Open a file directly from a GitLab private repository - linux

I have a private repository on a GitLab server and using the SSH I can pull a project using git clone.
But I want to run a script on linux command line directly from the server (more specific, a Drupal / Drush .make file)
I tried to run it using the raw file:
drush make http://server.com/user/project/raw/master/file.make
(for the convenience of non Drupal users let’s say)
curl http://server.com/user/project/raw/master/file.make
Without success. Of course, it returns me the login page.
Is it possible?

With Chris's valuable help, here is how you can run a script (drupal .make file in my case) from a GitLab server. (Probably it works for GitHub but I didn't test it. Maybe the syntax will be a bit different). (Of course this works for any type of script)
It can be done using the authentication tokens. Here is the documentation of the GitLab's API and here is the GitHub's API
For convenient I will use the https://gitlab.com as the example server.
Go to https://gitlab.com/profile/account and find your "Private token"
Then print the list of the projects and find the id of your project you are looking for
curl https://gitlab.com/api/v3/projects?private_token=<your_private_token>
or go there with your browser (a json viewer will help a lot)
Then print the list of the files that are on this project and find the id of your file you are looking for
curl https://gitlab.com/api/v3/projects/<project_id>/repository/tree?private_token=<your_private_token>
Finally get / run the file!
curl https://gitlab.com/api/v3/projects/<project_id>/repository/raw_blobs/<file_id>?private_token=<your_private_token>
In case you want to run the script (drupal .make)
drush make https://gitlab.com/api/v3/projects/<project_id>/repository/raw_blobs/<file_id>?private_token=<your_private_token> <drupal_folder>
(If you are here looking for a workflow to integrate GitLab with Aegir .make platforms without using tokens (maybe SSH?) please make a thread and paste here the link.)
EDIT
You can get the file without the project_id by using the encoded project name. For example the my-user-name/my-project will become: my-user-name%2Fmy-project

Update 2018-12-25:
as long as you're not downloading huge files, this should work:
curl -s -H "Private-Token: <token>" "https://gitlab.com/api/v4/projects/<urlencode("gitlab_username/project_name")>/repository/files/<path/to/file>/raw?ref=<branch_name>"
, a real example, downloading the file /README.md from the private repository https://gitlab.com/divinity76/Yur17, where the web download url is https://gitlab.com/divinity76/Yur17/raw/master/README.md?inline=false, is:
curl -s -H "Private-Token: afF2s1xgk6xcwXHy3J4C" "https://gitlab.com/api/v4/projects/divinity76%2Fyur17/repository/files/README%2Emd/raw?ref=master"
take special note of how the gitlab_username/repo_name was url-encoded, eg / became %2F (you can check how your username & repo name is as url-encoded by opening your browser javascript terminal and write encodeURIComponent("your_username/repo_name"); in the terminal and press enter.)
thanks to Jonathan Hall # gitlab at mg.gitlab.com, and https://docs.gitlab.com/ee/api/repository_files.html , and tvl for helping reach a solution.
Update 2018-12-11: this method no longer works, now it just serves the login page, with a message saying need to log in to continue, even using HTTP 200 OK (shame on them), will update if i find out why ( #XavierStuvw claims it's security concerns related)
i found a much easier way to do it than #tvl 's answer,
first create an access token with API access here: https://gitlab.com/profile/personal_access_tokens ,
then do:
wget --header 'PRIVATE-TOKEN: <token>' 'https://gitlab.com/<username>/<repo>/raw/master/path/to/file.ext'
i found the solution here.

If you would like to access a file from private GitLab, you could use the below approach which worked for me:)
Construct the URL:
https://url/api/v4/projects/projectId/repository/files/fileName/raw?ref=master&private_token=Generated_private_token
url is your Gitlab url ex: git.lab.com.
/api/v4/projects is a constant.
projectId is the projectId of your project, which you can find below the name of your project in gitlab.
/repository/files is again a constant.
fileName is the name of the file ex: sagar.txt
/raw?ref= is a constant and the value of ref can be master or any branch which you would like to take the file from. I am retrieving the file from Master.
Generated_private_token should be generated from gitlab, please follow the steps in mentioned in the link :
Generate Private Token

Related

Linux - Git Credentials - How to remove an instance of a username/password combo?

I just installed Libsecret and pointed it to be where my git credentials get saved:
git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret
But I really don't understand how to use it at all.. like at ALL.
It's been a pretty bleak experience to work with this, and actually seems like the only good solution on Linux at this point (its only been 2 years since the last update, rather than like 3+ for other options).
Is there a way to revoke a username/password stored on Libsecret? Like I have 0 clue how to wipe it other than to do --unset credential.helper, which just wipes everything. Can I not narrow it down by the repo/link the password being stored is related to? The Credential Manager on Windows makes this rediculously straightforward via the UI
Sorry to complain and talk about Windows' equivalent, but can anyone shine a light on that?
By all means, not set on using Libsecret if there are better alternatives to what I'm trying to do here. Please, any advance would be so greatly appreciated
It is not clear at all how to do this and the libsecret documentation -- https://developer.gnome.org/libsecret/0.18/ -- is just API/library documentation. Which is great, if you are programming an interface into libsecret. But is not great if you are an end user and want to update or remove an entry.
Also, I found that unsetting the git global config entry credential.helper just reverts git to using un-cached credentials. But when I pointed that setting back to git-credential-libsecret, my old password was still saved.
So, the answer to removing or updating a single entry turns out to be relatively simple. But NOT OBVIOUS.
Install Seahorse (https://wiki.gnome.org/Apps/Seahorse) if it isn't already installed. It will show up in your app menu as "Passwords and Keys"
Run Seahorse
Login (keychain) -> https://#github.com | Network Password
Double click or Right-click on it and edit, copy, or delete
As the other answer mentions, Seahorse is a GUI frontend to the same keyring, but there is also a CLI frontend called secret-tool that can access the same things.
No need to fiddle with what is behind a git credential helper.
Any git credential helper supports an "erase" method, as shown, for instance, in the sources of contrib/credential/libsecret/git-credential-libsecret.c:
/*
* Table with helper operation callbacks, used by generic
* credential helper main function.
*/
static struct credential_operation const credential_helper_ops[] = {
{ "get", keyring_get },
{ "store", keyring_store },
{ "erase", keyring_erase },
CREDENTIAL_OP_END
};
So, to erase a credential entry, you would need to type:
printf "protocol=https\nhost=github.com\nusername=<me>" | \
git-credential-libsecret erase
Replace "github.com" and <me> with the actual remote site and remote account username.
If your credential helper is not libsecret but "manager-core" (using the Microsoft GCM which is cross-platform) , that would be:
printf "protocol=https\nhost=github.com\nusername=<me>" | \
git-credential-manager-core erase
If your credential helper is not libsecret but "xxx" (any other helper, "store", "cache", ...):
printf "protocol=https\nhost=github.com\nusername=<me>" | \
git-credential-xxx erase
Simply type your credential helper command: it will display its commands.
In my case:
git-credential-manager-core
Required command was not provided.
Usage:
git-credential-manager-core [options] [command]
Options:
--version Show version information
-?, -h, --help Show help and usage information
Commands:
get [Git] Return a stored credential
store [Git] Store a credential
erase [Git] Erase a stored credential
configure Configure Git Credential Manager as the Git credential helper
unconfigure Unconfigure Git Credential Manager as the Git credential helper
azure-repos Commands for interacting with the Azure Repos host provider
Just make sure it is in your $PATH (it should be in /usr/bin, if not: /usr/lib/git-core)
Older helpers do not display all "action" commands, and use older synonyms for erase (remove or delete)
To check the erase/remove/delete has worked, display your stored password first ("get"), then "erase", then try and display it again, using again the "get" action:
printf "protocol=https\nhost=github.com\nusername=<me>" | \
git-credential-xxx get
If it prompts for you to enter your username/password, that means you have succeeded in deleting your cached entry.
I have also ran into this issue, and did a little bit of research. From what I can understand, under the hood, libsecret saves credentials to the local user keyring (like gnome-keyring). As the other answer mentions, Seahorse is a GUI frontend to the same keyring, but there is also a CLI frontend called secret-tool that can access the same things.
See https://ece.engr.uvic.ca/~frodo/courses/cpp/documents/github_authentication.pdf and http://manpages.ubuntu.com/manpages/bionic/man1/secret-tool.1.html for more details.

GitHub Clone from VSCode eg-02-react-implicit-grant error /src/hoc/aux invalid argument

This question is regarding the repo for react implicit grant for docusign using react.
https://github.com/docusign/eg-02-react-implicit-grant
When I tried to clone the repo using VSCode, I received an error
Git: fatal: cannot create directory at 'src/hoc/Aux': Invalid argument
When I looked into the repo, there is a file under src/hoc/aux/aux.js which has the text below.
const aux = (props) => props.children;
export default aux;
Is the file aux.js necessary? Because I was able to extract the zip files after skipping to extract aux.js.
I just tried to clone the https://github.com/docusign/eg-02-react-implicit-grant repo using the GitHub desktop and did not have any problems.
I suggest that you download the repo using git directly or use the download zip option from the repo's page.
Re: aux.js
TL;DR. -- Yes, I believe the aux.js is needed.
Details: Unfortunately I'm not a React expert. (Even though I wrote this example.)
The /hoc directory is used for React Higher Order Components. In this case, I'm using it for a simple component that checks to see if the user has a valid token. I believe that the js file is needed. But you can find out by not including it as seeing what happens.
Also, note that I wrote this React example almost a year ago. You'll want to update it to current React best practices.
Try renaming the aux folder and aux.js file inside it to any random name do it preferably in vscode it will let you know which name is allowed and which isn't, worked for me.

Google Cloud Natural Language Example

I have followed the getting started page closely.
https://cloud.google.com/natural-language/docs/reference/libraries#client-libraries-install-php
The example code has the following: $projectId = 'YOUR_PROJECT_ID';
I fill in my project id taken from the json file and the Google console--e.g. "$projectID = 'myproject-197218'" and I always get a fatal error with "Permission Denied."
I have set the env variable, run composer to install the library. And, I created the Google json file. I am running the example in PHP code.
I am running the code on my local server (xampp).
I figured out my problem. The Google Cloud json file was stored on my drive d:, so in the env variable I referenced it as 'GOOGLE_APPLICATION_CREDENTIALS= d:\xampp\htdocs\googapi\mproj.json', it did not work; when I moved it to the root of the c: drive and referenced it there (GOOGLE_APPLICATION_CREDENTIALS=c:proj.json), it worked fine.
Are you sure that the ID of your project is that one? I'm working in Google Cloud and I cannot see this project ID in our database, but if I type "my-project-197218" with a "-" between "my" and "project" I am able to find one project. please, to make sure that this is your correct project ID, run this command in your Google Cloud Shell to get the default project ID:
gcloud config list --format 'value(core.project)' 2>/dev/null

Errors deploying Node.js app

So I am new to IBM Bluemix and all of their products and I am trying to do this project http://www.ibm.com/developerworks/library/ba-muse-toycar-app/index.html . I have done all of the modifying of the car and everything I am just having issues with the codes.
I have a few specific questions on part 2 step 2.b when you are entering in the information for the Cloudant database what information do I put in for the cradle connection and how do I acquire that information.
Second when I go to deploy the app Part 2 Step 2.4 how do I navigate to the application directory? I have looked at the help and googled to no avail. So if we fix these things I am hoping that I will be able to deploy the application. However currently when I go to deploy it I get this error.
cf push braincar
Updating app braincar in org ccornwe1#students.kennesaw.edu / space dev as myemailaddress#gmail.com...
OK
Uploading braincar...
FAILED
Error uploading application.
open /Users/codycornwell/.rnd: permission denied
>>
I am green to all this so any help and explanation to understand it is greatly appreciated! Thanks!
In the tutorial's part 2, step 2.b, you need to specify your Cloudant credentials. There are several ways to get Cloudant credentials, but I'll focus on doing it within the context of Bluemix and the cf command line tool.
You will first need to create a Cloudant service instance, then create a set of service keys (credentials) and then view them.
Create a Cloudant service instance named myCloudantSvc using the Shared plan:
$> cf create-service cloudantNoSQLDB Shared myCloudantSvc
Create a set of service keys (credentials) named cred1:
$> cf create-service-key myCloudantSvc cred1
View the credentials for the service key you just created
$> cf service-key myCloudantSvc creed
With the last step above, you should see output which provides you with the username, password and host values that you'll need to place into your app.js code. It should look something like the following:
{
"host": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-bluemix.cloudant.com",
"password": "longSecretPassword",
"port": 443,
"url": "https://xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-bluemix:longSecretPassword#xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-bluemix.cloudant.com",
"username": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-bluemix"
}
For your second question, it looks like you're performing the cf push from your $HOME directory (as mentioned in the comment by #vmovva). By default, the cf push command will send all files in the current directory to Bluemix/CloudFoundry.
Try running the command from the directory where your source code is located to reduce the files pushed to Bluemix. If your source code is intermingled in your $HOME directory, move your source into a different directory and then push from that directory.

jenkins: setting root url via Groovy API

I'm trying to update Jenkins' root URL via the Groovy API, so I can script the deployment of a Jenkins master without manual input (aside: why is a tool as popular with the build/devops/automation community as Jenkins so resistant to automation?)
Based on this documentation, I believe I should be able to update the URL using the following script in the Script Console.
import jenkins.model.JenkinsLocationConfiguration
jlc = new jenkins.model.JenkinsLocationConfiguration()
jlc.setUrl("http://jenkins.my-org.com:8080/")
println(jlc.getUrl())
Briefly, this instantiates a JenkinsLocationConfiguration object; calls the setter setUrl with the desired value, http://jenkins.my-org.com:8080/; and prints out the new URL to confirm that it has changed.
The println statement prints what I expect it to, but following this, the value visible through the web interface at "Manage Jenkins" -> "Configure System" -> "Jenkins URL" has not updated as I expected.
I'm concerned that the value hasn't been update properly by Jenkins, which might lead to problems when communicating with external APIs.
Is this a valid way to fix the Jenkins root URL? If not, what is? Otherwise, why isn't the change being reflected in the config page?
You are creating a new JenkinsLocationConfiguration object, and updating the new one, not the existing one being used
use
jlc = JenkinsLocationConfiguration.get()
// ...
jlc.save()
to get the one from the global jenkins configuration, update it and save the config descriptor back.
see : https://github.com/jenkinsci/jenkins/blob/master/core/src/main/java/jenkins/model/JenkinsLocationConfiguration.java

Resources