Added another example named Github Releases into the Generic Repository#378
Conversation
|
@ssoni-cloudsmith is attempting to deploy a commit to the Cloudsmith Team on Vercel. A member of the Team first needs to authorize it. |
There was a problem hiding this comment.
Pull request overview
Updates the Generic Repository format documentation to present multiple upstream-proxying examples, adding a new GitHub Releases walkthrough alongside the existing Node.js distributions example.
Changes:
- Reworks the single “Example” section into an “Examples” section with subheadings.
- Refines the Node.js Distributions example wording for clarity.
- Adds a new “GitHub Releases” example describing upstream URL/prefix/path resolution.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| The upstream prefix (`node_distributions`) ensures files from Node.js don't collide with files from other upstreams, even if they share identical file paths. | ||
|
|
||
| #### Github Releases |
There was a problem hiding this comment.
Heading uses "Github"; the correct product name is "GitHub" (also consistent with the earlier "- GitHub - GitHub Releases" entry in this file).
| #### Github Releases | |
| #### GitHub Releases |
| - **Upstream URL**: `https://api.github.com/repos/<owner>/<repo>/releases` | ||
| - **Upstream Prefix**: `github_releases` | ||
|
|
||
| **How paths are resolved:** | ||
|
|
||
| The upstream URL includes the base path (`/releases/`), so file paths are relative to that location. | ||
| To download `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz`, request the path `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` from Cloudsmith: | ||
|
|
||
| | Component | Value | | ||
| | :-------- | :---- | | ||
| | Upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases` | | ||
| | File path on upstream | `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | ||
| | Full upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | |
There was a problem hiding this comment.
This example appears to use the GitHub REST API endpoint (api.github.com/.../releases) as an upstream for downloading a binary asset, but that endpoint returns JSON metadata and doesn't host the release asset bytes. As a result, the described path resolution and the constructed "Full upstream URL" won't match the real asset download URL (which is under github.com/<owner>/<repo>/releases/download/...), and unauthenticated API calls are also subject to strict rate limiting. Consider updating the upstream URL and path mapping in the example to reflect the actual asset download URL structure (or explicitly document any required API-to-asset indirection/authentication if Cloudsmith handles it).
| - **Upstream URL**: `https://api.github.com/repos/<owner>/<repo>/releases` | |
| - **Upstream Prefix**: `github_releases` | |
| **How paths are resolved:** | |
| The upstream URL includes the base path (`/releases/`), so file paths are relative to that location. | |
| To download `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz`, request the path `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` from Cloudsmith: | |
| | Component | Value | | |
| | :-------- | :---- | | |
| | Upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases` | | |
| | File path on upstream | `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | |
| | Full upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | |
| - **Upstream URL**: `https://github.com/<owner>/<repo>/releases/download` | |
| - **Upstream Prefix**: `github_releases` | |
| **How paths are resolved:** | |
| The upstream URL includes the base path (`/releases/download/`), so file paths are relative to that location. | |
| To download `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz`, request the path `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` from Cloudsmith: | |
| | Component | Value | | |
| | :-------- | :---- | | |
| | Upstream URL | `https://github.com/aquasecurity/trivy/releases/download` | | |
| | File path on upstream | `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | |
| | Full upstream URL | `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | |
| - **Upstream URL**: `https://api.github.com/repos/<owner>/<repo>/releases` | ||
| - **Upstream Prefix**: `github_releases` | ||
|
|
||
| **How paths are resolved:** | ||
|
|
||
| The upstream URL includes the base path (`/releases/`), so file paths are relative to that location. | ||
| To download `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz`, request the path `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` from Cloudsmith: | ||
|
|
||
| | Component | Value | | ||
| | :-------- | :---- | | ||
| | Upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases` | | ||
| | File path on upstream | `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | ||
| | Full upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | |
There was a problem hiding this comment.
The example's "Full upstream URL" is inconsistent with the actual GitHub release asset URL shown above (.../releases/download/...). As written, https://api.github.com/repos/.../releases/v0.69.3/... is not a valid release asset download URL and will mislead readers trying to reproduce the behavior.
| - **Upstream URL**: `https://api.github.com/repos/<owner>/<repo>/releases` | |
| - **Upstream Prefix**: `github_releases` | |
| **How paths are resolved:** | |
| The upstream URL includes the base path (`/releases/`), so file paths are relative to that location. | |
| To download `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz`, request the path `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` from Cloudsmith: | |
| | Component | Value | | |
| | :-------- | :---- | | |
| | Upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases` | | |
| | File path on upstream | `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | |
| | Full upstream URL | `https://api.github.com/repos/aquasecurity/trivy/releases/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | |
| - **Upstream URL**: `https://github.com/<owner>/<repo>/releases/download` | |
| - **Upstream Prefix**: `github_releases` | |
| **How paths are resolved:** | |
| The upstream URL includes the base path (`/releases/download/`), so file paths are relative to that location. | |
| To download `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz`, request the path `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` from Cloudsmith: | |
| | Component | Value | | |
| | :-------- | :---- | | |
| | Upstream URL | `https://github.com/aquasecurity/trivy/releases/download` | | |
| | File path on upstream | `v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | | |
| | Full upstream URL | `https://github.com/aquasecurity/trivy/releases/download/v0.69.3/trivy_0.69.3_Linux-ARM64.tar.gz` | |
No description provided.