Octobatch: Declarative Large-Scale Code Changes Across GitHub Repositories
Delivered a self-hosted tool for declaratively managing bulk code changes across thousands of GitHub repositories, enabling teams to preview, apply, and continuously reconcile pull requests at scale until merged.
Background
Engineering organizations operating at scale face a recurring challenge: applying consistent code changes across hundreds or thousands of repositories. Whether it’s updating security policies, standardizing dependencies, migrating CI/CD configurations, or enforcing organizational compliance patterns, manual approaches don’t scale. Teams resort to fragile shell scripts, one-off automation, or worse, manual pull requests that quickly become unmaintable and fall out of sync.
Without a declarative approach, organizations lose track of which repositories have been updated, which PRs are stale, and which changes failed to merge. This creates technical debt, security vulnerabilities, and operational inconsistency across the codebase landscape. Platform teams need a reliable, repeatable way to define changes once and continuously ensure they’re applied everywhere they need to be.
My Role
I designed and built Octobatch as an open-source tool to solve the large-scale code change problem declaratively. I shaped the architecture, developed the core reconciliation logic, and created the workflow that enables teams to define changes as configuration, preview diffs before opening PRs, and continuously track merge status. I also established patterns for safe bulk operations, including dry-run capabilities, change validation, and incremental rollout strategies.
Execution
- Designed a declarative YAML-based configuration model where teams define target repositories, change templates, and PR metadata in version-controlled files
- Built the batch reconciliation engine that clones repositories, applies changes, generates diffs, and opens pull requests in bulk across GitHub
- Implemented preview capabilities so teams can review what changes will be applied before creating hundreds of PRs
- Created continuous reconciliation logic that monitors open PRs, detects conflicts or required updates, and automatically syncs changes until merged
- Established safe rollout patterns including repository filtering, phased execution, and automated rollback detection for failed changes
- Integrated with GitHub APIs to handle authentication, repository access, branch protection, and PR status tracking at scale
- Built observability into the tool so teams can monitor progress, identify stuck PRs, and understand merge velocity across the entire batch
- Published comprehensive documentation covering common use cases like dependency updates, security patches, configuration standardization, and policy enforcement
Results
- Platform teams gained a single, declarative tool for managing large-scale code changes across their entire repository footprint
- Reduced time to propagate critical security fixes from weeks of manual effort to hours of automated reconciliation
- Enabled consistent enforcement of organizational policies and standards without manual coordination across hundreds of teams
- Improved visibility into change adoption through built-in tracking and reporting on PR status, merge rates, and outstanding work
- Eliminated fragile shell scripts and one-off automation that previously created operational risk and maintenance burden
- Created a repeatable pattern for bulk code changes that teams can version control, review, and audit like infrastructure code
Technologies & Tools
TECHNOLOGIES & TOOLS USED