Getting the latest version of Hugo via script

Because it might to be useful for others, I thought I’d share my bash snippet from my Dockerfile (although the code will work in bash scripts outside Docker too, provided the tool jq is installed) that downloads the latest (or a specific version of) Hugo.

curl -sL $(curl -s https://api.github.com/repos/gohugoio/hugo/releases/latest | jq -r '\
        . as $artifacts | .tag_name | ltrimstr("v") as $version | \
        $artifacts | .assets | .[] | [.name, .browser_download_url] | \
        if (.[0] | contains($version) and contains("extended") and contains("Linux-64bit") and contains(".tar.gz")) \
        then .[1] \
        else empty \
        end') | tar -C /usr/local/bin -xzf - hugo

For a specific version of Hugo one can do something like:

curl -sL $(curl -s https://api.github.com/repos/gohugoio/hugo/releases/tags/v0.80.0 | jq -r '\
        . as $artifacts | .tag_name | ltrimstr("v") as $version | \
        $artifacts | .assets | .[] | [.name, .browser_download_url] | \
        if (.[0] | contains($version) and contains("extended") and contains("Linux-64bit") and contains(".tar.gz")) \
        then .[1] \
        else empty \
        end') | tar -C /usr/local/bin -xzf - hugo \
    && mv /usr/local/bin/hugo /usr/local/bin/hugo-0.80.0

The curl inside $() uses the GitHub REST API to get the release JSON and uses a jq script to extract the download locations.
The outer curl actually downloads the Hugo binary.

This is kind hacky at the moment, but it gets things done for me, for now.

Hi Daniel,

I’ve been using this post to install multiple hugo versions on the same computer, your script will ease the process a lot.

Thanks for sharing!

You might have a look at the GitHub CLI.

gh release download --repo gohugoio/hugo --pattern "*extended*Linux-64bit.tar.gz"

I admit I’ve been avoiding the GitHub CLI. If it’s available via an apt command in 20.04, Bullseye, etc it could be worth it for me, though. (I try to minimize the number of ‘outside’ tools I add).

curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo gpg --dearmor -o /usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
sudo chmod 644 /usr/share/keyrings/githubcli-archive-keyring.gpg
sudo chmod 644 /etc/apt/sources.list.d/github-cli.list
sudo apt update
sudo apt install gh
gh auth login

Thanks! I’d have gotten around to looking this up ‘some day’, but the time saving is welcome.

I assume the above is only needed if you are accessing private information (that is, for a public release such as Hugo I hope it’s not required)?

I’ll test it at some point if you don’t get a chance to reply, but I do appreciate anything you have to offer.

I have no idea, and I don’t care, because I use gh in many different ways.

@cshoredaniel

I reviewed my previous response, and I don’t like what I wrote. Although the statement is accurate, my choice of words was poor, and may convey a tone that I did not intend. I apologize if you were offended.

My revised response:

I don’t know if authentication is required to use gh release download with public repositories. I have never tested the installation without the authentication step because I use the GitHub CLI with both public and private repositories.

I try to adhere to the DBAD code of conduct, and fear that I failed in my previous response. Again, please accept my apology.

@jmooring Thank you! You are awesome. It makes me glad I didn’t overreact to the tone (I was indeed somewhat miffed, but I also know we all have bad days; that it was not even so intended is even better). Now I have to look up DBAD, it sounds like a philosophy I would like to follow (as best possible).

For anyone who might be interested: gh release download requires gh auth login even for public repositories.

Since the use case for my script is a Dockerfile (for creating a VSCode devcontainer) where I’d rather not use credentials to install a public artifact, I will be using my script for that purpose as it seems to me a better fit. YMMV.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.