Fork: 0
yangyangxie / cortex-hub
Transfer to URL with SHA Find file
Newer
Older
cortex-hub / .agent / workflows / gitbucket_api.md
@Antigravity AI Antigravity AI 6 hours ago 2 KB feat: integrate GitBucket Private Snippets as a secure secret vault for deployment
Raw Blame History

description: How to manage GitBucket repository resources (Issues, PRs, Content) using the API

Overview

GitBucket provides a GitHub v3 compatible API at https://gitbucket.jerxie.com/api/v3. Antigravity AI uses a Personal Access Token to authenticate.

Core API Usage

Setting Up Authentication

The token must be provided in the Authorization header: Authorization: token <YOUR_TOKEN>

Examples:

1. Create an Issue

curl -H "Authorization: token <TOKEN>" \
     -X POST -d '{"title": "Issue Title", "body": "Issue Description"}' \
     https://gitbucket.jerxie.com/api/v3/repos/yangyangxie/cortex-hub/issues

2. Create a Pull Request

curl -H "Authorization: token <TOKEN>" \
     -X POST -d '{"title": "PR Title", "base": "master", "head": "feature-branch", "body": "PR Description"}' \
     https://gitbucket.jerxie.com/api/v3/repos/yangyangxie/cortex-hub/pulls

3. List Releases

curl -H "Authorization: token <TOKEN>" \
     https://gitbucket.jerxie.com/api/v3/repos/yangyangxie/cortex-hub/releases

Using Snippets (Gists) as a Secret Store

GitBucket's Snippet feature works primarily via Git or Raw Web Access. The standard GitHub JSON API for gists is currently not active on this instance.

Accessing Secrets (Read)

Use curl to fetch raw file content directly:

curl -L https://gitbucket.jerxie.com/gist/yangyangxie/<ID>/raw/master/<FILENAME>

Manipulating Secrets (Write/Update)

Every Snippet is a standard Git repository. You can clone, edit, and push changes back:

# Clone the snippet
git clone https://yangyangxie:<PAT>@gitbucket.jerxie.com/git/gist/yangyangxie/<ID>.git secret-repo

# Update secret
cd secret-repo
echo "new-secret-value" > config.json
git add . && git commit -m "update secret"
git push origin master

Snippet Vault Pattern

Use a Private Snippet as a simple "Vault" for your project.

Implementation Example (Bash)

# Pull and source secrets
GITBUCKET_TOKEN="YOUR_TOKEN"
SNIPPET_ID="YOUR_SNIPPET_ID"
TMP_DIR=$(mktemp -d)
git clone "https://user:${GITBUCKET_TOKEN}@gitbucket.jerxie.com/git/gist/user/${SNIPPET_ID}.git" "$TMP_DIR"
source "$TMP_DIR/.env"
rm -rf "$TMP_DIR"

Security Best Practices

  • Private Only: Never store credentials in "Public" or "Secret" snippets.
  • Rotation: Update the snippet regularly; agents will automatically pick up the new values.
  • Cleanup: Always delete temporary directories used for cloning secrets.
  • Token Scope: Ensure the Personal Access Token has repo and gist scopes (if applicable).