Merge pull request #202 from datalad/no-api-query

Use `gh api` instead of `curl` for direct GitHub API queries

.github/workflows/build-macos.yaml

@@ -408,13 +408,15 @@ jobs:
       - name: Install ${{ matrix.version }} Datalad
         run: |
           if [ "${{ matrix.version }}" = "release" ]; then
-            # Authorize so that we don't run up against low API rate limits
-            commitish="$(curl -fsSL -H "Authorization: bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/datalad/datalad/releases/latest | jq -r .tag_name)"
+            commitish="$(gh api --jq .tag_name repos/datalad/datalad/releases/latest)"
           else
             commitish="${{ matrix.version }}"
           fi
           python -m pip install --upgrade pip
           pip install git+https://github.com/datalad/datalad@${commitish}
+        env:
+          # Authorize so that we don't run up against low API rate limits
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Install nose et al (just in case!)
         run: pip install nose pytest vcrpy mock

.github/workflows/build-ubuntu.yaml

@@ -57,7 +57,7 @@ jobs:
       - name: Install Singularity
         run: |
           # use if decide to get most recent release of singularity
-          # release="$(curl -fsSL https://api.github.com/repos/sylabs/singularity/releases/latest | jq -r .tag_name)"
+          # release="$(gh api --jq .tag_name repos/sylabs/singularity/releases/latest)"
           release="v3.10.4"
           codename="$(lsb_release -cs)"
           arch="$(dpkg --print-architecture)"
@@ -462,13 +462,15 @@ jobs:
       - name: Install ${{ matrix.version }} Datalad
         run: |
           if [ "${{ matrix.version }}" = "release" ]; then
-            # Authorize so that we don't run up against low API rate limits
-            commitish="$(curl -fsSL -H "Authorization: bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/datalad/datalad/releases/latest | jq -r .tag_name)"
+            commitish="$(gh api --jq .tag_name repos/datalad/datalad/releases/latest)"
           else
             commitish="${{ matrix.version }}"
           fi
           python -m pip install --upgrade pip
           pip install git+https://github.com/datalad/datalad@${commitish}
+        env:
+          # Authorize so that we don't run up against low API rate limits
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Install nose et al (just in case!)
         run: pip install nose pytest vcrpy mock

.github/workflows/build-windows.yaml

@@ -405,13 +405,15 @@ jobs:
       - name: Install ${{ matrix.version }} Datalad
         run: |
           if [ "${{ matrix.version }}" = "release" ]; then
-            # Authorize so that we don't run up against low API rate limits
-            commitish="$(curl -fsSL -H "Authorization: bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/datalad/datalad/releases/latest | jq -r .tag_name)"
+            commitish="$(gh api --jq .tag_name repos/datalad/datalad/releases/latest)"
           else
             commitish="${{ matrix.version }}"
           fi
           python -m pip install --upgrade pip
           pip install git+https://github.com/datalad/datalad@${commitish}
+        env:
+          # Authorize so that we don't run up against low API rate limits
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Install nose et al (just in case!)
         run: pip install nose pytest vcrpy mock

.github/workflows/template/build-{{ostype}}.yaml.j2

@@ -59,7 +59,7 @@ jobs:
       - name: Install Singularity
         run: |
           # use if decide to get most recent release of singularity
-          # release="$(curl -fsSL https://api.github.com/repos/sylabs/singularity/releases/latest | jq -r .tag_name)"
+          # release="$(gh api --jq .tag_name repos/sylabs/singularity/releases/latest)"
           release="v3.10.4"
           codename="$(lsb_release -cs)"
           arch="$(dpkg --print-architecture)"
@@ -716,13 +716,15 @@ jobs:
       - name: Install ${{ matrix.version }} Datalad
         run: |
           if [ "${{ matrix.version }}" = "release" ]; then
-            # Authorize so that we don't run up against low API rate limits
-            commitish="$(curl -fsSL -H "Authorization: bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/datalad/datalad/releases/latest | jq -r .tag_name)"
+            commitish="$(gh api --jq .tag_name repos/datalad/datalad/releases/latest)"
           else
             commitish="${{ matrix.version }}"
           fi
           python -m pip install --upgrade pip
           pip install git+https://github.com/datalad/datalad@${commitish}
+        env:
+          # Authorize so that we don't run up against low API rate limits
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Install nose et al (just in case!)
         run: pip install nose pytest vcrpy mock

.github/workflows/tools/apply-patches

@@ -1,14 +1,6 @@
 #!/usr/bin/env bash
 set -eux -o pipefail
 
-function api_query {
-    path="$1"
-    curl -fsSL \
-        -H "Authorization: bearer $GITHUB_TOKEN" \
-        -H "Accept: application/vnd.github.v3+json" \
-        "https://api.github.com$path"
-}
-
 patches_dir="$1"
 event="$2"
 
@@ -35,7 +27,7 @@ do
         fi
         echo "[INFO] $patchfile is already applied.  Creating PR to remove."
         branch_name="rmpatch/$(basename "$patchfile" .patch)"
-        if api_query "/repos/$GITHUB_REPOSITORY/branches/$branch_name" > /dev/null
+        if gh api "repos/$GITHUB_REPOSITORY/branches/$branch_name" > /dev/null
         then
             echo "[INFO] Branch $branch_name already exists; assuming PR already exists"
         else
@@ -60,7 +52,10 @@ do
         fi
         echo "[ERROR] $patchfile failed to apply; creating issue"
         issue_title="Patch $(basename "$patchfile") fails to apply"
-        if api_query "/repos/$GITHUB_REPOSITORY/issues?state=open&per_page=100&sort=created&direction=desc" | jq -e --arg title "$issue_title" 'any(.[].title; . == $title)'
+        if gh api -X GET \
+            -f state=open -f per_page=100 -f sort=created -f direction=desc \
+            "repos/$GITHUB_REPOSITORY/issues" \
+            | jq -e --arg title "$issue_title" 'any(.[].title; . == $title)'
         then
             echo "[INFO] Issue already exists"
         else

.github/workflows/tools/set-build-commit

@@ -2,7 +2,7 @@
 set -eu -o pipefail
 
 if [ -n "$INPUT_PR" ]
-then merge_sha="$(curl -fsSL -H "Authorization: bearer $GITHUB_TOKEN" https://api.github.com/repos/datalad/git-annex/pulls/"$INPUT_PR" | jq -r .merge_commit_sha)"
+then merge_sha="$(GH_PAGER=cat gh api --jq .merge_commit_sha repos/datalad/git-annex/pulls/"$INPUT_PR")"
      git fetch origin +"$merge_sha":refs/remotes/pull/"$INPUT_PR"/merge
      BUILD_COMMIT="pull/$INPUT_PR/merge"
 elif [ -n "$INPUT_COMMITISH" ]

.github/workflows/tools/set-pr-status

@@ -1,12 +1,6 @@
 #!/usr/bin/env bash
 set -eux -o pipefail
-
-function api_call {
-    curl -fsSL \
-        -H "Authorization: bearer $GITHUB_TOKEN" \
-        -H "Accept: application/vnd.github.v3+json" \
-        "$@"
-}
+export GH_PAGER=cat
 
 INPUT_PR="$1"
 OSNAME="$2"
@@ -17,7 +11,7 @@ if [ "$STATE" = cancelled ]
 then STATE=error
 fi
 
-JOBS="$(api_call "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID/jobs")"
+JOBS="$(gh api "repos/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID/jobs")"
 
 JOB_URL="$(jq -r --arg job "$JOBNAME" '.jobs[] | select(.name == $job) | .html_url' <<<"$JOBS")"
 
@@ -28,7 +22,7 @@ then echo "[WARNING] Could not determine job URL"
      jq '.jobs | [.[].name]' <<<"$JOBS"
 fi
 
-STATUSES_URL="$(api_call "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/pulls/$INPUT_PR" | jq -r .statuses_url)"
+STATUSES_URL="$(gh api --jq .statuses_url "repos/$GITHUB_REPOSITORY/pulls/$INPUT_PR")"
 
 jq -n \
     --arg context "Build git-annex on $OSNAME / $JOBNAME" \
@@ -39,4 +33,4 @@ jq -n \
         "context": $context,
         "target_url": $target_url
     }' \
-| api_call -X POST -H "Content-Type: application/json" -d @- "$STATUSES_URL"
+| gh api -X POST --input - "$STATUSES_URL"