Using Scoop for private tools

[tylersuggs]

I've searched around but have been unable to find a clear answer to this question. Can Scoop be configured to download artifacts from private (authenticated) URLs, such as a Github Release from a private repository)? Thanks!

[tylersuggs]

Some sort of response here would be greatly appreciated. Thanks!

[sytone]

Did you try to add a private repo bucket? I just made a private repo and added it without issue. Did you hit any issues while doing this?

scoop bucket add sytone-private https://github.com/sytone/scoop-private-bucket

Instructions on making buckets is in the wiki: https://github.com/lukesampson/scoop/wiki/Buckets

[dixonwille]

That is a private bucket. I think he wants where the URL in the JSON is to an authenticated endpoint (like Github releases).

[tylersuggs]

Correct. Having a bucket in a private repo is one thing - this works. The problem I am trying to solve is downloading the tool defined by a Manifest from a Release asset who's repo is also private.

For example, Homebrew allows for this scenario with custom install strategies. Can I achieve the same or something similar with Scoop?

[rasa]

One solution might be to provide the needed Github credentials in environment variables, and/or a ~/.config/scoop/secrets.json file. For example:

set GITHUB_USER=rasa
set GITHUB_TOKEN=01234567890abcdef01234567890abcdef012345678

or

set GITHUB_USER_TOKEN=rasa:01234567890abcdef01234567890abcdef012345678

[sytone]

If you can use the access token in the header for the call that would work as well. Not sure if that level of control is possible in the manifest for a app.

[tylersuggs]

I assume you guys are talking hypothetical enhancements, not current abilities? Either way, thanks for the input!