refactor: ✨ (#418)

* refactor: ✨ move in one commit Eveything in modules should probably be changed to `exported` defs. The idea is to move everything first to keep proper history. * refactor: 📝 add modules readme (wip) * refactor: ✨ small move * refactor: 📝 changed nestring, updated modules readme * refactor: 📝 to document or not to document * fix: 🐛 themes replaced the template to use `main` and regenerated them from lemnos themes. * Revert "fix: 🐛 themes" This reverts commit 4918d3633c8d2d81950a0ed0cfd9eb84241bc886. * refactor: ✨ introduce sourced - Created a source `root` in which sourcable demos are stored. Some might get converted to modules later on. - Moved some files to bin too. * fix: 🐛 fehbg.nu * fix: 🐛 modules/after.nu * moved some other stuff around --------- Co-authored-by: Darren Schroeder <343840+fdncred@users.noreply.github.com>
2025-08-01 06:37:46 +00:00 · 2023-04-26 00:56:25 +02:00 · 2023-04-26 00:56:25 +02:00 · c47ccd42b8
commit c47ccd42b8
parent 382696cd21
128 changed files with 185 additions and 12 deletions
--- a/sourced/github/branch-protections/README.md
+++ b/sourced/github/branch-protections/README.md
@ -0,0 +1,12 @@
+# Branch Protections
+
+### Definition
+
+Do you have hundreds or thousands of GitHub repositories in your organization? Are you tired of manually managing their branch protection rules? Don't! Let nushell do it for you!
+
+### Setup
+1. Replace placeholder data in .nu script with your own (or remove the appropriate fields if you don't need to i.e push to repo from action)
+1. Create a repo in your organization account to store the github action
+1. Push both the attached script and the github action to the repo
+### Possible future improvements
+* Instead of cron run the script on repository creation event (once org level actions become a thing in GitHub)
--- a/sourced/github/branch-protections/branch-protections.nu
+++ b/sourced/github/branch-protections/branch-protections.nu
@ -0,0 +1,42 @@
+#!/usr/bin/env nu
+let protections = {
+    required_status_checks: {
+        strict: true
+        checks: [
+            {
+                context: 'YOUR CHECK HERE'
+                app_id: YOUR APP ID HERE
+            }
+        ]
+    }
+    required_pull_request_reviews: {
+        dismiss_stale_reviews: true
+        require_code_owner_reviews: true
+        bypass_pull_request_allowances: {
+            apps: [
+                YOUR APP HERE
+            ]
+        }
+    }
+    restrictions: {
+        users: []
+        teams: []
+        apps: [
+           YOUR APP HERE
+        ]
+    }
+    enforce_admins: true
+    required_linear_history: true
+    require_conversation_resolution: true
+    allow_deletions: false
+    allow_force_pushes: false
+}
+gh api $"orgs/($env.OWNER)/repos"
+|from json
+|select name default_branch
+|each {|repo|
+    echo $"Setting branch restrictions for ($repo.name)"
+    $protections
+    |to json
+    |gh api -X PUT $"repos/($env.OWNER)/($repo.name)/branches/($repo.default_branch)/protection" --input -
+}
--- a/sourced/github/branch-protections/branch-protections.yml
+++ b/sourced/github/branch-protections/branch-protections.yml
@ -0,0 +1,25 @@
+---
+name: Add branch protections to all repositories
+'on':
+  schedule:
+    - cron: '0 * * * *'
+  workflow_dispatch:
+
+defaults:
+  run:
+    shell: nu {0}
+
+jobs:
+  set-branch-restrictions:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Setup Nu
+        uses: hustcer/setup-nu@main
+        with:
+          version: '0.64.0'
+      - run: ./branch-protections.nu
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OWNER: ${{ github.repository_owner }}