|
1 | 1 | #!/bin/bash |
2 | 2 |
|
3 | | -# credits: @andyfeller |
4 | | - |
5 | | -# gh cli's token needs to be able to admin org - run this first if it can't |
6 | | -# gh auth refresh -h github.com -s admin:org |
7 | | - |
8 | | -gh api orgs/joshjohanning-org/hooks | jq --arg newSecret "SECRET" 'map({ name: .name, active: .active, events: .events, config: (.config | .secret=$newSecret) })' |
9 | | -[ |
10 | | - { |
11 | | - "name": "web", |
12 | | - "active": true, |
13 | | - "events": [ |
14 | | - "push" |
15 | | - ], |
16 | | - "config": { |
17 | | - "content_type": "json", |
18 | | - "insecure_ssl": "0", |
19 | | - "secret": "SECRET", |
20 | | - "url": "https://smee.io/abcdefg" |
21 | | - } |
| 3 | +# Creates an organization webhook |
| 4 | +# because of a weird quirk with webhooks, and webhooks with CLI token can only be managed with CLI, |
| 5 | +# recommended to run this with PAT and not OAuth token from GH CLI |
| 6 | + |
| 7 | +# Usage: ./create-organization-webhook.sh <org> <webhook-url> <secret> [events...] |
| 8 | +# Example: ./create-organization-webhook.sh joshjohanning-org https://smee.io/abcdefg mySecret push issues |
| 9 | + |
| 10 | +if [ $# -lt 3 ]; then |
| 11 | + echo "Usage: $0 <org> <webhook-url> <secret> [events...]" |
| 12 | + echo "Example: $0 joshjohanning-org https://smee.io/abcdefg mySecret push issues" |
| 13 | + echo "" |
| 14 | + echo "Default events: push" |
| 15 | + echo "Common events: push, issues, pull_request, release, create, delete" |
| 16 | + exit 1 |
| 17 | +fi |
| 18 | + |
| 19 | +ORG="$1" |
| 20 | +WEBHOOK_URL="$2" |
| 21 | +SECRET="$3" |
| 22 | +shift 3 |
| 23 | +EVENTS=("$@") |
| 24 | + |
| 25 | +# Default to push event if no events specified |
| 26 | +if [ ${#EVENTS[@]} -eq 0 ]; then |
| 27 | + EVENTS=("push") |
| 28 | +fi |
| 29 | + |
| 30 | +# Check token type |
| 31 | +TOKEN_TYPE=$(gh auth status --show-token 2>&1 | grep -o "gho_[a-zA-Z0-9_]*\|ghp_[a-zA-Z0-9_]*\|github_pat_[a-zA-Z0-9_]*" | head -1) |
| 32 | +if [[ "$TOKEN_TYPE" == gho_* ]]; then |
| 33 | + echo "❌ Error: You're using an OAuth token (gho_*). Due to GitHub API limitations," |
| 34 | + echo " webhooks created with OAuth tokens can only be managed via the CLI." |
| 35 | + echo " Consider using a Personal Access Token (ghp_*) instead." |
| 36 | + exit 1 |
| 37 | +elif [[ "$TOKEN_TYPE" == ghp_* ]]; then |
| 38 | + echo "✅ Using Personal Access Token (ghp_*) - recommended for webhook management" |
| 39 | + echo "" |
| 40 | +elif [[ "$TOKEN_TYPE" == github_pat_* ]]; then |
| 41 | + echo "✅ Using Fine-grained Personal Access Token (github_pat_*) - recommended for webhook management" |
| 42 | + echo "" |
| 43 | +else |
| 44 | + echo "⚠️ Could not determine token type. Proceeding anyway..." |
| 45 | + echo "" |
| 46 | +fi |
| 47 | + |
| 48 | +# Build events array for JSON |
| 49 | +EVENTS_JSON=$(printf '"%s",' "${EVENTS[@]}" | sed 's/,$//') |
| 50 | + |
| 51 | +echo "Creating webhook for organization: $ORG" |
| 52 | +echo "URL: $WEBHOOK_URL" |
| 53 | +echo "Events: ${EVENTS[*]}" |
| 54 | +echo "" |
| 55 | + |
| 56 | +gh api orgs/"$ORG"/hooks --method POST --input - <<EOF |
| 57 | +{ |
| 58 | + "name": "web", |
| 59 | + "active": true, |
| 60 | + "events": [$EVENTS_JSON], |
| 61 | + "config": { |
| 62 | + "content_type": "json", |
| 63 | + "insecure_ssl": "0", |
| 64 | + "secret": "$SECRET", |
| 65 | + "url": "$WEBHOOK_URL" |
22 | 66 | } |
23 | | -] |
| 67 | +} |
| 68 | +EOF |
0 commit comments