{"id":50902106,"url":"https://github.com/michidk/orcastrate","last_synced_at":"2026-06-16T03:32:26.574Z","repository":{"id":349387339,"uuid":"1202135998","full_name":"michidk/orcastrate","owner":"michidk","description":"🐬 Stop copy-pasting workflow files across repos. Define canonical templates once, sync them everywhere, and get PRs when repos drift.","archived":false,"fork":false,"pushed_at":"2026-06-15T13:48:59.000Z","size":1808,"stargazers_count":5,"open_issues_count":5,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-15T15:25:24.933Z","etag":null,"topics":["continuous-integration","github-actions","github-administration","github-config","rust","templates"],"latest_commit_sha":null,"homepage":"https://github.com/michidk/orcastrate","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michidk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-04-05T16:39:35.000Z","updated_at":"2026-05-16T08:48:04.000Z","dependencies_parsed_at":"2026-05-21T13:02:42.186Z","dependency_job_id":null,"html_url":"https://github.com/michidk/orcastrate","commit_stats":null,"previous_names":["michidk/orcastrate"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/michidk/orcastrate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michidk%2Forcastrate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michidk%2Forcastrate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michidk%2Forcastrate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michidk%2Forcastrate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michidk","download_url":"https://codeload.github.com/michidk/orcastrate/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michidk%2Forcastrate/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34390052,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["continuous-integration","github-actions","github-administration","github-config","rust","templates"],"created_at":"2026-06-16T03:32:24.761Z","updated_at":"2026-06-16T03:32:26.566Z","avatar_url":"https://github.com/michidk.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\".github/images/thumbnail.png\" alt=\"Orcastrate — GitHub Actions Orchestrator for Organizations\" width=\"800\"\u003e\n\u003c/p\u003e\n\n\u003e [!NOTE]\n\u003e Stop copy-pasting workflow files across repos. Define canonical templates once, sync them everywhere, and get PRs when repos drift.\n\n## How it works\n\n```\norchestrator repo\n├── orchestrator.toml          # which repos to manage\n├── templates/\n│   ├── rust-ci.yml            # Tera-powered workflow templates\n│   ├── node-ci.yml\n│   └── pr-title.yml\n└── .github/workflows/\n    └── sync.yml               # scheduled Action that runs orcastrate\n```\n\nOrcastrate runs as a scheduled GitHub Action in your central orchestrator repo. On each run it:\n\n1. Reads your repo list from `orchestrator.toml`\n2. Scans each repo's `.github/workflows/` for files with `@orcastrate` frontmatter\n3. Renders the referenced template with the declared params\n4. Compares the rendered output against the current file\n5. Opens one PR per drifted workflow\n\n## Managed workflow frontmatter\n\nWorkflow files opt in to management via a comment block at the top:\n\n```yaml\n# @orcastrate\n# template: rust-ci\n# params:\n#   toolchain: stable\n#   features: [\"serde\", \"async\"]\n# @end-orcastrate\n\nname: CI\non: [push]\n# ... rest of workflow managed by orcastrate\n```\n\nOnly files with this block are touched. Everything else is ignored.\n\n## Quick start\n\n### 1. Create the orchestrator repo\n\nCreate a new repo in your org (e.g. `myorg/workflow-orchestrator`).\n\n### 2. Add config\n\n```toml\n# orchestrator.toml\n\n[orchestrator]\ntemplates_dir = \"templates\"\n\n[[repos]]\nname = \"myorg/service-api\"\n\n[[repos]]\nname = \"myorg/service-web\"\n```\n\n### 3. Add a template\n\n```yaml\n# templates/rust-ci.yml\n\nname: CI\non:\n  push:\n    branches: [{{ default_branch | default(value=\"main\") }}]\n  pull_request:\n    branches: [{{ default_branch | default(value=\"main\") }}]\n\njobs:\n  test:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: dtolnay/rust-toolchain@{{ toolchain | default(value=\"stable\") }}\n      - run: cargo test --all-features\n```\n\n### 4. Set up the scheduled Action\n\n```yaml\n# .github/workflows/sync.yml\n\nname: Orcastrate Sync\non:\n  schedule:\n    - cron: \"0 8 * * 1-5\"\n  workflow_dispatch:\n\npermissions:\n  contents: write\n  pull-requests: write\n\njobs:\n  sync:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: michidk/orcastrate@v0\n        with:\n          orcastrate-token: ${{ secrets.ORCASTRATE_TOKEN }}\n          github-token: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### 5. Add frontmatter to target repos\n\nIn each managed repo, add the frontmatter block to workflow files:\n\n```yaml\n# @orcastrate\n# template: rust-ci\n# params:\n#   toolchain: stable\n# @end-orcastrate\n\nname: CI\n# ... orcastrate will manage the rest\n```\n\n## CLI usage\n\n```\norcastrate sync                  # sync all repos, open PRs for drift\norcastrate sync --dry-run        # see what would change without modifying anything\norcastrate sync --repo org/repo  # sync a single repo\norcastrate validate              # check config + templates are valid\norcastrate drift                 # check drift status without creating PRs\norcastrate list-repos            # show configured + discovered repos\norcastrate list-templates        # show available templates\n```\n\nVerbosity: `-v` for debug, `-vv` for trace, `-q` for quiet.\n\n## Configuration\n\n### `orchestrator.toml`\n\n```toml\n[orchestrator]\ntemplates_dir = \"templates\"        # where templates live\nbranch_prefix = \"orcastrate/sync\"  # PR branch prefix\npr_label = \"orcastrate\"            # label added to PRs\ndry_run = false                    # global dry-run toggle\n\n[[repos]]\nname = \"myorg/repo-a\"\n\n[[repos]]\nname = \"myorg/repo-b\"\nenabled = false                    # temporarily skip\n\n# auto-discover repos by org topic\n[discovery]\norg = \"myorg\"\ntopic = \"managed-workflows\"\n```\n\n### Template params\n\nTemplates use [Tera](https://keats.github.io/tera/) (Jinja2-style) syntax. Params declared in frontmatter are injected at render time:\n\n```yaml\n# @orcastrate\n# template: rust-ci\n# params:\n#   toolchain: nightly\n#   features: [\"serde\", \"tokio\"]\n#   default_branch: develop\n# @end-orcastrate\n```\n\nTemplates can use defaults: `{{ toolchain | default(value=\"stable\") }}`\n\n## Authentication\n\nOrcastrate uses two tokens for different operations:\n\n| Operation | Token | Why |\n|---|---|---|\n| Git writes (tree, commit, ref) | `ORCASTRATE_TOKEN` | Needs `workflows` scope for `.github/workflows/` files |\n| PR creation, labels | `GITHUB_TOKEN` | PRs appear as `github-actions[bot]` |\n\n### Setup\n\n1. Create a **fine-grained PAT** with permissions: Contents (R/W), Pull requests (R/W), Workflows (R/W)\n2. Add it as a repo secret named `ORCASTRATE_TOKEN`\n3. `GITHUB_TOKEN` is provided automatically by GitHub Actions\n\n### GitHub App (recommended for orgs)\n\nFor org-wide use, create a GitHub App instead of a PAT:\n\n- **Repository contents**: Read \u0026 Write\n- **Pull requests**: Read \u0026 Write\n- **Workflows**: Read \u0026 Write\n\nInstall it on your org, then set:\n- `ORCASTRATE_APP_ID`\n- `ORCASTRATE_PRIVATE_KEY`\n- `ORCASTRATE_INSTALLATION_ID`\n\n## What gets PRed\n\nWhen orcastrate detects drift, it opens **one PR per workflow file**:\n- Branch: `orcastrate/sync/{workflow-name}` (e.g. `orcastrate/sync/pr-title`)\n- Title: ``chore(ci): sync `pr-title` from template `pr-title` ``\n- Unified diff in the PR body\n- The `orcastrate` label for easy filtering\n\nIf a PR already exists for the same workflow, it updates the existing PR instead of creating a new one.\n\n### Example PR\n\nSee [#6](https://github.com/michidk/orcastrate/pull/6) for a real example.\n\n[![Example PR](.github/images/screenshot.png)](https://github.com/michidk/orcastrate/pull/6)\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichidk%2Forcastrate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichidk%2Forcastrate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichidk%2Forcastrate/lists"}