Shields: Private Travis badges

Each vendor has its own services, so they each have a potentially different way to allow this.

Any information that can help me make it work is welcome.

:+1: on this, though sadly, I have no info to help out.

We have this for public Travis projects:

http://img.shields.io/travis/joyent/node.svg

If we want to avoid query params (that could potentially confuse things trying to display an image) then we could find and declare a reserved character for separating a project from its private token and that could be used for several vendors, not just Travis.

I think ., -, _ are sort of reserved keywords as far as the Shields API is concerned so we can't really use them as delimiters to separate the project name from the token. @espadrine can confirm.

;, /, ?, :, @, &, =, +, $, and , seem to be reserved as far as URLs are concerned (http://stackoverflow.com/a/13500078/385622).

These are the only characters that can safely be used in a URI (without URL encoding):
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~:/?#[]@!$&'()*+,;=

So what about:

`http://img.shields.io/travis/joyent/node!DcdFsOhhUow9Ba8XAUyG.svg

That's probably a discussion where we should include our vendor contacts. So I'm curious what @roidrage, @rykov, @gonzoyumo & @gravis, @brynary. I'm sure I'm forgetting many.

Am I overthinking this?

I think ., -, _ are sort of reserved keywords

I'm happy to say that they're not. Besides, characters that have meaning in the URL standard can be escaped, so there isn't really an issue in that respect, beyond that of cleanliness.

I do strive to reserve query params for information which applies to all badges (such as the label name used, the badge style, maybe an icon image in the future).

I usually reserve a part of the URL for vendor-specific switches (eg. /npm/l/ for npm licenses and /npm/v/ for versions). I failed to do so for Travis, but I am not too worried.

http://img.shields.io/travis/joyent/node!DcdFsOhhUow9Ba8XAUyG.svg

As it turns out, that would be hard to implement. Travis' regexp is complex enough as it is.

On the other hand, something like /travis-private/joyent/node/DcdFsOhhUow9Ba8XAUyG.svg would be fine, if the token corresponded to something we can use in the Travis API. Since I currently have no private Travis badge to play around with, I don't know how to do it.

If someone wants to dig in, here's the Travis API.

We already support this for gemnasium. The svg is using a specific (tokenized) URL to access the badge. We don't expose users or project token in the URL, for security reasons.
I guess this could be implemented very easily in travis too :)

I'm doing SVG scraping at the moment for Gemnasium (and before that, I was doing HTTP scraping).
The only API I can find for Gemnasium, linked here, seems to only provide access with a token.

Should private users give us their token as a query parameter? Something like /gemnasium-private/jekyll/dep.svg?token=f6316c3d14b29def540ba07883bac111?

Up-to-date Shields badges for private repos are available from Travis now so I'm going to close this.

@olivierlacan Cannot find any documentation for this. How is it done? I tried http://img.shields.io/travis/org/repo/TOKEN.svg but it doesn't work.

@eproxus We don't currently support badges for private Travis repos. Travis does, though.

@espadrine Ah, I see. Why was the issue closed then?