Skip to content

feat: enhance organization webhook creation script #114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 23, 2025
Merged

feat: enhance organization webhook creation script #114

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
85 changes: 65 additions & 20 deletions gh-cli/create-organization-webhook.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,68 @@
#!/bin/bash

# credits: @andyfeller

# gh cli's token needs to be able to admin org - run this first if it can't
# gh auth refresh -h github.com -s admin:org

gh api orgs/joshjohanning-org/hooks | jq --arg newSecret "SECRET" 'map({ name: .name, active: .active, events: .events, config: (.config | .secret=$newSecret) })'
[
{
"name": "web",
"active": true,
"events": [
"push"
],
"config": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "SECRET",
"url": "https://smee.io/abcdefg"
}
# Creates an organization webhook
# because of a weird quirk with webhooks, and webhooks with CLI token can only be managed with CLI,
# recommended to run this with PAT and not OAuth token from GH CLI

# Usage: ./create-organization-webhook.sh <org> <webhook-url> <secret> [events...]
# Example: ./create-organization-webhook.sh joshjohanning-org https://smee.io/abcdefg mySecret push issues

if [ $# -lt 3 ]; then
echo "Usage: $0 <org> <webhook-url> <secret> [events...]"
echo "Example: $0 joshjohanning-org https://smee.io/abcdefg mySecret push issues"
echo ""
echo "Default events: push"
echo "Common events: push, issues, pull_request, release, create, delete"
exit 1
fi

ORG="$1"
WEBHOOK_URL="$2"
SECRET="$3"
shift 3
EVENTS=("$@")

# Default to push event if no events specified
if [ ${#EVENTS[@]} -eq 0 ]; then
EVENTS=("push")
fi

# Check token type
TOKEN_TYPE=$(gh auth status --show-token 2>&1 | grep -o "gho_[a-zA-Z0-9_]*\|ghp_[a-zA-Z0-9_]*\|github_pat_[a-zA-Z0-9_]*" | head -1)
if [[ "$TOKEN_TYPE" == gho_* ]]; then
echo "❌ Error: You're using an OAuth token (gho_*). Due to GitHub API limitations,"
echo " webhooks created with OAuth tokens can only be managed via the CLI."
echo " Consider using a Personal Access Token (ghp_*) instead."
exit 1
elif [[ "$TOKEN_TYPE" == ghp_* ]]; then
echo "✅ Using Personal Access Token (ghp_*) - recommended for webhook management"
echo ""
elif [[ "$TOKEN_TYPE" == github_pat_* ]]; then
echo "✅ Using Fine-grained Personal Access Token (github_pat_*) - recommended for webhook management"
echo ""
else
echo "⚠️ Could not determine token type. Proceeding anyway..."
echo ""
fi

# Build events array for JSON
EVENTS_JSON=$(printf '"%s",' "${EVENTS[@]}" | sed 's/,$//')

echo "Creating webhook for organization: $ORG"
echo "URL: $WEBHOOK_URL"
echo "Events: ${EVENTS[*]}"
echo ""

gh api orgs/"$ORG"/hooks --method POST --input - <<EOF
{
"name": "web",
"active": true,
"events": [$EVENTS_JSON],
"config": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "$SECRET",
"url": "$WEBHOOK_URL"
}
]
}
EOF