rultor: Check maintainership before merging

This adds 1 environment variable:

    export GITHUB_TOKEN=...

Currently @adtac's Github token is used. Please note that the used
token must have admin rights to the coala organization.

Author: adtac

.ci/check_maintainership.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# Do not use `set -x` here as then it displays the PYPIPW in logs
+set -e
+
+# Get environment variables, readily decrypted by rultor
+source ../rultor_secrets.sh
+
+# Make sure the user is a maintainer
+if curl "https://api.github.com/teams/1238757/memberships/${author}?access_token=${GITHUB_TOKEN}" | grep -q "Not Found"; then
+    echo "@${author} is not in the maintainers group."
+    exit 1
+fi

.rultor.yml

@@ -1,3 +1,7 @@
 merge:
   fast-forward: only
-  script: echo "Nothing to do."
+  script:
+    - bash .ci/check_maintainership.sh
+
+decrypt:
+  rultor_secrets.sh: "repo/.ci/rultor_secrets.sh.asc"