There are scenarios in which I require access to a private repository that hosts a lot of work. In this case, these are files that scripts that call. For example – configurations for Docker, Squid, or other automation scripts for menu-driven deployments. These need unauthenticated access to pull certain files but I don’t want the entire repo exposed. I also don’t want to provide authentication credentials as people other than myself (training labs) may need to use this method.

GitLab has the ability to do this via Tokens (as much as GitHub and other configuration management tools do).

Generate Token

First step is to generate a token. Generating this token will allow access to the account. With that, with great power comes great responsibility, so be mindful about where you keep it!

Select the scope of API for this token. Then Generate it.

token

Create Create Personal Token. Copy and Save the token that appears as it will only appear this once.

Lets call our token for this example, 4634A97DEC1E

Project ID

With this token is now time to find the project ID for the repository. Click on the project where the file you want access to is located.

ProjectID

Note the value of Project ID: 9649873. We need 9649873 for later.

Downloading a private file in project root

Lets say I want to download the file, daemon.json from my private repository. It is in the root of the project. I use the following structure:

  wget --header='PRIVATE-TOKEN: TOKEN' 'https://gitlab.com/api/v4/projects/PROJECT_ID/repository/files/FILENAME/raw?ref=BRANCH' -O ~/daemon.json"  

When populated with the examples you get the following

  wget --header='PRIVATE-TOKEN: 4634A97DEC1E' 'https://gitlab.com/api/v4/projects/9649873/repository/files/daemon.json/raw?ref=master' -O ~/daemon.json"  

Folders

If your file you want to access is not at the root of a project then you will need to append the unicode representation of /. This is %2F. Note that the daemon.json is under the folder conf.

   wget --header='PRIVATE-TOKEN: 4634A97DEC1E' 'https://gitlab.com/api/v4/projects/9649873/repository/files/conf%2Fdaemon.json/raw?ref=master' -O ~/daemon.json

Summing up

You can now access files via token requests for use within a usually private repo. I am sure there are many other ways but here is this approach.

Note This URI’s will not work as the token is fake and the project ID is a placeholder.

Leave a Reply

Your email address will not be published. Required fields are marked *

*