the
repo GET, creates the missing repo via POST /orgs/{org}/repos with
auto_init: true at the chosen visibility, then continues the normal
sync flow. New 'dot-github-create' / 'dot-github-private-create'
sub-result kinds make bootstrap visible in the job summary.
Specific 422 from POST repos with public visibility (EMU / restricted
GHEC) is caught and surfaced with an actionable message pointing at
the 'internal' visibility override. Dry-run logs 'Would create repo ...'
and skips the rest of the sync for that repo.
Adds README docs (incl. administration:write requirement) and 11 new
unit tests covering opt-in / opt-out / 403 / 422 / dry-run /
per-org visibility override / invalid enum.
Fixes #60
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds an explicit opt-in flow to bootstrap missing special org repositories (.github / .github-private) before attempting the existing file-sync PR workflow, keeping the default behavior non-destructive (still warns + skips on missing repos unless opted in).
Changes:
- Adds new action/org-config inputs to enable repo creation on true
404and to control visibility for newly created.github/.github-privaterepos. - Extends the
.githubsync flow to optionally create the repo (withauto_init: true) and records new*-createsub-result kinds for job summaries. - Updates README documentation and adds Jest coverage for the new behaviors (opt-in/out, 403 vs 404, dry-run, visibility validation, and EMU-style 422 handling).
Show a summary per file
| File | Description |
|---|---|
src/index.js |
Implements new inputs/config plumbing, visibility validation, new summary kinds, and the create-on-404 flow in .github sync. |
action.yml |
Adds the three new action inputs with defaults and descriptions. |
README.md |
Documents the new opt-in behavior, permissions requirement, and new inputs in the inputs table. |
__tests__/index.test.js |
Adds tests covering repo creation behavior, dry-run, error splits, and per-org overrides/validation. |
package.json |
Bumps version to 1.11.0 for the new feature. |
package-lock.json |
Updates lockfile version field to match the package version bump. |
badges/coverage.svg |
Updates the generated coverage badge. |
Copilot's findings
- Files reviewed: 5/7 changed files
- Comments generated: 4
Normalize empty visibility values to undefined, use the correct visibility input name in the 422 guidance for .github-private, and standardize administration permission formatting in docs. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Fall back to repo-specific defaults after visibility normalization so empty options never produce undefined API payloads or log messages. Clarify README guidance for repo-specific 422 visibility warnings. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
📦 Draft Release CreatedA draft release v1.11.0 has been created for this PR. Next Steps
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #60
Adds an explicit opt-in path to bootstrap missing
.github/.github-privaterepositories before syncing files, instead of silently skipping with a warning. Defaults preserve today's non-destructive behavior.New action inputs
create-missing-dot-github-reposfalsedot-github-repo-visibilitypublicpublic,private,internal.dot-github-private-repo-visibilityprivateAll three are also settable per-org in
orgs.yml, with the same enum validation.Behavior
404from the repo GET.403keeps today's permission-warning path untouched (isPermissionLikeFetchErroris unchanged; the split happens at the call site insyncDotGithubRepo).POST /orgs/{org}/reposwithauto_init: trueso the immediateGET /git/ref/heads/{default_branch}doesn't 409 on an empty repo. After creation, the existing sync flow runs against the new repo'sdefault_branch.422from create withvisibility: publicis caught and surfaced as a friendly, actionable warning pointing the user atdot-github-repo-visibility: internal. No silent retry.Would create repo {org}/{repo} (visibility: {v}), records adot-github-create"would" sub-result, and skips the rest of the sync for that repo (you can't sync against a nonexistent repo).dot-github-createanddot-github-private-createare distinct from the existing*-synckinds, so bootstrap is obvious in the job summary.Permissions
Creating repos requires
administration: writeat the org level for the GitHub App, in addition to the existingcontents: write. Documented in the README.Testing
npm run allclean: prettier, eslint, 401/401 jest tests pass, ncc bundle built.11 new tests added covering:
404still produces existing warning; no create call.404: create call invoked with the right payload (POST /orgs/{org}/repos,auto_init: true, chosen visibility); sync flow proceeds;dot-github-createsub-result recorded.403: existing warning path; no create call.422from create withpublic: friendly error mentioningdot-github-repo-visibility: internal; failed sub-result.404:Would create…sub-result; no API write; sync skipped..github-privatepath: usesdot-github-private-createkind.secret): rejected at call boundary.orgs.yml: visibility,create-missing-dot-github-repospropagation, invalid enum, non-boolean rejection.Files changed
action.yml— 3 new inputssrc/index.js— input parsing, per-org config, sub-result labels,syncDotGithubRepocreate flowREADME.md— new section +administration: writecallout + inputs table__tests__/index.test.js— 11 new testspackage.json—1.10.1→1.11.0