Accessing images from README.md of Private Repos

My team has a private GitHub repository and has an internal wiki via GraphQL.
We have a python script that pulls README.md of specified repos that are to be placed in wiki via PAT.
We are able download the text contents of the README.md and see it in the wiki.
The problem is the images in these README.md files does not show.
The images in these README.md files use the format:
!(My Image)[https://github.com/{enterprise-private}/{my-repo}/blob/main/static/img/{image.jpg}]

When accessing the images while not logged in, it does indeed show 404 Error.
https://github.com/{enterprise-private}/{my-repo}/blob/main/static/img/{image.jpg}

Is it possible to access the image without having the need to login? Or this is strictly forbidden since it’s a private repository?

The latter, since all contents are private. If you want to make part of the docs and images visible publicly you’ll have to come up with an automated solution to export them somewhere else, e.g. a public repository, a website, etc.

You can easily achieve this via some script, which you can then exploit via some CI service or GitHub Actions to ensure that whenever the master branch of you repository is updated all the public assets are update too (you can use Git commands in the script to detect changed files).

1 Like

Thanks for the reply. This is what I thought of too. We don’t need all repos in enterprise-private, only a selected few anyways. So I know this can be done.

I guess, what I’m asking here, and I can’t find info about it, is:

Can i pass PAT in the URL as an html content for the readme?

I was able to do curl commands using PAT@raw.githubusercontent.com in CLI but in my testing have failed to use this as an html content (as part of the readme).

Not that I need this in the solution, but now, more of: I’m interested to know.

I’m not sure of this, for it might require some redirection steps after validation, which are only possible to handle if you have full control over a server. Maybe this page is of help, or at least provides a good introduction and useful external links:

Whether it’s doable or not, I don’t think that including your username and authentication token inside a link within a public document is a good idea, for it would compromise the security of that account. Also, this might violate GitHub EULA, since you’re expected to do your best to protect all your secret keys and access tokens.

1 Like

That makes sense.

With the absence of documentation about it and with the points you raised, I’d assume this is indeed not possible.

Thanks!