Home > Back-end >  Github: Download artifact from any repository's Github actions workflow
Github: Download artifact from any repository's Github actions workflow

Time:06-07

I am trying to find a place to upload a binary that has to be executed in all the workflows that we run.

The problem that I am having is finding such a place.

I tried uploading the binary as a release. I am able to download this binary via the REST API but I have to pass in a personal access token to do so.

Is there a way to download a release artifact without passing in a personal access token on an internal repository that is visible to all the users in the organization?

                               -----------
                              |           |
                              |  bin.exe  |
                              |           |
                               -----------
                          /         |          \
                         /          |           \
              -----------      ------------      ------------
             |           |    |            |    |            |
             |  Repo 1   |    |  Repo 2    |    |  Repo 3    |
             |           |    |            |    |            |
              -----------      ------------      ------------

We have hundreds of repos and we want to pull the release artifact that is hosted in a different repo without passing in a personal access token because adding a personal access token is not feasible on hundreds of repos. We also do not want to host the binary publicly.

If you have been in a similar situation, please let me know on how you resolved it.

CodePudding user response:

because adding a personal access token is not feasible on hundreds of repos

That means using one key (a deploy key, associated to the unique repository with the binary, instead of a PAT associated to a user) in order to access said binary.

Using gh secret set, you can add that key to hundred of repository through a script.
Then a common GitHub action can reference that secret when executed in each repository.

  • Related