jhatler · June 13, 2024 20:43
diff --git a/update-atlassian-cloud-emails.sh b/update-atlassian-cloud-emails.sh
 #!/bin/bash

 # This script updates the email address of Atlassian accounts using the Atlassian Access API.
 #
 # The script reads a tab-separated file with the following columns:
 # - Current email address
 # - Account ID
 # - New email address
 #
 # Those can be exported from the Atlassian admin console under "Managed accounts."
 #
 # The script will check if the account has the current email address and update it to the new email address.
 #
 # The script requires the following environment variables to be set in atlassian-api.env (see link for help):
 # (https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/)
 #
 # - API_KEY: The API key for the Atlassian API
 # - ORG_ID: The organization ID for the Atlassian organization
 #
 # The script does a dry run first, echoing the commands it would run. Use the --force flag to apply the changes.

 set -e -o pipefail

 source atlassian-api.env

 if [ -z "$API_KEY" ]; then
    echo "API_KEY is not set"
    exit 1
 fi

 if [ -z "$ORG_ID" ]; then
    echo "ORG_ID is not set"
    exit 1
 fi

 FORCE=0
 while (( "$#" )); do
    case "$1" in
        -h|--help)
            echo "Usage: $0 [--force] <accounts.tab>"
            exit 0
            ;;
        --force)
            FORCE=1
            shift
            ;;
        *)
            break
            ;;
    esac
 done

 if [ -z "$1" ]; then
    echo "Usage: $0 [--force] <accounts.tab>"
    exit 1
 fi

 ACCOUNT_TSV=$1
 CURL=(curl -sSfL --header "Authorization: Bearer ${API_KEY}" --header 'Accept: application/json' )

 cat "$1" | while read -r ACCOUNT_EMAIL ACCOUNT_ID NEW_ACCOUNT_EMAIL; do
    PROFILE_URL="https://api.atlassian.com/users/${ACCOUNT_ID}/manage/profile"
    EMAIL_URL="https://api.atlassian.com/users/${ACCOUNT_ID}/manage/email"
    EMAIL_PAYLOAD="{\"email\": \"${NEW_ACCOUNT_EMAIL}\"}"

    echo "Checking account: $ACCOUNT_EMAIL"
    if [ $FORCE -eq 0 ]; then
        echo "DRYRUN:" ${CURL[@]} --request GET --url "$PROFILE_URL"
    else
        ${CURL[@]} --url "$PROFILE_URL" | jq -r '.account.email' | grep -q "$ACCOUNT_EMAIL" || {
            echo "WARN: Account $ACCOUNT_ID does not have email $ACCOUNT_EMAIL" >&2
            continue
        }
    fi

    echo "Update account: $ACCOUNT_EMAIL -> $NEW_ACCOUNT_EMAIL"
    if [ $FORCE -eq 0 ]; then
        echo "DRYRUN:" ${CURL[@]} --request PUT --url "$EMAIL_URL" --data "$EMAIL_PAYLOAD"
    else
        ${CURL[@]} --url "$EMAIL_URL" --data "$EMAIL_PAYLOAD" || {
            echo "ERROR: Failed to update email for account $ACCOUNT_ID" >&2
            continue
        }
    fi
 done
	#!/bin/bash

	# This script updates the email address of Atlassian accounts using the Atlassian Access API.
	#
	# The script reads a tab-separated file with the following columns:
	# - Current email address
	# - Account ID
	# - New email address
	#
	# Those can be exported from the Atlassian admin console under "Managed accounts."
	#
	# The script will check if the account has the current email address and update it to the new email address.
	#
	# The script requires the following environment variables to be set in atlassian-api.env (see link for help):
	# (https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/)
	#
	# - API_KEY: The API key for the Atlassian API
	# - ORG_ID: The organization ID for the Atlassian organization
	#
	# The script does a dry run first, echoing the commands it would run. Use the --force flag to apply the changes.

	set -e -o pipefail

	source atlassian-api.env

	if [ -z "$API_KEY" ]; then
	echo "API_KEY is not set"
	exit 1
	fi

	if [ -z "$ORG_ID" ]; then
	echo "ORG_ID is not set"
	exit 1
	fi

	FORCE=0
	while (( "$#" )); do
	case "$1" in
	-h\|--help)
	echo "Usage: $0 [--force] <accounts.tab>"
	exit 0
	;;
	--force)
	FORCE=1
	shift
	;;
	*)
	break
	;;
	esac
	done

	if [ -z "$1" ]; then
	echo "Usage: $0 [--force] <accounts.tab>"
	exit 1
	fi

	ACCOUNT_TSV=$1
	CURL=(curl -sSfL --header "Authorization: Bearer ${API_KEY}" --header 'Accept: application/json' )

	cat "$1" \| while read -r ACCOUNT_EMAIL ACCOUNT_ID NEW_ACCOUNT_EMAIL; do
	PROFILE_URL="https://api.atlassian.com/users/${ACCOUNT_ID}/manage/profile"
	EMAIL_URL="https://api.atlassian.com/users/${ACCOUNT_ID}/manage/email"
	EMAIL_PAYLOAD="{\"email\": \"${NEW_ACCOUNT_EMAIL}\"}"

	echo "Checking account: $ACCOUNT_EMAIL"
	if [ $FORCE -eq 0 ]; then
	echo "DRYRUN:" ${CURL[@]} --request GET --url "$PROFILE_URL"
	else
	${CURL[@]} --url "$PROFILE_URL" \| jq -r '.account.email' \| grep -q "$ACCOUNT_EMAIL" \|\| {
	echo "WARN: Account $ACCOUNT_ID does not have email $ACCOUNT_EMAIL" >&2
	continue
	}
	fi

	echo "Update account: $ACCOUNT_EMAIL -> $NEW_ACCOUNT_EMAIL"
	if [ $FORCE -eq 0 ]; then
	echo "DRYRUN:" ${CURL[@]} --request PUT --url "$EMAIL_URL" --data "$EMAIL_PAYLOAD"
	else
	${CURL[@]} --url "$EMAIL_URL" --data "$EMAIL_PAYLOAD" \|\| {
	echo "ERROR: Failed to update email for account $ACCOUNT_ID" >&2
	continue
	}
	fi
	done