I have implemented Electron AutoUpdater with PRIVATE GitHub Repository as provider to publish electron application. Now, i can publish it using GitHub repository but Whenever AutoUpdater tries to download the updates from GitHub repository, Everytime it prompts with response code 404 Not found.. I have tried passing token in setFeedURL method and also set it in GH_TOKEN but seems like that does not work either.
autoUpdater.setFeedURL({ provider: 'github'
, owner: 'owner'
, repo: 'repo-name'
, token: 'token'
, private: true });
So, Is there any way to get it working with PRIVATE GitHub Repository ?
Are you using electron auto-updater module? from the API documentation, I can see that they don't support.
On the other hand, if you are using electron-updater module, make sure that you are following the recommended release workflow, and you should not use setFeedURL check the note here
Updated:
If you are using electron-updater and you are publishing to a private repository, you will need to make sure that your token will be available within the app-update.yml file, that's why many say it's not recommended, if the token is not set in your app-update.yml file you will get 404.
For electron-updater to auto add your token to the app-update.yml file the token should be set within the publish section like the following:
"publish": [
{
"provider": "github",
"private": true,
"owner": "<github_owner>",
"repo": "<repo_name>",
"token": "<your github token>"
}
],
This will produce a app-update.yml file like the following:
owner: <github_owner>
repo: <repo_name>
provider: github
private: true
token: <your github token>
updaterCacheDirName: electron-updater-private-updater
Check this small video
Here is my code https://github.com/linuxjuggler/electron-auto-update-example check the electron-builder.json file.
Update 2
Based on the note mentioned in the Quick Setup Guide section, you should never call setFeedURL.
Auto-Update - you can see that private github repos works only for very special cases, and they are recommending to have a separate release-only repository to distribute releases so source is locked down, and you can distribute to controlled machines. It is a useful feature since no server is required, but special use case. Also, you can make this work with s3 bucket or some other upgrade servers.
I found this AutoUpdater Git Repo very helpful and my code is working now. Only change I needed to make is in github yml setting, add a token=<PersonalAccessToken> from github.
You can get Github personal token from Github > Settings > Developer Settings > Personal access tokens > Generate New Token
If anyone is still having this problem (I was stuck for weeks), I created a package to help with this. electron-github-autoupdater
It's pretty much an exact clone of Electron's autoUpdate API that accepts a config object for your private/enterprise github repo configuration and access token. It should just work.
Related
apologies if this has been asked before.
I have been going through the documentation for codeship to see if I can pull an image for docker from a private github container registry (GHCR) when I am automating my build process.
The documentation specifies docker registries but nothing for the GHCR.
Has anyone used Codeship to pull docker images from the GHCR?
The documentation specifies that the most common way authenticate with image registries is to provide your account credentials via an encrypted dockercfg file. The example is as follows:
{
"auths": {
"https://index.docker.io/v1/": {
"auth": "your_auth_string",
"email": "your_email"
}
}
}
This file will later be encrypted as per the instructions in the docs which can be found here
I was wondering if anyone has used this for GHCR, and if they have my question is whether one can simply replace the URL with the GHCR URL and pass it the email and personal access token used to access the packages or in this case images in the GHCR?
So after opening a ticket with Codeship and explaining to them what I was trying to do I got told the following:
"I don't think that we don't officially support the GitHub Container Registry; but, checking with the team on that. You likely can get it to work if it operates in a similar manner as the registries listed in the documentation."
I then tried it and it worked as expected. I also later received an email saying
"The engineering team confirmed that this method should work for you. We are going to update out documentation soon with a proper guide".
In my case I had to create a credentials.env file, add the repository credentials and GHCR url instead of the method mentioned in the question to generate the dockercfg file since I am doing this on Mac OS because the newer versions of Docker have changed to store credentials in the macOS keychain rather than in a configuration file. The instructions can be found here
I hope this is useful to whoever comes across this in future until they have updated the documentation but as of 28th of January 2021, it has not yet been updated.
I am using the GitHub pull request builder plugin in Jenkins to make pull requests on GitHub automatically trigger Jenkins jobs.
I am using GitHub Enterprise and when I try to get the values of environment vars ghprbActualCommitAuthor and ghprbActualCommitAuthorMail, I get incorrect values:
ghprbActualCommitAuthor : GitHub Enterprise
ghprbActualCommitAuthorEmail : noreply#github.***.com
Please help, thanks!
This behavior is seen in GitHub Enterprise when users commit changes directly using the web UI or they have not set their email addresses.
According to GHE support:
This is by design, since the commit is actually done by the GitHub Enterprise instance. This is because we do not impersonate users when creating commits.
You can fix this by ensuring that users make commits only through the Git clients using their own SSH credentials or Personal Access Tokens.
Is there a way to trigger Travis CI build for repository X each time there's a push to repository Y? Specifically, I want my builds to start each time there's a push to http://github.com/tensorflow/tensorflow
Good question! Here are some solutions that I could think of:
If you have admin privileges on the repo (or know someone who does), you could create a webhook that subscribes to the push event and when triggered, start a build on Travis CI using the Travis API.
This would entail:
Creating a new GitHub webhook over on http://github.com/tensorflow/tensorflow/settings/hooks/new. While of course, customizing the settings as you see fit, but with the information I have, I recommend using the application/json content type and only have GitHub trigger the webhook with the push event.
Write a small web app expecting the HTTP POST payloads from GitHub and start builds using Travis CI's API. This web app can be written in any language but it must be deployed to somewhere that is always awake and listening (to prevent missing builds).
Here's my example of that.
post "/push-webhook" do
uri = URI.parse("https://api.travis-ci.org/repo/your-org/your-repo/requests")
request = Net::HTTP::Get.new(uri.request_uri)
request["Content-Type"] = "application/json"
request["Accept"] = "application/json"
request["Travis-API-Version"] = "3"
request["Authorization"] = "token your-token"
body = { "request" => { "branch" => "master" } }
request.body = body.to_json
response = http.request(request)
end
And voila! Once this web app is deployed, and your GitHub webhook is configured properly, you should see builds to run on Travis CI with every new push on http://github.com/tensorflow/tensorflow.
Helpful documentation
https://docs.travis-ci.com/user/triggering-builds/
https://developer.github.com/webhooks/
https://developer.github.com/webhooks/configuring/
However, if you do not have admin privileges on the repo, you could create a mirror of repository that is in your control and then follow the instructions above (with a few differences). From the little research I did, it's not possible (or at least not easy) to create a mirror of a repository all on GitHub without admin access of the original/official repository.
With that said, I found a workaround that should work.
Import tensorflow/tensorflow to GitLab and use the Mirror Repository feature so it mirrors http://github.com/tensorflow/tensorflow as your GitLab repo's upstream.
From there, follow the instructions above as normal except use GitLab's webhook API instead of GitHub's to send push events to trigger our web app to start builds on Travis CI.
Helpful documentation
https://about.gitlab.com/2016/12/01/how-to-keep-your-fork-up-to-date-with-its-origin/
https://docs.gitlab.com/ce/user/project/integrations/webhooks.html
I hope this information was helpful. Please let me know if you have any other questions and I'd be happy to help in any way I can. :)
I am making an app that will use AWS services as backend. I want to push the code to github. I know that shouldn't push any code with credentials embedded.
After reading this article https://mobile.awsblog.com/post/Tx2XEKZCNBM7U64/How-Amazon-Cognito-Keeps-Mobile-App-Users-Data-Safe i think it should be safe to have IdentityPoolID in the source code. I searched github and i seen many files with ID included in them. Is there anything can be done with the ID that compromises my AWS account? Should i just create .h files and add that file in .gitignore?
It is safe in the sense that nobody can steal your identity (your AWS acount details, access keys and secret keys). But developers who download your app from GitHub and run it will access your AWS services via Cognito. Your account will be charged for that. And of course you should take care which other AWS privileges are associated with the Cognito roles. I have an AWS open source project on GitHub and I don’t publish any AWS identifiers at all.
You can never be sure if it safe to commit this to GitHub but I'd like to raise another concern. When you Open Source an application, you ideally want someone else to be able to obtain a copy and install it to match their needs. That means there shouldn't be any configuration parts for your setup but there should be general file with example strings.
That being said, I recommend you do the .gitignore solution and add -f a default .h file.
I'm hosting a project on my Jenkins server. That project has a GitHub repo and I have it set up so it automatically builds new commits. In order for that to work, I need to input credentials for a github account that has full access to the repo.
The problem is, that if I want him to add his login info to the credentials list, I'd have to give him acces to all credentials on the server (I don't want that).
I tried using the credentials under "{username}" > "Credentials", but those didn't show up in the project setup (even with 100% access to everything on the server).
Is there a way for the user to store his credentials and use them for the project without giving him full access to all credentials on the server?
Add the user's credentials under Global security and then allow project based Matrix Authorization Strategy per project as shown:
I found the answer in this mailing list entry:
In short: You need to
install and activate the Authorize Projects Plugin,
enable "run as specific user" strategy in global security settings,
enable this for the project in question.
This allows you to use the credentials for this specific user.
Enabling ssh-agent is the final step to make this work conveniently.