I have uploaded a file named example.conf to the repository's secure files and want to download that file while running the CI / CD pipeline script. I followed the Project-level Secure Files section in the GitLab documentation, but I still do not understand what the correct path to the file should be.
I tried this:
curl --header "JOB-TOKEN: $CI_JOB_TOKEN" https://gitlab.com/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/download-secure-files/-/example.conf
Which is incorrect, as I get the response:
<html><body>You are being <a href="https://gitlab.com/users/sign_in">redirected</a>.</body></html>
I cannot access that file even if I try to do so through the browser, while the URL provided in the documentation works. I'm unsure what the URL should look like, as using https://gitlab.com/<GROUP_NAME>/<PROJECT_NAME>/download-secure-files/-/<FILE_NAME> doesn't work.
So, how do I access the GitLab secure files from the URL?
Well, I didn't figure out how to do it using the download-secure-files tool, but GitLab provides the API for working with secure files, so I used that instead. My approach includes downloading data about secure files stored in the repository, extracting the filename and ID pairs, and downloading each file.
curl --request GET -H "JOB-TOKEN: $CI_JOB_TOKEN" https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/secure_files > secure_files.json
id and name.cat secure_files.json | jq '.[] | "\(.id),\(.name)"' | tr -d '"' > files.txt
while IFS=, read -a line;
do set -- "${line[@]}";
curl --request GET --header "JOB-TOKEN: $CI_JOB_TOKEN" https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/secure_files/$1/download > $2;
done < files.txt
This solution only works in bash shell due to the usage of, for example, -a flag in read command. I am not familiar enough with shell scripting to make this any more compatible or efficient.