ruaan
ruaan14mo ago

GitHub CLI from deno

Is it possible/how to use the GitHub cli (gh) from JavaScript on deno? Using the Github cli I'm able to generate download_urls for files on a private repo without exposing my github token to the application My idea is to call it from javascript side and return the url from an api, but i've no idea if its possible to run such tool from deno server
2 Replies
Deno AI Helper
Deno AI Helper14mo ago
The documentation does not provide explicit information on using the GitHub CLI (gh) from JavaScript on Deno. However, Deno does provide the ability to run subprocesses using the Deno.run API, which could potentially be used to execute the GitHub CLI commands. But this is not explicitly stated in the documentation. For accessing private repositories, the documentation suggests using the DENO_AUTH_TOKENS environment variable to specify authentication tokens. This allows Deno to fetch remote modules from private repositories. The tokens are used when the hostname of the request matches the hostname specified in the DENO_AUTH_TOKENS variable. Here's an example of how you might set this up:
DENO_AUTH_TOKENS=a1b2c3d4e5f6@raw.githubusercontent.com
DENO_AUTH_TOKENS=a1b2c3d4e5f6@raw.githubusercontent.com
This should allow Deno to access any modules that the user who the token was issued for has access to. When the token is incorrect, or the user does not have access to the module, GitHub will issue a 404 Not Found status. However, this approach does not involve using the GitHub CLI and does not generate download URLs for files in a private repository. It's primarily used for fetching remote modules from private repositories. For your specific use case, it might be more appropriate to use the GitHub API directly from your Deno application, rather than trying to use the GitHub CLI. The GitHub API can provide download URLs for files and can be used with an authentication token for access to private repositories. But again, this is general advice and not explicitly supported by the documentation.
Kofi
Kofi14mo ago
There’s no problem to have your token expose to your application, just don’t put it in clear in your code, import it with ENV VAR (environment variable). In Deno: const token = Deno.env.get(‘GITHUB_TOKEN’) To set the environment variable temporarily in your local environment so your Deno script can access it you can either 1. Pass it in the beginning of your command : $[empty space]GITHUB_TOKEN=xxx… deno run your_script.ts (note that I’ve inputted a space before putting the env var, it’s so that your shell history don’t save it. So if you type the “history” command after you won’t be seeing your token saved on your machine 👌. The $ is not to be inputted, it’s just to explain [start of your command][empty space][env var key]=[env var value] deno run your script) 2. have a .env file in the base of your project that you will also add to your .gitignore file so it won’t commit your secret to your GitHub repository. You will still have to use Deno.env.get(‘GITHUB_TOKEN’) but before that you might have to import the dotenv package like below: import "https://deno.land/x/dotenv@v3.2.0/load.ts"; //then const token = Deno.env.get(‘GITHUB_TOKEN’) // or if TypeScript scream at you: const token = String(Deno.env.get(‘GITHUB_TOKEN’)) ❌So instead of using the gh command with the Deno.spawn() method ❌ 👌Then you can use the GitHub JSON API 👌 …to do the operation that interest you