如何使用命令行从私有仓库下载 GitHub Release [英] How to download GitHub Release from private repo using command line

问题描述

GitHub 指南 解释了 2 种授权方式，但看起来都不起作用与发布文件.

GitHub guide explains 2 way to authorize but looks neither of those works with the Release files.

由于:

curl -u '用户名' -L -o a.tgz https://github.com/company/repository/releases/download/TAG-NAME/A.tgz

总有这样的事情

<代码><!--你好未来的 GitHubber！...

推荐答案

要从私有仓库下载发布文件，您可以使用可以在 settings/tokens，完全控制私有存储库范围.

To download release file from private repo, you can use Personal access token which can be generated at settings/tokens with Full control of private repositories scope.

然后使用 curl 命令下载资产(更改为适当的值):

Then download the asset with curl command (change with appropriate values):

curl -vLJO -H 'Authorization: token my_access_token' 'https://api.github.com/repos/:owner/:repo/releases/assets/:id'

或者如果您使用的是 OAuth 应用程序，请使用:

or if you're using an OAuth app, use:

curl -u my_client_id:my_client_secret https://api.github.com/repos/:owner/:repo/releases/assets/:id

哪里:

• :owner 是您的用户或组织用户名；
• :repo 是你的仓库名称；

• :id 是您的资产 ID，可以在标签发布 URL 中找到，例如:

• :owner is your user or organisation username;
• :repo is your repository name;

• :id is your asset id, can be found in tag release URL, like:

https://api.github.com/repos/:owner/:repo/releases/tags/:tag 

:token 是您的个人访问令牌(可以在 /settings/tokens;

:token is your personal access token (can be created at /settings/tokens;

注意:使用 access_token 作为查询参数是 已弃用.

Note: Using access_token as a query param is deprecated.

请参阅:GitHub 上的存储库 API v3

这是可以下载指定文件名的资产文件的 Bash 脚本:

Here is the Bash script which can download asset file given specific name of file:

#!/usr/bin/env bash
# Script to download asset file from tag release using GitHub API v3.
# See: http://stackoverflow.com/a/35688093/55075    
CWD="$(cd -P -- "$(dirname -- "$0")" && pwd -P)"

# Check dependencies.
set -e
type curl grep sed tr >&2
xargs=$(which gxargs || which xargs)

# Validate settings.
[ -f ~/.secrets ] && source ~/.secrets
[ "$GITHUB_API_TOKEN" ] || { echo "Error: Please define GITHUB_API_TOKEN variable." >&2; exit 1; }
[ $# -ne 4 ] && { echo "Usage: $0 [owner] [repo] [tag] [name]"; exit 1; }
[ "$TRACE" ] && set -x
read owner repo tag name <<<$@

# Define variables.
GH_API="https://api.github.com"
GH_REPO="$GH_API/repos/$owner/$repo"
GH_TAGS="$GH_REPO/releases/tags/$tag"
AUTH="Authorization: token $GITHUB_API_TOKEN"
WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
CURL_ARGS="-LJO#"

# Validate token.
curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token or network issue!";  exit 1; }

# Read asset tags.
response=$(curl -sH "$AUTH" $GH_TAGS)
# Get ID of the asset based on given name.
eval $(echo "$response" | grep -C3 "name.:.+$name" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')
#id=$(echo "$response" | jq --arg name "$name" '.assets[] | select(.name == $name).id') # If jq is installed, this can be used instead. 
[ "$id" ] || { echo "Error: Failed to get asset id, response: $response" | awk 'length($0)<100' >&2; exit 1; }
GH_ASSET="$GH_REPO/releases/assets/$id"

# Download asset file.
echo "Downloading asset..." >&2
curl $CURL_ARGS -H "Authorization: token $GITHUB_API_TOKEN" -H 'Accept: application/octet-stream' "$GH_ASSET"
echo "$0 done." >&2

在运行之前，您需要使用您的 GitHub 令牌设置您的 GITHUB_API_TOKEN(请参阅:/settings/tokens at GH).这可以放在你的 ~/.secrets 文件中，比如:

Before running, you need to set your GITHUB_API_TOKEN with your GitHub token (see: /settings/tokens at GH). This can be placed in your ~/.secrets file, like:

GITHUB_API_TOKEN=XXX

示例脚本用法:

./get_gh_asset.sh :owner :repo :tag :name

其中 name 是您的文件名(或其中的一部分).使用 TRACE=1 前缀脚本以进行调试.

where name is your filename (or partial of it). Prefix script with TRACE=1 to debug it.

如果您想知道为什么 curl 有时会失败(如其他答案中所述):

In case you wonder why curl fails sometimes with (as mentioned in other answer):

只允许一种身份验证机制；仅应指定X-Amz-Algorithm 查询参数、签名查询字符串参数或Authorization 标头.

Only one auth mechanism allowed; only the X-Amz-Algorithm query parameter, Signature query string parameter or the Authorization header should be specified.

运行时:

curl -vLJ -H 'Authorization: token <token>' -H 'Accept: application/octet-stream' https://api.github.com/repos/:owner/:repo/releases/assets/<id>

这是因为你同时指定了多种机制，所以S3服务器不知道使用哪一种，所以你只能选择一种，例如:

this is because you're specifying multiple mechanism at the same time, so S3 server doesn't know which one to use, therefore you have to choose only one, such as:

• X-Amz-Algorithm 查询参数
• 签名查询字符串参数(X-Amz-Signature)
• 授权标头(Authorization: token )

• X-Amz-Algorithm query parameter
• Signature query string parameter (X-Amz-Signature)
• Authorization header (Authorization: token <token>)

并且由于 GitHub 将您从资产页面重定向(在请求 application/octet-stream 时)，它会在查询字符串中自动填充凭据，并且由于 curl 正在传递相同的信息请求标头中的凭据(您已指定)，因此它们是冲突的.因此，对于解决方法，您可以改用 access_token.

and since GitHub redirects you from asset page (when requesting application/octet-stream), it populates credentials automatically in query string and since curl is passing over the same credentials in the request header (which you've specified), therefore they're conflicting. So as for workaround you can use access_token instead.

这篇关于如何使用命令行从私有仓库下载 GitHub Release的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！