Skip to content

Instantly share code, notes, and snippets.

@stbenjam
Created July 26, 2018 19:07
Show Gist options
  • Save stbenjam/67bfb2d253cd09d0385996f2d7e2fdd8 to your computer and use it in GitHub Desktop.
Save stbenjam/67bfb2d253cd09d0385996f2d7e2fdd8 to your computer and use it in GitHub Desktop.
Finds the users in your orgs who have commit but no 2FA enabled
#!/usr/bin/env ruby
require 'octokit'
require 'set'
ORGS = %w[catello].freeze
unless ENV['GITHUB_TOKEN']
puts 'You must specify a github token in the GITHUB_TOKEN environment variable.'
exit 1
end
client = Octokit::Client.new(access_token: ENV['GITHUB_TOKEN'])
comitters = Set.new
disabled = Set.new
ORGS.each do |org|
puts "Processing organization #{org}"
disabled |= client.organization_members(org, filter: '2fa_disabled').map(&:login)
puts "#{disabled.count} members in #{org} do not have 2FA enabled. Finding out which have commit..."
client.repos(org).map(&:full_name).each do |repo|
puts "Processing repo #{repo}"
comitters |= client.collaborators(repo).select { |u| u[:permissions][:push] || u[:permissions][:admin] }.map(&:login)
end
end
print "\nThe following users with admin or push access do NOT have 2FA enabled for their account:\n "
print (comitters & disabled).to_a.join("\n ")
print "\n"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment