Grunt requires a github authentication token while it is executed during a docker build for an image. How do I provide grunt with the required token? Interactive passing doesn't work (as I already exacted).
The message of grunt is:
Running "volo:add:-nostamp:twbs/bootstrap/3.3.2:packages/bootstrap/" (volo) task
GitHub auth required for api.github.com/repos/twbs/bootstrap/tags: {"message":"API rate limit exceeded for XXX.XXX.XXX.XXX. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://developer.github.com/v3/#rate-limiting"}
GitHub access token required to complete action. In a web browser, go to:
https://github.com/settings/tokens
and generate a new "Personal access token" for volo. Only "repo" and "public_repo" permissions are needed. Paste the generated token below.
GitHub Personal Access Token:
You can change the URL of the repository to:
https://<token>:x-oauth-basic#github.com/MyApp/myapp.git
More informations at: https://devops.profitbricks.com/tutorials/configure-a-docker-container-to-automatically-pull-from-github-using-oauth/
Related
According to this post, I should be able to generate a personal access token under my profile that has access to an organization's private repo, and use this personal access token for authentication to access an organization's private repo via Github-api.
However, when using this token, I get a 401 Unauthorized response / "Bad credentials". Is there extra permissions needed for my profile in order to use the Github API on that organization's private repo? Is there scopes I should have checked off when making my personal access token in order for it to work? My profile has the permission to read and contribute to the org repo, so I am confused why my profile's access token is met with a 401.
I ultimately want to run GET {{root}}/repos/{{owner}}/{{repo}}/contents/, where the owner is the organization name. Oddly, when using my personal access token on my own forked copies of the organization's repo, I also get a 401 Unauthorized.
EDIT: I checked off all possible scopes to attach to a token. Even with this token, I still get a 401 "Bad Credentials". There must then be a different set of permissions between being a contributor to a repo versus using the github-api to query the repo. Correct?
I need to create documentation giving instructions to generate a Personal Access Token that will only need to create Pull Requests on Github.
I've read the documentation describing the various OAuth scopes, but it is still not clear to me which OAuth scope(s) I need to select in order to be able create a Pull Request.
What OAuth scope(s) need to be selected for users to be able to create Pull Requests?
From https://docs.github.com/en/rest/reference/pulls#create-a-pull-request:
To open or update a pull request in a public repository, you must have write access to the head or the source branch. For organization-owned repositories, you must be a member of the organization that owns the repository to open or update a pull request.
The repos scope should be needed.
And, with the GitHub CLI gh v2.22.0 (Jan. 2023), you can search from within your local cloned GitHub repository:
See gh auth status --show-token: it will display the auth token you are using.
I'm trying to use the TFVC API from a build task without using Personal Access Token.
I've read that if I'll use the Client SDK it should authenticate automatically but I'm failing to get it working.
Another alternative I'm considering is to run tf.exe but it requires authentication as well.
Basically I would like to get the changesets for a certain build using my Build Task with minimum info from the user (hence I don't want Personal Access Token or Username/Password).
Is that doable?
You should be able to authenticate with an OAuth token. It's populated in the build variable $(System.AccessToken) or the environment variable SYSTEM_ACCESSTOKEN.
You provide it to the REST API with the header Authorization set to Bearer [token], where [token] is the OAuth token value.
If you queue a build with TFVC repository and then check the logs for "Get Sources" step, you will find how to use TF.exe to get source during the build.And then you can copy the command and use it in a CommandLine/PowerShell task like following:
Make sure that "Allow Scripts to access token" option is enabled.
I'm trying to post an issue on GitHub with the GitHub API.
I looked at the API documentation,
https://developer.github.com/v3/issues/#create-an-issue
but I can't figure out where the account information should go in the request body.
How should I authenticate this request?
You can see example of scripts posting issues in:
"'mapserver-trac-importer" (authentication github_post, with user/password)
"simple basic-auth node github api" (authentication here, with user/password)
".bashrc" (authentication in curl, with oauth)
As described in API V3 authentication, you can either user username/password, or an oauth token.
Note that if you have activated the 2FA (2 Form Authentication), you will need an oauth token.
I prefer oauth anyway, because you can revoke the token at any time (token that you can create just for this script), without having the hassle to change your password (which you could use in multiple other instances).
We have a build system on our network that frequently hits the github api limit for our company's IP address. This, of course, also blocks local developers.
The readme indicates that we should be able to authenticate for more requests, but I can't see how.
The Github API has a 60-requests-per-hour rate-limit for
non-authenticated use. You'll likely never hit this as TSD uses local
caching and the definition files are downloaded from Github RAW urls.
If you need some more then a scope-limited Github OAuth token can be
used to boost the limit to 5000.
From the tsd page on npm:
.tsdrc
This is a optional JSON encoded file to define global settings. TSD looks for it in the user's home director (eg: %USERPROFILE% on Windows, $HOME / ~ on Linux), and in the current working directory.
"proxy" - Use a http proxy
Any standard http-proxy as supported by the request package.
{
"proxy": "http://proxy.example.com:88"
}
"token" - Github OAuth token:
The OAuth token can be used to boost the Github API rate-limit from 60 to 5000 (non-cached) requests per hour. The is token needs just 'read-only access to public information' so no additional OAuth scopes are necessary.
{
"token": "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
}
You can create this token on Github.com:
Go to https://github.com/settings/tokens/new
Deselect all scopes to create a token with just basic authentication.
(verify you really deselected all scopes)
(wonder why these presets were set??)
Enter a identifying name, something like "TSD Turbo 5000"
Create the token.
Copy the hex-string to the token element in the .tsdrc file.
Verify enhanced rate-limit using $ tsd rate
Change or revoke the token at any time on https://github.com/settings/applications
Note: keep in mind the .tsdrc file is not secured. Don't use a token with additional scope unless you know what you are doing.
The bare 'no scope' token is relatively harmless as it gives 'read-only access to public information', same as any non-autenticated access. But it does identify any requests done with it as being yours, so it is still your responsibility to keep the token private.