I'm trying to use VSTS's REST API to create a new file in a repository. I've used Microsoft's documentation, https://www.visualstudio.com/en-us/docs/integrate/api/git/pushes#add-a-text-file, but I keep getting an error saying the following:
The requested resource does not support http method 'POST'.
Here's the request I'm sending to the API:
POST https://company.visualstudio.com/DefaultCollection/project_ID/_apis/git/repositories/repository_ID/pushes?api-version=1.0
My credentials are properly configured, as it's getting to the resource (using basic authentication with a PAT). The project and repo ID were gathered using a similar GET request, which worked fine.
I've tested this request using POSTMAN, and it blurts out the error mentioned above. I've made sure to configure the header as application/json, but it does nothing.
Also tried different versions of the API, always the same error.
Is there something I'm missing ? The documentation clearly states that this should work using POST, so I'm really confused.
Thanks in advance.
Please note that the project_ID should not be included in the URL.
Just try below REST API:
POST https://company.visualstudio.com/_apis/git/repositories/{repository ID}/pushes?api-version=4.1-preview.2
Content-Type: application/json
{"refUpdates":[{"name":"refs/heads/Dev","oldObjectId":"53e349753ff5a081346babe32255eb6c5da63a5a"}],"commits":[{"changes":[{"changeType":1,"item":{"path":"/test.txt"},"newContent":{"content":"123test","contentType":0}}],"comment":"Added file test.txt"}]}
Note that you need to use the latest commit SHA as the oldObjectId every time to run it, otherwise it will response 409 Conflict error.
Follow below steps to get the latest commit SHA:
Go to the Code page > Files
Choose a repository and branch
Select the root level (repository name) > History
Click … of the first commit > Copy full SHA
Related
I am trying to follow these docs to download an artifact from github using githubs API:
https://docs.github.com/en/rest/actions/artifacts#download-an-artifact
I ran the curl command given in the docs, and it gave me the following url from which to download the artifact (I have replaced the specifics with ...)
https://pipelines.actions.githubusercontent.com/serviceHosts/..../_apis/pipelines/1/runs/16/signedartifactscontent?artifactName=my-artifact&urlExpires=....&urlSigningMethod=HMACV2&urlSignature=....
I am able to download the artifact by putting the URL into my browser (it automatically downloads when the URL is visited) however I tried to use wget to download it via console and got this error:
wget https://pipelines.actions.githubusercontent.com/... # the command I ran
HTTP request sent, awaiting response... 400 Bad Request # the error I got
How can I download a zip file to console? Should I use something other than wget?
I'd like to clarify that viewing this link in the browser is possible even when not logged in to github (or when in private browsing). Also, I can download the zip file at the link as many times as I would like before the link expires after 1 minute. Also my repo is private, which is necessary for my work. I need to use an access token when doing the curl command as described in the docs, however the link that is returned to me does not require any authentication when accessed via a browser.
The api docs seem a bit ambiguous here. It is possible that the redirect can only be accessed a single time in which case you should try generating the redirect and first using wget to parse it. You can then unzip the file using the unzip command.
If that is not the case I believe this statement in the api docs is key:
Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.
My guess is that your repository is private and you are logged in on the browser to Github which allows you to be authenticated hence why you are able to download from the redirect link. I would suggest trying from incognito mode to test this.
Migrating the repository to public would allow you to bypass this issue. Alternatively you can pass the authentication token as a header to wget like so in order to authenticate with the server to pull the file.
header='--header=Authorization: token <TOKEN>'
wget "$header" https://pipelines.actions.githubusercontent.com/... -O output_file
The problem was that I didn't put quotes around my url. I needed to do this:
wget "https://pipelines.actions.githubusercontent.com/serviceHosts/..../_apis/pipelines/1/runs/16/signedartifactscontent?artifactName=my-artifact&urlExpires=....&urlSigningMethod=HMACV2&urlSignature=...."
Background
We are writing some documentation for our support team.
We want to include links to files that are stored in private GitHub repositories.
We do not want the documentation to become stale if somebody refactors the code in the private GitHub repositories, so instead I am setting up a CI job that parses the documentation (with jsoup if you are interested) and finds all the links.
Once we have all the links we start checking them.
NOTE: we have written a custom link checker, because one of the critical set of links we have is for our monitoring solution, and sadly (also understandably) the SaaS we are using returns 404's for any unauthenticated requests on the URLs of the alerts.
The SaaS itself uses a 2FA to access the Web UI, so what we have ended up doing is parsing the URLs and then constructing an equivalent call to the SaaS API to validate the link.
For the monitoring system we use, this is easy: all the URLs are the same format.
Question
Can we validate a random GitHub URL as valid (ideally using only curl - I can translate to my chosen HTTP client from there, and curl gives a more generic answer) using a Personal Access Token? And if so, how?
The URLs could be:
simple direct to repo URLs: https://github.com/<org>/<repo>
direct to branch URLs: https://github.com/<org>/<repo>/tree/<branch>
file URLs: https://github.com/<org>/<repo>/blob/<path/to/file>
diff URLs: https://github.com/<org>/<repo>/compare/[<branch>...]<branch>
other URLs that are based on the presence of the repo and do not vary in child path, e.g. https://github.com/<org>/<repo>/pulls, https://github.com/<org>/<repo>/settings/collaboration, etc
plus who knows what other URLs people will add within the docs...
Things I have tried that didn't work
HTTP Basic authentication with the Personal Access Token as the password, e.g.
curl -I -u stephenc:2....token.redacted....b https://github.com/stephenc/<repo-name>
HTTP/1.1 404 Not Found
HTTP Bearer authentication, e.g.
curl -I -H "Authorization: bearer 2....token.redacted....b" https://github.com/stephenc/<repo-name>
HTTP/1.1 404 Not Found
It looks like it works for some URLs (no idea which ones).
I can access curl -u agentgonzo:$TOKEN https://raw.githubusercontent.com/agentgonzo/repo/path/to/file using the API Token as my username, but the same doesn't work on https://github.com URLs. Not sure if this will help you or not.
I got an answer from GitHub Support: No
Since a personal access token won't work for GitHub web UI URLs, no, there isn't a way to verify all possible GitHub private repo URLs without making API calls in some cases.
I am facing the issue in calling the OneDrive for Business API to work. Below are the steps I have followed till now:
Created a Web App/API application in Microsoft Azure Portal (A very tricky process). Gave all the permissions.
Got Application ID (A_ID) from there.
Went to the URL to get the 'code' via browser:
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=<A_ID>&redirect_uri=<URI>
Got the code. Did a callout via POSTMAN (using the code, client ID, client secret and redirect URI) to the URL: https://login.microsoftonline.com/common/oauth2/token
Received an Access Token (AT) and other details.
NOW, when I want to use this AT to upload a file, I am getting the error. The URI is: https://<tenant>/_api/v2.0/me/drive/root:/Abc.txt:/content. For headers, I am passing: Authorization-> Bearer AT; Content-Type -> application/octet-stream
The error is:
{"error":{"code":"unauthenticated","message":"Token contains invalid signature.","innerError":{"code":"invalidSignature"}}}
I don't know where the issue is. Is it in the tenant name I am using (There is a chance that I might be using it wrong!) OR is it in the permissions OR I have not set up the app in the Azure Portal correctly OR is it something entirely different.
I have manually added a web hook to my repository, but when I query the repository using the API I get
{
"message": "Not Found"
}
what is wrong?
the url: https://api.github.com/repos/akonsu/kamyanov-art.com/hooks/
First, don't put the extra '/' at the end.
That will get you an message "Not Found" every time, authenticated or not.
Second, to add to Ivan's answer, you need to authenticate to access that information about a repo (public or private).
As mentioned in the "API Getting Started" page:
HTTP/1.1 404 Not Found
{
"message": "Not Found"
}
Oh noes! Where did it go?
If you’re a grizzled HTTP user, you might expect a 403 instead.
Since we don’t want to leak information about private repositories, the GitHub API returns a 404 in this case, as if to say “we can neither confirm nor deny the existence of this repository.”
That is why you see a "Not Found" here.
See issue 294
fwiw, I was scratching my head on this same issue trying to debug a hook, and the solution was to pass basic authentication on the request.
You are probably trying to access the API endpoint without authorising (in which case he API will return a 404 response and the JSON error you mentioned). Try passing your credentials with:
curl -v -u akonsu https://api.github.com/repos/akonsu/kamyanov-art.com/hooks
I want to programmatically get a list of open pull requests for a specific private github repository - ours, as it turns out. I assume I can only do this via the github api (http://developer.github.com/) - feel free to tell me there's another way - but I can't figure out whether the API allows this, either. The given API calls seem to assume the target repository is public, which ours is not. I would have thought there would be a way to authenticate as a user of the given repository via ssh key (the same way committing works), but I don't see anything to that effect. All in all I'm puzzled and not at all sure I can actually do this. Am I missing a crucial part of the documentation, or is there possibly some alternative I can leverage?
Yes, the GitHub Pull Requests API supports private repos also. You just need to authenticate or you will get an error saying that the repository does not exist.
Example using curl and basic authentication:
curl -u "username" https://api.github.com/repos/:user/:repo/pulls
This will then prompt you for your password and return a list of pull requests as described in the API docs.
Also check out the docs on authentication: http://developer.github.com/v3/#authentication