A GitHub Probot App that monitors and prevents Public Repositories from being created in an organization.
org-settingsand in it a file
.github/prevent-public-repos.ymlas described in the How it Works section to configure settings (and override defaults)
By default when a new repository is created with Public visibility, an Issue will be created in the repository warning that it is Public to the internet [Monitor-Only mode is enabled].
.github/prevent-public-repos.yml file is recommended to override the default settings created in Repository
org-settings. This repository will contain global settings for the organization.
# Configuration for Prevent-Public-Repos # Turn on Monitor Mode. In this mode the repo visibility is not modified and only an Issue is created monitorOnly: true # Enables detection of repos that change visibility from private to public (not just newly created ones) enablePrivateToPublic: false # Issue Title when repo is privatized privatizedIssueTitle: '[CRITICAL] Public Repositories are Disabled for this Org' # Issue Body when repo is privatized privatizedIssueBody: 'NOTE: Public Repos are disabled for this organization! Repository was automatically converted to a Private Repo. Please contact an admin to override.' # Issue Title when monitor mode is enabled monitorIssueTitle: '[CRITICAL] Public Repository Created' # Issue Body when monitor mode is enable monitorIssueBody: 'Please note that this repository is publicly visible to the internet!' # Users/Groups that should be cc'ed on the issue. Should be users/groups separated by a space. # ccList: '@user123 @user456' # Repos to exclude in detection. Should be a List of Strings. # excludeRepos: ['repo1', 'repo2']
When setting up this Probot App you can also set a number of Environment Variables
See docs/deploy.md if you would like to run your own instance of this app.
Possible Environment Variables: