I'm practicing with GitHub API using curl.
I've authenticated my request about my own repos, and the GitHub guides suggest the x-rate-limit (cap on requests per hour) should go up to 5000.
This did indeed happen on first request.
I entered
curl -i -u Vanilla https://api.github.com/users/Vanilla
Then got prompt for password and entered my PAT.
Header info showed x-rate-limit of 5000.
Since then I exported my PAT to a variable and called
curl -i -u Vanilla:$var https://api.github.com/users/Vanilla
This returned x-rate-limit as 50.
Now, even if I use the previous format of just username and enter PAT when prompted, x-rate-limit still capped at 50.
I'm confused as to why.
Any help much appreciated.
Thanks
Related
I referred to many documents to get the logs of GitHub using GitHub API. But I couldn't find the way. I want to get the logs of GitHub events(commit, changes, etc..) and send them to cloudwatch. How can I achieve this? Or any other way to get the log without using authentication?
For example, I need a command like this so that I can get the logs without touching GitHub
curl -i -H "Authorization: token <PAT token>." \
https://api.github.com/user/repos
or any program to get the logs is welcome
or Any rest API to get the GitHub logs
I am not familiar with GitHub. can anyone give me a solution or idea?
below I mentioned the links that I have followed. Anyone can refer and if possible modify any command or API call to get the logs it would be great.
https://www.softwaretestinghelp.com/github-rest-api-tutorial/
https://dev.to/gr2m/github-api-authentication-personal-access-tokens-53kd
https://titanwolf.org/Network/Articles/Article?AID=f441bab7-8fc8-45ae-b12b-4c41efbbe2d1
I am trying to write a custom Concourse resource (in Python) that accesses the Concourse instance's REST API for information. I'm stuck at obtaining the bearer token at login. The issue is that when I follow the gist of this shell script
#!/bin/bash
## Variables required #need to update these to take inputs for getting token per team and target.
CONCOURSE_URL="http://localhost:8080"
CONCOURSE_USER="test"
CONCOURSE_PASSWORD="test"
CONCOURSE_TEAM="test"
CONCOURSE_TARGET="my-concourse"
function get_token() {
## Create a file named token that will be used to read and write tokens
touch token
## extract the LDAP authentication url and write to token file
LOCAL_AUTH_URL=$CONCOURSE_URL$(curl -b token -c token -L "$CONCOURSE_URL/sky/login" -s | grep "/sky/issuer/auth/local" | awk -F'"' '{print $4}')
echo "url is $LOCAL_AUTH_URL"
# login using username and password while writing to the token file
curl -s -o /dev/null -b token -c token -L --data-urlencode "login=$CONCOURSE_USER" --data-urlencode "password=$CONCOURSE_PASSWORD" "$LOCAL_AUTH_URL"
ATC_BEARER_TOKEN=`grep 'Bearer' token | cut -d\ -f2 | sed 's/"$//'`
echo $ATC_BEARER_TOKEN
}
there are many redirects involved, and at least some of them refer to the concourse instance as being at http://localhost:8080, which does not work from inside the docker container of the resource.
So I wanted to parametrize the external base url and explicitly give it in resource config. Manually handling the redirects and rewriting the local IP into the URL fails at the last "approval" step with a code 400, probably because it looks like some kind of a cross-domain attack.
The environment variable ATC_EXTERNAL_URL is always localhost:8080 and I suspect that this is also used when forming out the redirect urls. Can this be set somewhere?
I'm bad at golang, but it seems to me that https://github.com/concourse/concourse-pipeline-resource calls the fly binary to achieve some kind of login from inside a resource. Can't say I can get what it does and how.
All help appreciated...
The env var $ATC_EXTERNAL_URL most likely corresponds to the external url specified when you start Concourse, so yes, it can (and if you're using external auth like Github or OAuth, must) be changed. You're correct in assuming that it's used to construct callback URLs.
Also, I don't want to be That Guy(TM), but the Concourse REST API is not public and is subject to change at any time. What are you trying to do that you can't get from the fly CLI? Your resource could call the ATC_EXTERNAL_URL to get the fly CLI when it's needed then execute commands that way.
I am running a script which clones multiple repositories in my GitHub project organization. After running the script twice or thrice, I get an 128 error
git -c core.fsyncobjectfiles=0 ls-remote ssh://git#github.com/project-xyz/abc.git failed with exit code 128
and this works again after some time. I am guessing that this is a rate limiting issue.
Github page says ratelimit for unauthenticated requests is 60 per hour and I guess I am hitting that by running my script multiple times. My ssh key is added to Github.
I was under the assumption that cloning git repos using ssh are considered authenticated requests. My error leads me to believe that those are treated as unauthenticated requests.
I want to know what are differences between authenticated and unauthenticated requests in GitHub?
First, check the SSH access with:
ssh -Tv git#github.com
And fix the URL: it should be
ssh://git#github.com/project-xyz/abc.git
# not
ssh://git#wwwgithub.com/project-xyz/abc.git
Second, the rate limiting is for API calls (Example: curl -i https://api.github.com/users/octocat)
I suppose any kind of direct Git call to GitHub would be limited, authenticated or not.
I'm trying to pull data from veracode(json or xml). I tried to use curl to connect to the api but i keep getting the error:"Failed to connect to analysiscenter.veracode.com port 443:Timed out".
curl --compressed -u USERNAME:PASSWORD https://analysiscenter.veracode.com/api/5.0/getapplist.do -F "include_user_info=true"
According to veracode documentation, to connect to the API, one needs to have Reviewer or Security Lead role.I have both Reviewer and Submitter role.The curl command should return some data like this:
xsi:schemaLocation="https://analysiscenter.veracode.com/schema/2.0/applist https://analysiscenter.veracode.com/resource/2.0/applist.xsd" >applist_version="1.2" account_id="123">Code" policy_updated_date="2013-11-11T14:37:34-05:00"/>
create_application_profile="true" create_sandbox="true" >create_new_build="true" assign_app_to_team="true" >assign_app_to_any_team="true" view_sandbox="true" view_results="true" >approve_mitigations="true" submit_static_scan="true"/>
this looks like a network issue, based on the error that you pasted. Can you ping the URL?
CURL also needs some configuration to use SSL. See this answer for some tips:
Configuring cURL for SSL
I’m trying to use the Github v3 API - I already implemented the required OAuth flow and it works well.
Now I’m trying some of the Repos API endpoints (http://developer.github.com/v3/repos/).
So far, I’m able to get a List of my repos using: GET /user/repos
However, when I try to create a repo using POST /user/repos, I get a 404.
Any thoughts what I might be doing wrong?
Joubert
Can you please tell us how exactly you did the HTTP request? The 404 sounds like you were using a wrong path, probably. But to give a reliable answer instead a wild guess, we need to see your request, including how you are sending your token, just mask it with 'xxx' or something.
I'll show you in the meantime an example request, that is working:
curl -XPOST -H 'Authorization: token S3CR3T' https://api.github.com/user/repos -d '{"name":"my-new-repo","description":"my new repo description"}'
You would need to replace the OAuth token of course: S3CR3T
I had the same issue. The reason why you are getting a 404 with your oauth access token is that when you authorize to github you need to also additionally pass the scopes you want. For example, in the header you should see "X-OAuth-Scopes: repo, user", which means this user has read/write access to his profile and repositories. Once you have set the correct scopes you should be able to do POST/PUT requests just fine.
To see whether or not you have the correct permissions. You can do something like the following. Substitute the XXXXXXX with your access token.
curl -I https://api.github.com/user?access_token=XXXXXXXX
For creating repositories as a user you can use an personal access token and basic auth, which can be much simpler when you are fluffing around on the command line and have 2FA enabled.
curl -d '{"name":"test"}' -u githubuser:personaccesstoken https://api.github.com/user/repos
Create a personal access token here https://github.com/settings/tokens and make sure it has the 'repo' scope.
This script lets you read in in the token and project name as variables so you can use it in a script
#!/usr/bin/env bash -u
#
TOKEN=`cat token_file`
PROJECT=myproject
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -d '{"name": "'"$PROJECT"'"}' https://api.github.com/user/repos?access_token=$TOKEN