ghorg alternatives and similar packages

ghorg

ghorg allows you to quickly clone all of an orgs, or users repos into a single directory. This can be useful in many situations including

1. Searching an orgs/users codebase with ack, silver searcher, grep etc..
2. Bash scripting
3. Creating backups
4. Onboarding
5. Performing Audits

When running ghorg a second time on the same org/user, all local changes in the cloned directory by default will be overwritten by what's on GitHub. If you want to work out of this directory, make sure you either rename the directory or set the --no-clean flag on all future clones to prevent losing your changes.

Supported Providers

• GitHub
• GitLab
• Bitbucket
• Gitea

The terminology used in ghorg is that of GitHub, mainly orgs/repos. GitLab and BitBucket use different terminology. There is a handy chart thanks to GitLab that translates terminology here

Configuration

Precedence for configuration is first given to the flags set on the command-line, then to what's set in your $HOME/.config/ghorg/conf.yaml. This file comes from the sample-conf.yaml. If neither of these exist, ghorg will fall back to its defaults -- cloning a GitHub org using your security token, if no security token is detected you will need to provide a token --token.

Although it's optional, it is recommended to add a $HOME/.config/ghorg/conf.yaml following the instructions in the install section.

You can have multiple configuration files which is useful if you clone from multiple SCM providers. Alternative configuration files can only be referenced as a command-line flag --config

# example using an secondary configuration file
ghorg clone kubernetes --config=$HOME/.config/ghorg/other-config.yaml

Install

Homebrew

optional but recommended

mkdir -p $HOME/.config/ghorg
curl https://raw.githubusercontent.com/gabrie30/ghorg/master/sample-conf.yaml > $HOME/.config/ghorg/conf.yaml
vi $HOME/.config/ghorg/conf.yaml

required

brew install gabrie30/utils/ghorg

Golang

optional but recommended

mkdir -p $HOME/.config/ghorg
curl https://raw.githubusercontent.com/gabrie30/ghorg/master/sample-conf.yaml > $HOME/.config/ghorg/conf.yaml
vi $HOME/.config/ghorg/conf.yaml

required

# ensure $HOME/go/bin is in your path ($ echo $PATH | grep $HOME/go/bin)

# if using go 1.16+ locally
go install github.com/gabrie30/[email protected]

# older go versions can run
go get github.com/gabrie30/ghorg

Use

# note: to view/set all available flags/features see sample-conf.yaml
# note: for examples see ./examples
$ ghorg clone someorg
$ ghorg clone someorg --concurrency=50 --token=bGVhdmUgYSBjb21tZW50IG9uIGlzc3VlIDY2
$ ghorg clone someuser --clone-type=user --protocol=ssh --branch=develop --color=enabled
$ ghorg clone gitlab-group --scm=gitlab --base-url=https://gitlab.internal.yourcompany.com --preserve-dir
$ ghorg clone gitlab-group/gitlab-subgroup --scm=gitlab --base-url=https://gitlab.internal.yourcompany.com
$ ghorg clone --help
# view cloned resources
$ ghorg ls
$ ghorg ls someorg

SCM Provider Setup

Note: if you are running into issues, read the troubleshooting and known issues section below

github setup

1. Create Personal Access Token with all repo scopes. Update GHORG_GITHUB_TOKEN in your ghorg/conf.yaml, as a cli flag, or add to your osx keychain. If your org has Saml SSO in front you will need to give your token those permissions as well, see this doc.

gitlab setup

1. Create Personal Access Token with the read_api scope (or api for self-managed GitLab older than 12.10). This token can be added to your ghorg/conf.yaml, as a cli flag, or your osx keychain.
2. Update the GitLab Specific config in your ghorg/conf.yaml or via cli flags
3. Update GHORG_SCM_TYPE to gitlab in your ghorg/conf.yaml or via cli flags
4. See examples/gitlab.md on how to run

gitlab specific notes

1. ghorg works slightly differently for hosted gitlab instances and gitlab cloud
   1. To clone all groups within a hosted instance use the keyword "all-groups" when cloning sh ghorg clone all-groups --base-url=https://${your.hosted.gitlab.com} --scm=gitlab --token=XXXXXXXXXXXXX --preserve-dir
   2. For gitlab cloud you can use the top level group name e.g. for https://gitlab.com/fdroid sh ghorg clone fdroid --scm=gitlab --token=XXXXXXXXXXXXX --preserve-dir
2. for hosted instances you need to have a --base-url set, cloning cloud gitlab should omit this
3. for hosted instances you can use the --insecure-gitlab-client flag if you use self signed certificates, this is not an option for cloud
4. all flags can be permanently set in your $HOME/.config/ghorg/conf.yaml if you have multiple gitlab instances you can create multiple configuration files for each instance and use different config files with the --config flag

gitea setup

1. Create Access Token (Settings -> Applications -> Generate Token)
2. Update GHORG_GITEA_TOKEN in your ghorg/conf.yaml or use the (--token, -t) flag.
3. Update GHORG_SCM_TYPE to gitea in your ghorg/conf.yaml or via cli flags

bitbucket setup

1. To configure with bitbucket you will need to create a new app password and update your $HOME/.config/ghorg/conf.yaml here or use the (--token, -t) and (--bitbucket-username) flags.
2. Update SCM type to bitbucket in your ghorg/conf.yaml or via cli flags

osx default github/gitlab token used

NOTE: cloning via https rather than ssh is the ghorg default, this is because a token must be present to retrieve the list of repos. However, if you run into trouble cloning via https and generally clone via ssh, try switching --protocol ssh

$ security find-internet-password -s github.com  | grep "acct" | awk -F\" '{ print $4 }'
$ security find-internet-password -s gitlab.com  | grep "acct" | awk -F\" '{ print $4 }'

It's recommended to store github/gitlab tokens in the osxkeychain, if this command returns anything other than your token see Troubleshooting section below. However, you can always add your token to the $HOME/.config/ghorg/conf.yaml or use the (--token, -t) flags.

Filtering Repos

• To filter repos by regex use --match-regex flag
• To filter out any archived repos while cloning use the --skip-archived flag (not bitbucket)
• To filter out any forked repos while cloning use the --skip-forks flag
• To ignore specific repos create a ghorgignore file inside $HOME/.config/ghorg. Each line in this file is considered a substring and will be compared against each repos clone url. If the clone url contains a substring in the ghorgignore it will be excluded from cloning. To prevent accidentally excluding a repo, you should make each line as specific as possible, eg. https://github.com/gabrie30/ghorg.git or [email protected]:gabrie30/ghorg.git depending on how you clone. This is useful for permanently ignoring certain repos.

  # Create ghorgignore
  touch $HOME/.config/ghorg/ghorgignore

  # update file
  vi $HOME/.config/ghorg/ghorgignore

Known issues

• When cloning if you see something like Username for 'https://gitlab.com': and the run won't finish. Make sure your token is in the osxkeychain, see the troubleshooting section for how to set this up. If this does not work or you are not on mac try cloning via ssh (--protocol=ssh). If this still does not resolve your issue you will need to update your git configs to match below, be sure to update the gitlab.mydomain.com portion

  git config --global url."[email protected]:".insteadOf http://gitlab.mydomain.com/
  git config --global url."git://".insteadOf https://

• If you are cloning a large org you may see Error: open /dev/null: too many open files which means you need to increase your ulimits, there are lots of docs online for this. For mac the quick and dirty is below

  # reset the soft and hard file limit boundaries
  $ sudo launchctl limit maxfiles 65536 200000

  # actually now set the ulimit boundary
  $ ulimit -n 20000

Another solution is to decrease the number of concurrent clones. Use the --concurrency flag to set to lower than 25 (the default)

Troubleshooting

• If the security command does not return your token, follow this GitHub Documentation. For GitHub tokens you will need to set your token as your username and set nothing as the password when prompted. For GitLab you will need to set your token for both the username and password when prompted. This will correctly store your credentials in the keychain. If you are still having problems see this StackOverflow Post
• If your GitHub org is behind SSO, you will need to authorize your token, see here
• GitHub Personal Access Token only finding public repos - Give your token all the repo permissions
• Make sure your $ git --version is >= 2.19.0
• Check for other software, such as anti-malware, that could interfere with ghorgs ability to create large number of connections, see issue 132

Updating brew tap

• See Readme