From b3b44ecc96971f1a76940bb14da39dc7e46c8523 Mon Sep 17 00:00:00 2001
From: Alexander Sulfrian <asulfrian@zedat.fu-berlin.de>
Date: Mon, 31 Jan 2022 19:06:14 +0100
Subject: Add script to get keys from gitlab group members

---
 .gitignore        |  4 ++++
 get-gitlab-keys   | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 gitlab.cfg.sample |  6 ++++++
 3 files changed, 57 insertions(+)
 create mode 100644 .gitignore
 create mode 100755 get-gitlab-keys
 create mode 100644 gitlab.cfg.sample

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..2feee0e
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+*.pyc
+*.pyo
+gitlab.cfg
+env/
diff --git a/get-gitlab-keys b/get-gitlab-keys
new file mode 100755
index 0000000..2a84cbc
--- /dev/null
+++ b/get-gitlab-keys
@@ -0,0 +1,47 @@
+#!/usr/bin/env python3
+import os
+import argparse
+import pathlib
+
+import gitlab
+
+
+def get_config_files():
+    files = []
+    for cfg in ['gitlab.cfg', '~/.gitlab.cfg', '/etc/gitlab.conf']:
+        path = os.path.expanduser(cfg)
+        if os.path.exists(path):
+            files.append(path)
+    return files
+
+
+def write_keys(directory, user):
+    filename = '%s.pub' % user.username.lower()
+    with open(os.path.join(directory, filename), 'w+') as keyfile:
+        for key in user.keys.list():
+            keyfile.write('%s\n' % key.key)
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description='Get all public ssh keys of all '
+                    'members of a gitlab group.')
+    parser.add_argument('group_id', metavar='GROUP_ID', type=int,
+                        help='id of the gitlab group')
+    parser.add_argument('path', metavar='PATH', type=pathlib.Path,
+                        help='path to the output directory')
+    args = parser.parse_args()
+    
+    if not os.path.exists(args.path):
+       os.makedirs(args.path)
+
+    gl = gitlab.Gitlab.from_config('gitlab', get_config_files())
+
+    group = gl.groups.get(args.group_id)
+    for member in group.members.all(all=True):
+        if member.access_level >= gitlab.const.DEVELOPER_ACCESS:
+            user = gl.users.get(member.id)
+            write_keys(args.path, user)
+
+if __name__ == '__main__':
+    main()
diff --git a/gitlab.cfg.sample b/gitlab.cfg.sample
new file mode 100644
index 0000000..d6b471d
--- /dev/null
+++ b/gitlab.cfg.sample
@@ -0,0 +1,6 @@
+[gitlab]
+# URL for your GitLab server
+#url = https://gitlab.example.com/
+
+# Your user token. (Login/password is not supported.)
+#private_token = ...
-- 
cgit v1.2.3-1-g7c22