Skip to content
/ fetch Public
forked from gruntwork-io/fetch

fetch makes it easy to download files, folders, and release assets from a specific git commit, branch, or tag of public and private GitHub repos.

License

Notifications You must be signed in to change notification settings

CCCSV/fetch

Repository files navigation

fetch

fetch makes it easy to download files, folders, and release assets from a specific git commit, branch, or tag of public and private GitHub repos.

Quick examples

Download folder /baz from tag 0.1.3 of a GitHub repo and save it to /tmp/baz:

fetch --repo="https://github.com/foo/bar" --tag="0.1.3" --source-path="/baz" /tmp/baz

Download the release asset foo.exe from release 0.1.5 and save it to /tmp:

fetch --repo="https://github.com/foo/bar" --tag="0.1.5" --release-asset="foo.exe" /tmp

See more examples in the Examples section.

Features

  • Download from a specific git commit SHA.
  • Download from a specific git tag.
  • Download from a specific git branch.
  • Download a single source file, a subset of source files, or all source files from the repo.
  • Download a binary asset from a specific release.
  • Download from public repos.
  • Download from private repos by specifying a GitHub Personal Access Token.
  • When specifying a git tag, you can can specify either exactly the tag you want, or a Tag Constraint Expression to do things like "get the latest non-breaking version" of this repo. Note that fetch assumes git tags are specified according to Semantic Versioning principles.

Motivation

Gruntwork helps software teams get up and running on AWS with DevOps best practices and world-class infrastructure in about 2 weeks. Sometimes we publish scripts and binaries that clients use in their infrastructure, and we want an easy way to install a specific version of one of those scripts and binaries. While this is fairly straightforward to do with public GitHub repos, as you can usually curl or wget a public URL, it's much trickier to do with private GitHub repos, as you have to make multiple API calls, parse JSON responses, and handle authentication. Fetch makes it possible to handle all of these cases with a one-liner.

Installation

Download the fetch binary from the GitHub Releases tab.

Usage

Assumptions

fetch assumes that a repo's tags are in the format vX.Y.Z or X.Y.Z to support Semantic Versioning parsing. Repos that use git tags not in this format cannot currently be used with fetch.

General Usage

fetch [OPTIONS] <local-download-path>

The supported options are:

  • --repo (Required): The fully qualified URL of the GitHub repo to download from (e.g. https://github.com/foo/bar).
  • --tag (Optional): The git tag to download. Can be a specific tag or a Tag Constraint Expression.
  • --branch (Optional): The git branch from which to download; the latest commit in the branch will be used. If specified, will override --tag.
  • --commit (Optional): The SHA of a git commit to download. If specified, will override --branch and --tag.
  • --source-path (Optional): The source path to download from the repo (e.g. --source-path=/folder will download the /folder path and all files below it). By default, all files are downloaded from the repo unless --source-path or --release-asset is specified. This option can be specified more than once.
  • --release-asset (Optional): The name of a release asset--that is, a binary uploaded to a GitHub Release--to download. This option can be specified more than once. It only works with the --tag option.
  • --github-oauth-token (Optional): A GitHub Personal Access Token. Required if you're downloading from private GitHub repos. NOTE: fetch will also look for this token using the GITHUB_OAUTH_TOKEN environment variable, which we recommend using instead of the command line option to ensure the token doesn't get saved in bash history.

The supported arguments are:

  • <local-download-path> (Required): The local path where all files should be downloaded (e.g. /tmp).

Run fetch --help to see more information about the flags.

Tag Constraint Expressions

The value of --tag can be expressed using any operators defined in hashicorp/go-version.

Specifically, this includes:

Tag Constraint Pattern Meaning
1.0.7 Exactly version 1.0.7
=1.0.7 Exactly version 1.0.7
!=1.0.7 The latest version as long as that version is not 1.0.7
>1.0.7 The latest version greater than 1.0.7
<1.0.7 The latest version that's less than 1.0.7
>=1.0.7 The latest version greater than or equal to 1.0.7
<=1.0.7 The latest version that's less than or equal to 1.0.7
~>1.0.7 The latest version that is greater than 1.0.7 and less than 1.1.0
~>1.0 The latest version that is greater than 1.0 and less than 2.0

Examples

Usage Example 1

Download /modules/foo/bar.sh from a GitHub release where the tag is the latest version of 0.1.x but at least 0.1.5, and save it to /tmp/bar:

fetch --repo="https://github.com/foo/bar" --tag="~>0.1.5" --source-path="/modules/foo/bar.sh" /tmp/bar

Usage Example 2

Download all files in /modules/foo from a GitHub release where the tag is exactly 0.1.5, and save them to /tmp:

fetch --repo="https://github.com/foo/bar" --tag="0.1.5" --source-path="/modules/foo" /tmp

Usage Example 3

Download all files from a private GitHub repo using the GitHUb oAuth Token 123. Get the release whose tag is exactly 0.1.5, and save the files to /tmp:

GITHUB_OAUTH_TOKEN=123

fetch --repo="https://github.com/foo/bar" --tag="0.1.5" /tmp

Usage Example 4

Download all files from the latest commit on the sample-branch branch, and save them to /tmp:

fetch --repo="https://github.com/foo/bar" --branch="sample-branch" /tmp/josh1

Usage Example 5

Download all files from the git commit f32a08313e30f116a1f5617b8b68c11f1c1dbb61, and save them to /tmp:

fetch --repo="https://github.com/foo/bar" --commit="f32a08313e30f116a1f5617b8b68c11f1c1dbb61" /tmp/josh1

Usage Example 6

Download the release asset foo.exe from a GitHub release where the tag is exactly 0.1.5, and save it to /tmp:

fetch --repo="https://github.com/foo/bar" --tag="0.1.5" --release-asset="foo.exe" /tmp

License

This code is released under the MIT License. See LICENSE.txt.

TODO

  • Introduce code verification using something like GPG signatures or published checksums
  • Explicitly test for exotic repo and org names
  • Apply stricter parsing for repo-filter command-line arg

About

fetch makes it easy to download files, folders, and release assets from a specific git commit, branch, or tag of public and private GitHub repos.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 100.0%