I have uploaded a file named example.conf in the repository's secure files and want to download that file while running the CI / CD pipeline script. I followed the Project-level Secure Files section in the GitLab documentation, but still I do not understand what the correct path to the file should be.
My attempt was this:
curl --header "JOB-TOKEN: $CI_JOB_TOKEN" https://gitlab.com/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/download-secure-files/-/example.conf
Which is apparently incorrect as I get the response:
<html><body>You are being <a href="https://gitlab.com/users/sign_in">redirected</a>.</body></html>
I cannot access that file even if I try to do so through the browser, while the URL provided in the documentation works. I don't understand what the URL should consist of, as using https://gitlab.com/<GROUP_NAME>/<PROJECT_NAME>/download-secure-files/-/<FILE_NAME> does not work.
So, how do I access the GitLab secure files from the URL?
Well, I didn't figure out how to how to do it using the download-secure-files tool but the GitLab provides the API for working with secure files so I used that instead. My approach includes downloading data about secure files stored in the repository, extracting filename and id pairs and downloading each file.
curl --request GET -H "JOB-TOKEN: $CI_JOB_TOKEN" https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/secure_files > secure_files.json
id and name.cat secure_files.json | jq '.[] | "\(.id),\(.name)"' | tr -d '"' > files.txt
while IFS=, read -a line;
do set -- "${line[@]}";
curl --request GET --header "JOB-TOKEN: $CI_JOB_TOKEN" https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/secure_files/$1/download > $2;
done < files.txt
Note: this only works in bash shell due to usage of, for example, -a flag in read command. I am not familiar enough with shell scripting to make this any more compatible or efficient.