Automating GitHub Org Invitations

Rizèl Scarlett - Feb 14 '22 - - Dev Community

Quick Recap:

I work at a non-profit called G{Code} (in addition to working at GitHub). Since working at GitHub, I realized I could store course materials in a repository rather than reaching storage limits in Google Drive. I wanted people to collaborate with me and join my GitHub organization with little to no facilitation on my side. Still, I didn't want anyone harmful to join the organization. I've been building a GitHub App with Probot to solve the problem.

So far, I've completed the following steps:

Today, I will programmatically add the actor to the organization.

I ask the potential organization member a few questions to vet the requests in the open issue. The questions are below:

  • What is your current involvement with G{Code}?
  • Which repository do you want to contribute to?
  • Why do you want to contribute to that repository?

I plan that if the user responds to the questions and the responses pass my criteria, I'll respond with a comment that automatically adds them to the org.

First, I created a team.

I think it's easier to control permissions if I group collaborators. I created a team named 'mentors' by clicking the 'Teams' tab on my organization's GitHub page.

Screenshot of creating a team

Then, I updated the permissions

I want my app to subscribe to issue comment events.

Image description

Then, I made my app listen for an approval comment.

Restructuring my index.js file

First, I had to figure out how my app could listen to two webhook events. I changed the structure of my application for this to work. I restructured my index.js to listen to multiple events. In the screenshot below, you can see that my app is now listening for comments and stars.

Image description

I moved the logic for handling stars

Now that my app is listening for different events, it's cleaner to move the logic for handling stars into a new file. That logic initially lived in the index.js file, but I made a file called webhook-handlers/handle-starring.js to hold that logic. I also had to export the function to reference it in the index.js file. See below:

Image description

I created a file to handle the comments

I named the file webhook-handlers/handle-comments-on-issue.js and grabbed the comment's payload.

Image description

I checked for comments specific comments

I didn't care to run functions on every single comment. I only wanted to handle comments that fit this specific criterion:

  • I authored the comment
  • The comment's body said "approved"

Checking the comment’s author

Here's how I checked to see if I was the comment's author. I added my GitHub handle in an array (just in case I had one or two more people I could eventually entrust to approve incoming requests). I retrieved the comment author from the comment payload. Then, I wrote a conditional statement to check if the comment's author matches one of the names in the array.

Note: I probably didn't need to create an array of authorized approvers in hindsight. Perhaps, there's a property in the payload to find the repository's owner, but I didn't do that.

Image description

Checking the comment’s body

If I wrote the comment, the GitHub App checks the comment's body. I convert the comment to uppercase using comment.body.toUpperCase() for consistency.

Image description

Then, I added the user to a team

Getting the user’s handle

First, I needed the handle of the user who starred the repo. I wasn't sure how to determine who starred the repo. If there were multiple issues opened and multiple stars, it's hard to find the relevant context. I ultimately decided to grab the user's handle from the issue's title like this: context.payload.issue.title. This returned the title: “Pending invitation for @rizel-botany”, and I used regex to isolate the username like this: context.payload.issue.title.match(/\@(.*)/).

Approving

Now that I have the user's handle and I'm checking for my comments with the exact words "approved," I can call a function that adds a user to the team. I used octokit to interact with GitHub's API and make a PUT request to add the user to my' mentors' team. This method sends an invitation to the user. Once the user accepts the request, they will be a member of the mentors team in my GitHub organization.

Image description

Image description

In my next blog post, I'll talk about transforming this locally running Probot application into a serverless Probot application.

Want to learn more about automating with GitHub? Follow GitHub and me (@blackgirlbytes) on DEV for more content. I'll try to post daily!

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .