{"id":20696824,"url":"https://github.com/actionsdesk/admin-support-issueops-actions","last_synced_at":"2025-07-25T19:41:05.136Z","repository":{"id":36965007,"uuid":"363930090","full_name":"ActionsDesk/admin-support-issueops-actions","owner":"ActionsDesk","description":"✏️ 🔒 Issue ops template automation that allows someone to become an admin of an organization during a short period of time","archived":false,"fork":false,"pushed_at":"2025-02-18T18:46:53.000Z","size":2101,"stargazers_count":12,"open_issues_count":0,"forks_count":9,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-29T18:41:30.601Z","etag":null,"topics":["actions","issue-ops","template-repository"],"latest_commit_sha":null,"homepage":"https://github.com/services","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ActionsDesk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-03T12:57:39.000Z","updated_at":"2025-02-18T18:46:57.000Z","dependencies_parsed_at":"2024-01-16T18:58:42.233Z","dependency_job_id":"193a59c5-5ff7-4e02-8a6b-e1ae7c3d83c5","html_url":"https://github.com/ActionsDesk/admin-support-issueops-actions","commit_stats":null,"previous_names":[],"tags_count":3,"template":true,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ActionsDesk%2Fadmin-support-issueops-actions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ActionsDesk%2Fadmin-support-issueops-actions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ActionsDesk%2Fadmin-support-issueops-actions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ActionsDesk%2Fadmin-support-issueops-actions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ActionsDesk","download_url":"https://codeload.github.com/ActionsDesk/admin-support-issueops-actions/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250321435,"owners_count":21411573,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","issue-ops","template-repository"],"created_at":"2024-11-17T00:15:31.418Z","updated_at":"2025-04-22T20:43:49.028Z","avatar_url":"https://github.com/ActionsDesk.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Administration Support IssueOps\n\nThis repository contains automation that allows the support team of an\norganization to use [IssueOps](https://issue-ops.github.io/docs/) to request\ntemporary elevation of their access to perform tasks that require administrative\npermission. All the operations done during the process are reported as part of\nthe audit log of the user. Closing the issue removes the permission.\n\n[![Code Coverage](./badges/coverage.svg)](./badges/coverage.svg)\n\n## v2 Migration\n\nThere are a number of major changes in the v2 release of this action.\nSpecifically:\n\n- The CLI component has been removed in favor of using the\n [`@github/local-action`](https://github.com/github/local-action) utility\n- The action is now using Node.js v20\n- The action inputs have been updated to not require multiple runs to parse and\n then invoke the correct command\n\nWhen migrating, please refer to the\n[example workflows](./.github/workflow-examples) for the correct usage of the\naction.\n\n## Setup\n\nTo use this action in your own organization(s), follow the below steps:\n\n1. Create a\n [Personal Access Token (PAT)](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-personal-access-token-classic)\n with `admin:org` and `repo` write permissions\n\n \u003e [!NOTE]\n \u003e\n \u003e It is **highly** recommended to use a machine user for this purpose, not a\n \u003e personal account.\n\n1. Clone this repository into your organization\n1. In your cloned repository, create a\n [GitHub Actions secret](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)\n named `PAT` using the token you created previously\n1. Move the following workflow files from the `.github/workflow-examples/`\n directory to the `.github/workflows/` directory:\n - [`check-workflow.yml`](./.github/workflows/check-workflow.yml)\n - [`demotion-workflow.yml`](./.github/workflows/demotion-workflow.yml)\n - [`promotion-workflow.yml`](./.github/workflows/promotion-workflow.yml)\n1. Update the `DEMOTION_ERROR_NOTIFY` environment variable in the following\n workflow files:\n - [`demotion-workflow.yml`](./.github/workflows/demotion-workflow.yml)\n1. Update the `ALLOWED_ORGS` environment variable in the following workflow\n files:\n\n - [`check-workflow.yml`](./.github/workflows/check-workflow.yml)\n - [`demotion-workflow.yml`](./.github/workflows/demotion-workflow.yml)\n - [`promotion-workflow.yml`](./.github/workflows/promotion-workflow.yml)\n\n This should be see to a comma-separated list of the organizations where you\n want to allow to use this automation (and the `PAT` you created can acess)\n\n ```yaml\n env:\n ALLOWED_ORGS: 'octo-org,octo-org2'\n ```\n\n1. Commit and push the changes to your repository\n1. [Enable GitHub Actions](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository)\n in the repository\n\n As this automation provides admin access to organizations, you may only want\n certain teams to be able to fill issues in.\n\n1. Enable\n [repositorty rulesets](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets)\n so only certain users can access the repository\n1. Grant `read` permission to any users or teams who will need to be able to\n create issues in the repository\n1. Set the repository visibility to `private`, not `internal`\n\n## Automation\n\nTo request the permission:\n\n1. Open an issue using the\n [template](https://github.com/ActionsDesk/admin-support-issueops-actions/issues/new?template=request_admin_permission.yml)\n provided in this repository\n\n | Field | Description |\n | ------------ | ------------------------------------------------- |\n | Organization | Organization where you want to be promoted |\n | Description | Expanation of why this request is being submitted |\n | Ticket | ID of a related ticket in your support system |\n | Duration | Duration in hours that you need the permission |\n\n The completed form will look like the following:\n\n ```markdown\n ### Organization\n\n octo-org\n\n ### Description\n\n A user requires to be added to a team and nobody else can give him access\n\n ### Ticket\n\n 1234\n\n ### Duration\n\n 1\n ```\n\n1. Once the issue is created, a GitHub Actions workflow will trigger providing\n you with temporary access to perform your task(s)\n1. Once you have completed your task(s), close the issue to revoke your access\n automatically\n1. All the actions performed as an admin will be audited and added to the\n repository, so be cautious of the changes done in the organization\n\n\u003e [!IMPORTANT]\n\u003e\n\u003e The duration requested will be approximate and has a ~1h error. We recommend\n\u003e to close the issue when the task is completed.\n\n## Development\n\n### CLI Usage\n\nThe [`@github/local-action`](https://github.com/github/local-action) utility can\nbe used to test your action locally. It is a simple command-line tool that\n\"stubs\" (or simulates) the GitHub Actions Toolkit. This way, you can run your\naction locally without having to commit and push your changes to a repository.\n\nThe `local-action` utility can be run in the following ways:\n\n- Visual Studio Code Debugger\n\n Make sure to review and, if needed, update\n [`.vscode/launch.json`](./.vscode/launch.json)\n\n- Terminal/Command Prompt\n\n ```bash\n cd admin-support-cli\n\n # npx local-action \u003caction-yaml-path\u003e \u003centrypoint\u003e \u003cdotenv-file\u003e\n npx local-action . src/main.ts .env\n ```\n\nYou can provide a `.env` file to the `local-action` CLI to set environment\nvariables used by the GitHub Actions Toolkit. For example, setting inputs and\nevent payload data used by your action. For more information, see the example\nfile, [`.env.example`](./admin-support-cli/.env.example), and the\n[GitHub Actions Documentation](https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables).\n\nAdditionally, this `local-action` CLI can make use of mock webhook payloads. You\ncan provide a JSON file path for the `GITHUB_EVENT_PATH` environment variable in\nthe `.env` file. For a minimal example that can be used with this action, see\n[`issue_payload.example.json`](./admin-support-cli/issue_payload.example.json).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Factionsdesk%2Fadmin-support-issueops-actions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Factionsdesk%2Fadmin-support-issueops-actions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Factionsdesk%2Fadmin-support-issueops-actions/lists"}