feat: add script to create organization team linked to IdP group#157
Merged
joshjohanning merged 2 commits intomainfrom Mar 5, 2026
Merged
feat: add script to create organization team linked to IdP group#157joshjohanning merged 2 commits intomainfrom
joshjohanning merged 2 commits intomainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new gh-cli utility script to automate creating an organization team and linking it to an IdP external group (team synchronization), and documents the script in the gh-cli README.
Changes:
- Added
create-team-and-link-idp-group.shto create a team, locate an external IdP group by name, and link the team to that group - Implemented an optional
--secretteam privacy mode - Documented the new script in
gh-cli/README.md
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| gh-cli/create-team-and-link-idp-group.sh | New script to create a team, remove the creator membership, and link to an external IdP group |
| gh-cli/README.md | Adds a new README entry for the script with a basic usage snippet |
Comments suppressed due to low confidence (1)
gh-cli/create-team-and-link-idp-group.sh:48
- This script relies on users setting
GH_HOST, but many othergh-cliscripts accept an explicit optionalhostnameargument and pass it viagh api --hostname ...(e.g.gh-cli/change-repository-visibility.sh:6-16,gh-cli/get-enterprise-members.sh:12-16). To stay consistent and to make GHES/GHE Data Residency usage less error-prone, consider adding an optional--hostname <host>(defaulting togithub.com) and passing it to everygh apicall.
# Usage:
# ./create-team-and-link-idp-group.sh <org> <team-name> <idp-group-name> [--secret]
#
# Notes:
# - The script paginates through external groups to find the target group
# - If the IdP group is not found, the script exits with an error
# - The team is created with 'closed' (visible to org members) privacy by default
# - Pass --secret to create a 'secret' (only visible to team members) team
# - For GHES / GHE Data Residency, set GH_HOST before running
if [ "$#" -lt 3 ]; then
echo "Usage: $0 <org> <team-name> <idp-group-name> [--secret]"
echo ""
echo "Example: $0 my-org my-team \"Engineering Team\""
exit 1
fi
org="$1"
team_name="$2"
idp_group_name="$3"
privacy="closed"
if [ "${4}" = "--secret" ]; then
privacy="secret"
fi
# --- Find the external IdP group by display name ---
echo "Searching for external group '$idp_group_name' in organization '$org'..."
group_id=$(gh api \
--method GET \
--paginate \
"/orgs/$org/external-groups" \
| jq -r --arg name "$idp_group_name" '.groups[] | select(.group_name | ascii_downcase == ($name | ascii_downcase)) | .group_id')
You can also share your feedback on Copilot code review. Take the survey.
…-idp-group - Add proper flag parsing with --secret and --hostname support - Error on unknown flags and excess positional arguments - Take first match when multiple IdP groups match (case-insensitive) - Distinguish 404 from real errors in team membership removal - Update README with --secret flag and prerequisites
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
New script for team creation and IdP group linking:
create-team-and-link-idp-group.shto automate creating a GitHub organization team and linking it to an IdP external group.