A privacy-safe, generic bootstrapper for GitHub repositories.
This project demonstrates a common platform engineering pattern: automating baseline standards (ownership, CI, contribution guidance, and branch protection) so teams can move quickly without sacrificing guardrails.
It is intentionally designed to run safely in dry-run mode and does not perform destructive writes unless explicitly configured.
Platform teams frequently standardize:
- Repository hygiene
- CODEOWNERS enforcement
- CI defaults
- Security documentation
- Branch protection rules
Rather than relying on manual setup or tribal knowledge, this tool encodes those practices into repeatable automation.
The goal is consistency, not rigidity.
- Repository bootstrap CLI
- Dry-run mode for safe previews
- GitHub API client abstraction
- Baseline file scaffolding:
CODEOWNERSSECURITY.mdCONTRIBUTING.md- CI workflow template
- Branch protection configuration (stubbed for v1)
python -m pip install -e .platform-bootstrap bootstrap \
--owner my-org \
--repo my-repo \
--default-branch main \
--codeowners "@my-org/platform" \
--dry-runThe bootstrapper will:
- Ensure the repository exists
- Upsert baseline files
- Add a minimal CI workflow
- Configure branch protection
In dry-run mode, it prints intended actions without network writes.
Non-dry-run mode retains GitHub API method signatures and provides clear TODO markers for full implementation.
CLI → Bootstrap Service → GitHubClient → GitHub API
- CLI handles argument parsing
- Bootstrap service defines platform policy
- GitHubClient abstracts API interaction
- GitHub API executes repository configuration
- Uses a
src/layout for clean packaging. - Separates CLI, bootstrap logic, and GitHub API client.
- Designed to evolve into a reusable internal SDK or service.
- Emphasizes safety-first automation via dry-run support.
- Full GitHub file upsert implementation
- Org-level policy packs
- Template repository support
- Optional FastAPI wrapper for service deployment
- Policy-as-code integration patterns