I am looking for how I can have my website make XHR API calls to Github for my project to display info like # of issues, # open PRs, top contributors, links to latest releases ... etc. It's all public info that you can see going to the public Github website, but i want to be able to pull it and surface/highlight pieces on my project's Web site. Do i just need to make a read-only API token and use that in my code (everyone can see it, but i guess i dont really care if other people see/use it?) .. or if a simpler, no-auth, API Github provides for this sort of info?
I feel like i'm missing something obvious - but my Googling always leads me to more complex use cases.
Related
At my company, we have a CLI which allows our customers to upload data to our backend solution. The CLI runs on PR changes within a job. Let's assume the uploaded data looks like this:
{
name: "John",
age: 20,
}
Once the upload is completed, I'd like to create a comment on the PR with to following body:
John is 20 years old.
I've found the following ways to do this:
GitHub App (a bot)
GitHub OAuth App
Personal Access Token
GITHUB_TOKEN
GitHub App
The GitHub App needs to do the following things:
Fetch the data via a user-specific API key
Create a comment
I already created a comment via a bot, but I have no clue how to fetch the data.
As far as my understanding goes, I'd like other users to be able to install this GitHub app from the marketplace to work out of the box. From the ProBot Docs I understand that the bot operates on a webhook basis. Meaning I need to subscribe to a 'job completed' event (not sure if that's the correct name but I think you get the idea) and then fetch the data via a user-specific API we are providing on our platform. However, I see no way for the user of our App to configure an API key (or any form of secret) so the bot can make authenticated requests to our endpoints.
I'd prefer to use GitHub App because the comment coming from the bot would have our company branding and also an indicator that this comment has been created by the integration.
OAuth App
I already tested this by using Postman, however, the comment looks like it's coming from a specific user. Therefore, it has no company branding and it's not clear that an integration created the comment. However, the great part is that we could integrate this with our application, so our backend could create the comment once the data is received.
What I like about this approach is that we also need to implement such a feature for GitLab, Azure, etc, and using OAuth likely scales well with the other providers in comparison to the GitHub app, which is GitHub-specific.
Personal Access Token
Works pretty much like the OAuth App, but instead of our backend creating the comment, the comment is created by the CLI (and the access token is passed into the CLI). However, I think this approach is a bit sketchy.
GITHUB_TOKEN
While I haven't tried this yet, I assume that the token has limited but sufficient permissions to create a comment. As of now, I don't know what the comment will look like, but I think we can rather safely pass this into the CLI to create the comment from there. Since the permissions are limited and the token is invalidated after the workflow I see limited risk for the user of our CLI (and services).
Edit: The comment is coming from the github-actions bot, which is not the branding we are looking for, but it's clear that the comment has been created by the integration.
Questions
What's the best way to accomplish what I am trying?
Is there any way I can make this work with GitHub Apps (aka bots)?
EDIT: See comments on Schwern's answer for what I'm looking for in general. It doesn't have to be exactly what I'm asking for in the question
I have a web app which is an editor. I would like users to be able to give me a GitHub file URL, my app would automatically load in the file from GitHub, and then I make a process for them which is as easy as possible to submit that change to GitHub again. Ideally the user wouldn't need to save / upload a file or do any copy/pasting.
GitHub has a URL scheme where you can go to an "Edit" page for a file, make your changes, and then create a PR or create a commit (depending on what you would like to do and your permissions). This is an example:
https://github.com/rails/rails/edit/main/README.md
Looking at the HTML for the form I see that some of the fields have names associated. Using those names I can auto-fill the commit title and description:
https://github.com/rails/rails/edit/main/README.md?message=foo&description=bar
But I can't find a way to automatically fill in/replace the actual contents of the file. Is there a way?
I realize that for some browsers URLs can only be so long (maybe that's not true anymore?), so maybe this isn't perfect. I'd also be open to other suggestions on how to accomplish what I'm looking for.
Don't try to do this via web scraping, it's fragile and slow. Use the Github API.
Specifically, you'd get access via OAuth, get the file, let the user edit it, and then send the edited version.
There is no way to do exactly what you want. The ideal tool for this job is an OAuth App. However, creating one with the GitHub API requires that you store a client ID and a client secret, and there is no secure way to store the client secret in a frontend-only app.
Therefore, you'll need to create a backend to create the OAuth app so that you can issue credentials necessary to use the API on behalf of the user or to push data into the repository via the standard protocols.
As Schwern mentioned, you should not try to do this by driving the GitHub web interface. That isn't a stable interface and may break at any time.
I referred this Microsoft document "MS Rest API documentation for wiki" and was able to get all the pages available in wiki. I was trying to get the published author and published time related information for which there is no available reference.
Is there any Azure DevOps Rest API available to get this information?
Azure Devops - How to get published information of a wiki page using Rest API
I am afraid there is no such REST API at this moment, however you can track it by tools such as Fiddler or press F12 in Chrome browser then select Network.
On the web UI, we could access the View revisions of the Wiki:
We could get the history of this Wiki:
Then we press F12 and click the first history, we could get the REST API like below:
https://dev.azure.com/<OrganizationName>/<ProjectName>/_apis/git/repositories/<WikiName>/Commits/<CommitsId>?
But, if we want to automate it by REST API, This seems impossible at the moment.
To automate it, we need to get the first commit ID for the Wiki, I could use the REST API:
https://dev.azure.com/<OrganizationName>/<ProjectName>/_apis/git/repositories/<WikiName>/Commits/?
Now, I could get the all the commits, but those commits for all Wiki files, and there are no other parameters that can be used to filter out which wiki document the commit is associated with. So, we could not get the first commit for each wiki automatically. That is the current limitation.
Hope this helps.
You can get commits from specific pages: searchCriteria.itemPath=
Here is doc:
https://learn.microsoft.com/en-us/rest/api/azure/devops/git/commits/get-commits?view=azure-devops-rest-6.0
Wiki page path will be: /WikiName/Folder--Name/Page-Name.md
Keep in mind that space in page name or folder name you need to replace with '-'. Also add extension to the page '.md'
I'm using the "github page" to create my personal page, but I'm going to need a hosting service because it will require some queries in the database. How can I use my GitHub Page url as a domain?
GitHub pages is not really designed for this kind of function. It's there to be a static page, where all content on the page is 'hardcoded' (meaning no dynamically generated data). What you're asking falls along the lines of a web application.
But if you're looking to be a maverick, there might be some options out there for you.
I personally haven't done something like this, but found a couple DB services you might want to check out.
Firebase by Google
RdbHost
The above recommendations may be useful if you're expecting data entry from visitors to your page. But if your data is static as well...you might be better off using s JSON file or some alternative where the data can live right in your repo.
I'm working on an app that creates private Github repositories (among other things). Every once in a while, we are over quota with our private repos.
I'd like to know how many repositories we have left before making the API call that will fail.
Can that be done, using the Github API? I couldn't find anything in the documentation, but that's doesn't mean it's not possible :)
awendt, I'm not quite familiar with private quotas, but authenticated users receive a Plan object when the API returns the call to /user. This will tell you what plan you have and will tell you how many private_repos you're allowed. With that information and the information from /user which tells you how many private repos you currently have, you should be able to figure it out.
Then again, you could use github3.py and you'd have the User object, with the plan attribute and could use those two together as described above.
Disclaimer I'm github3.py's author.