Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to download GitHub Release from private repo using command line

GitHub guide explains 2 way to authorize but looks neither of those works with the Release files.

as a result of:

curl -u 'username' -L -o a.tgz https://github.com/company/repository/releases/download/TAG-NAME/A.tgz 

there always is something like

<!DOCTYPE html> <!-- Hello future GitHubber! ... 
like image 260
keiw Avatar asked Dec 05 '13 09:12

keiw


People also ask

How do I download a GitHub file from terminal?

Open up Git Bash, type in “cd Downloads” and hit Enter. This will take you to the Downloads folder in the command window, you can also type whatever file location you want to save the file in. Now, type in “git clone https://github.com/bdward16/tip-calculator.git“and hit Enter.

How do I access a private repo on GitHub?

Set up a GitHub SSH key. Add the public SSH key to a private repository's deploy keys. Store the private SSH key in Secret Manager. Submit a build that accesses the key from Secret Manager and uses it to access the private repository.


1 Answers

To download release file from private repo, you can use Personal access token which can be generated at settings/tokens with Full control of private repositories scope.

Then download the asset with curl command (change with appropriate values):

curl -vLJO -H 'Authorization: token my_access_token' 'https://api.github.com/repos/:owner/:repo/releases/assets/:id' 

or if you're using an OAuth app, use:

curl -u my_client_id:my_client_secret https://api.github.com/repos/:owner/:repo/releases/assets/:id 

where:

  • :owner is your user or organisation username;
  • :repo is your repository name;
  • :id is your asset id, can be found in tag release URL, like:

    https://api.github.com/repos/:owner/:repo/releases/tags/:tag  
  • :token is your personal access token (can be created at /settings/tokens;

Note: Using access_token as a query param is deprecated.

See: Repositories API v3 at GitHub


Here is the Bash script which can download asset file given specific name of file:

#!/usr/bin/env bash # Script to download asset file from tag release using GitHub API v3. # See: http://stackoverflow.com/a/35688093/55075     CWD="$(cd -P -- "$(dirname -- "$0")" && pwd -P)"  # Check dependencies. set -e type curl grep sed tr >&2 xargs=$(which gxargs || which xargs)  # Validate settings. [ -f ~/.secrets ] && source ~/.secrets [ "$GITHUB_API_TOKEN" ] || { echo "Error: Please define GITHUB_API_TOKEN variable." >&2; exit 1; } [ $# -ne 4 ] && { echo "Usage: $0 [owner] [repo] [tag] [name]"; exit 1; } [ "$TRACE" ] && set -x read owner repo tag name <<<$@  # Define variables. GH_API="https://api.github.com" GH_REPO="$GH_API/repos/$owner/$repo" GH_TAGS="$GH_REPO/releases/tags/$tag" AUTH="Authorization: token $GITHUB_API_TOKEN" WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie" CURL_ARGS="-LJO#"  # Validate token. curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token or network issue!";  exit 1; }  # Read asset tags. response=$(curl -sH "$AUTH" $GH_TAGS) # Get ID of the asset based on given name. eval $(echo "$response" | grep -C3 "name.:.\+$name" | grep -w id | tr : = | tr -cd '[[:alnum:]]=') #id=$(echo "$response" | jq --arg name "$name" '.assets[] | select(.name == $name).id') # If jq is installed, this can be used instead.  [ "$id" ] || { echo "Error: Failed to get asset id, response: $response" | awk 'length($0)<100' >&2; exit 1; } GH_ASSET="$GH_REPO/releases/assets/$id"  # Download asset file. echo "Downloading asset..." >&2 curl $CURL_ARGS -H "Authorization: token $GITHUB_API_TOKEN" -H 'Accept: application/octet-stream' "$GH_ASSET" echo "$0 done." >&2 

Before running, you need to set your GITHUB_API_TOKEN with your GitHub token (see: /settings/tokens at GH). This can be placed in your ~/.secrets file, like:

GITHUB_API_TOKEN=XXX 

Example script usage:

./get_gh_asset.sh :owner :repo :tag :name 

where name is your filename (or partial of it). Prefix script with TRACE=1 to debug it.


In case you wonder why curl fails sometimes with (as mentioned in other answer):

Only one auth mechanism allowed; only the X-Amz-Algorithm query parameter, Signature query string parameter or the Authorization header should be specified.

when running like:

curl -vLJ -H 'Authorization: token <token>' -H 'Accept: application/octet-stream' https://api.github.com/repos/:owner/:repo/releases/assets/<id> 

this is because you're specifying multiple mechanism at the same time, so S3 server doesn't know which one to use, therefore you have to choose only one, such as:

  • X-Amz-Algorithm query parameter
  • Signature query string parameter (X-Amz-Signature)
  • Authorization header (Authorization: token <token>)

and since GitHub redirects you from asset page (when requesting application/octet-stream), it populates credentials automatically in query string and since curl is passing over the same credentials in the request header (which you've specified), therefore they're conflicting. So as for workaround you can use access_token instead.

like image 196
kenorb Avatar answered Oct 08 '22 19:10

kenorb