I am trying to trigger the workflow_dispatch action for a GitHub workflow via REST but I am getting a "not found" error.
My question is similar to this one but the difference is that I am still getting the "not found" error even though the header indicates I am authenticated (the rate limit has increased to 5,000).
Here's my script:
#!/bin/bash
# https://docs.github.com/en/rest/reference/actions#create-a-workflow-dispatch-event
OWNER='myGithubOrganization'
REPO='myRepo'
WORKFLOW_ID='main.yml'
POST_URL="https://api.github.com/repos/$OWNER/$REPO/actions/workflows/$WORKFLOW_ID/dispatches"
echo "Calling $POST_URL"
GITHUB_PERSONAL_ACCESS_TOKEN=$(echo "$PLATFORM_VARIABLES" | base64 --decode | jq '.GITHUB_PERSONAL_ACCESS_TOKEN' --raw-output)
# -i to include headers.
curl \
-i \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token $GITHUB_PERSONAL_ACCESS_TOKEN" \
$POST_URL \
-d '{"ref":"ref"}'
In the headers, I see the rate limit has increased to 5,000, so I know I am logged in.
The personal access token has the following permissions:
repo
workflow
admin:org_hook
The personal access token is for a machine user.
In the repo settings, under "Collaborators and teams", the machine user account has the "Read" role.
What more do I need to do to trigger the workflow?
The machine user needs to have write access, not read access.
This is true even if the workflow does something like run CI tests and does not write any code.
Related
Using the github API I am trying to manually start a workflow using:
curl \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: MY_TOKEN" \
https://api.github.com/repos/djpr-data/djprdashdata/actions/workflows/refresh-data.yaml/dispatches
but I keep getting an authentication error:
{
"message": "Must have admin rights to Repository.",
"documentation_url": "https://docs.github.com/rest/reference/actions#create-a-workflow-dispatch-event"
}
This seems to be a similar issue to this question. But my PAT token has all admin and repo scopes selected. I also have my user account setup as admin for the repository and I have added a workflow dispatch to the workflow yaml file.
workflow_dispatch:
inputs:
tags:
description:
"run from cmdline"
I have been following the docs at https://docs.github.com/en/rest/actions/workflows#create-a-workflow-dispatch-event and have had no problems using the API to retrieve all previous workflow jobs. I have also tried the runs and jobs endpoints but get the same error. So I am now not sure what else I can do. Is there somewhere else I need to set permissions?
Thanks
This is a poor error message to tell you that your request is not formed correctly. If you want to pass a PAT as a header, you need to prefix it with token, as described in the docs:
-H "Authorization: token MY_TOKEN"
Once that's resolved, however, you'll also get an error because you don't pass the required ref payload. Assuming your default branch is main, here's a correct curl command:
> export MY_TOKEN=gha_abcdef
> curl \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: token $MY_TOKEN" \
-d '{"ref": "main"}' \
https://api.github.com/repos/djpr-data/djprdashdata/actions/workflows/refresh-data.yaml/dispatches
Is it possible to create a new environment for a repository https://github.com/org/repo/settings/environments using the gh cli?
The only mention of environment I can find in the manual is here https://cli.github.com/manual/gh_secret_set where it says you can assign a secret to an existing environment, but it seems the environment would have to be created manually.
From what I'm seeing here in the gh cli repo that's going to be a no at this time. The issue [linked] is an enhancement request for just that.
I too wanted to know if this could be done, as it's part of my workflow to inject environment secrets.
You can still use the API to create it though.
curl -X PUT \
-H 'Authorization: Bearer ghp_...' \
-H 'Accept: application/vnd.github.v3+json' \
https://api.github.com/repos/<org>/<repo>/environments/<env>
Basically you need to create the environment first, then you can set branch policies:
jq -n '{"deployment_branch_policy": {"protected_branches": false, "custom_branch_policies": true}}'|gh api -H "Accept: application/vnd.github+json" -X PUT /repos/:owner/:repo/environments/dev --input -
gh api --method POST -H "Accept: application/vnd.github+json" "/repos/Oceaneering/it_infra_base_application_bootstrapper/environments/dev/deployment-branch-policies" -f name=dev
I wrote a python script for my use case that uses the gh cli to create environments and can include a branch pattern.
https://gist.github.com/walkerk1980/8a6f6879b32260360854a89bb880a48d
I tried to use GitLab API to create a new project. This worked, but this is in my user space:
curl \
--header "Authorization: Bearer ${GITLAB_API_TOKEN}" \
--request POST \
"https://gitlab.com/api/v4/projects/?name=$test-proj"
But I wanted to do it under a specific group with group_id <group_id> (I blanked it here). The most sensible approach that occured to me was:
curl \
--header "Authorization: Bearer ${GITLAB_API_TOKEN}" \
--request POST \
"https://gitlab.com/api/v4/groups/<group_id>/projects/?name=test-proj
But this did not work. Are there any suggestions on how I could achieve this?
I consulted the following references
https://forum.gitlab.com/t/create-a-new-project-in-a-group-using-api/1552
https://docs.gitlab.com/ee/api/projects.html#create-project
The GitLab documentation mentions the path or namespace_id attribute (although I would actually be in search of a group_id attribute). I am not sure about path and how to specify that. I tried - without success - to retrieve the namespace_id via
curl --header "PRIVATE-TOKEN: ${GITLAB_API_TOKEN}" "https://gitlab.example.com/api/v4/namespaces"
It is well possible that I might not have the rights to do the required operation. Therefore a reference to an official (GitLab) documentation together with a test curl command that works would be very helpful to me - thank you!
For anyone looking for the direct command:
STEP 1:
Navigate as below and identify the group ID from GUI:
Admin Area -> Groups -> GroupName
STEP 2:
Construct the command with two parameters viz., name, namespace_id
curl --header "PRIVATE-TOKEN: <myprivatetoken>" -X POST "https://gitlab.com/api/v4/projects?name=myexpectedrepo&namespace_id=38"
Both users and groups are considered "namespaces" as far as the Gitlab API is concerned, so you can use either a group ID or a username in the namespace_id field. You can see this in use by getting a single namespace with either a Group ID (that you can see in the /groups API call, or from a Group's "profile" page) or a username:
# this will show the namespace details of the Group with ID 54
curl --header "PRIVATE-TOKEN: ${TOKEN}" "https://gitlab.com/api/v4/namespaces/54
# this will show the namespace details of the User with username my-username
curl --header "PRIVATE-TOKEN: ${TOKEN}" "https://gitlab.com/api/v4/namespace/my-username
If you have the appropriate access level, you can assign a git remote to your local repository that includes your group name. Then, the push event will trigger GitLab to create the remote repository.
$ mkdir project_name && cd $_
$ echo "# project_name" > README.md
$ git init; git add .; git commit -m initial
$ GITLAB_HOST="gitlab.com"
$ git remote add origin git#${GITLAB_HOST}:group_name/project_name.git
$ git push origin HEAD
Then, point your browser to ${GITLAB_HOST}/group_name/project_name
https://docs.gitlab.com/ee/user/group/#specify-who-can-add-projects-to-a-group
Is there a way I can post a comment on a Github Pull Request via the command line? The ideas is that I want Jenkins to post comments on Pull Requests with a summary of the results of a script.
This is absolutely possible with nothing more than curl.
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
-H "Authorization: Bearer $GITHUB_TOKEN" \
https://api.github.com/repos/octocat/hello-world/issues/42/comments \
-d '{"body":"Hello Github!"}'
Read more about the API in use here https://docs.github.com/en/rest/reference/issues#create-an-issue-comment
NOTE: This assumes you have a Personal Access Token stored in an environment variable named GITHUB_TOKEN
It's not possible without third party extensions.
You may be intrested in this: https://github.com/stephencelis/ghi
Sorry I can't help more!
This is a little late, but this sounds like exactly what you are looking for:
gh pr comment 6 --body "Hi from GitHub CLI"
https://cli.github.com/manual/gh_pr_comment
Simply allows you to add comments to a pr from a given pr number.
I can send an email from a ServiceM8 account through the ServiceM8 API 'message services' (http://developer.servicem8.com/docs/platform-services/message-services/), and read the resulting ServiceM8 message-id.
But I would like to relate that message to a specific job within ServiceM8, so that it will appear as an email item in that job's diary in the ServiceM8 web application. (Emails sent from within the ServiceM8 web application are related to the diary and appear there - my question is about how to do this from the API).
Worst case, I could create a new 'Note' containing the email text and add that to the job in the hope that it would show up in the diary in the web application as a note.
But I want to check there isn't an easier way since sending the email results in there already being a relatable message-id available within ServiceM8.
Thanks
Using the messaging services API, can't be done. Using the web API, you can do just that.
There's an authorisation code required, which is specific to your account and to this function, you only need to retrieve it once, and then you can integrate that specific URL into your code. It's contained within the ClientSidePlatform_PerSessionSetup URL.
Here is a script that will grab the E-mail URL specific to your login:
Syntax: ./getsm8emailurl.sh "email#address.com" "password"
#!/usr/bin/env bash
#getsm8emailurl.sh
#Create Basic auth
user="$1"
pass="$2"
pass="$(echo -n "${pass}" | md5sum | cut -f1 -d' ')"
auth="$(echo -n "${user}:${pass}" | base64)"
#Get Account specific e-mail url
email_url="https://go.servicem8.com/$(curl --compressed -s -L "https://go.servicem8.com/$(curl --compressed -s -L "https://go.servicem8.com/" -H "Authorization: Basic $auth" | grep -o 'ClientSidePlatform_PerSessionSetup.[^"]*' | grep -v "s_boolFailover")" -H "Authorization: Basic $auth" | grep -o "PluginEmailClient_SendEmail.[^']*")"
#Output base e-mail URL
echo "$email_url"
Once you have the email url, (will start with https://go.servicem8.com/PluginEmailClient_SendEmail and will end with the s_auth code), you can use it like any other rest endpoint.
Required Header Values:
Authorization (same as regular API)
Required Post Params:
s_form_values="guid-to-cc-subject-msg-job_id-attachedFiles-attachedContacts-strRegardingObjectUUID-strRegardingObject-boolAllowDirectReply"
(these have to stay just as they are)
s_auth="your_account_s_auth_code"
to="recipient#domain.com"
Optional Post Params:
subject="subject"
msg="html message body"
boolAllowDirectReply="true|false" (Can recipient reply directly to job diary)
strRegardingObject="job|company"
strRegardingObjectUUID="job|company uuid"
DEMO
#!/usr/bin/env bash
#sendemail.sh
#demo here using random auth codes and uuids
curl --compressed -s "https://go.servicem8.com/PluginEmailClient_SendEmail" \
-H "Authorization: Basic dGVzdHVzZXJAdGVzdGRvbWFpbi5jb206dGVzdHBhc3M=" \
-d s_form_values=guid-to-cc-subject-msg-job_id-attachedFiles-attachedContacts-strRegardingObjectUUID-strRegardingObject-boolAllowDirectReply \
-d s_auth="6akj209db12bikbs01hbobi3r0fws7j2" \
-d boolAllowDirectReply=true \
-d strRegardingObject=job \
-d strRegardingObjectUUID="512b3b2a-007e-431b-be23-4bd812f2aeaf" \
-d to="test#testdomain.com" \
-d subject="Job Diary E-mail" \
-d msg="hello"
Edit/Update/Disclaimer:
This information is for convenience and efficiency - memos, quick tasks, notifications, updates, etc. This isn't to be relied upon for critical business operations as it is undocumented, and since it does not process JS like a browser would, it could stop working if the inner workings of the service changed.