2021-01-29 00:20:46 +05:30
---
2021-02-22 17:27:13 +05:30
stage: Verify
2023-05-27 22:25:52 +05:30
group: Pipeline Security
2022-11-25 23:54:43 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
2021-01-29 00:20:46 +05:30
---
2021-11-11 11:23:49 +05:30
# Job Artifacts API **(FREE)**
2020-10-24 23:57:45 +05:30
## Get job artifacts
> The use of `CI_JOB_TOKEN` in the artifacts download API was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2346) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.5.
Get the job's artifacts zipped archive of a project.
```plaintext
GET /projects/:id/jobs/:job_id/artifacts
```
2022-08-27 11:52:29 +05:30
| Attribute | Type | Required | Description |
|---------------------------|----------------|----------|-------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) owned by the authenticated user. |
2022-08-27 11:52:29 +05:30
| `job_id` | integer | yes | ID of a job. |
| `job_token` ** (PREMIUM)** | string | no | To be used with [triggers ](../ci/jobs/ci_job_token.md#download-an-artifact-from-a-different-pipeline ) for multi-project pipelines. It should be invoked only in a CI/CD job defined in the `.gitlab-ci.yml` file. The value is always `$CI_JOB_TOKEN` . The job associated with the `$CI_JOB_TOKEN` must be running when this token is used. |
2020-10-24 23:57:45 +05:30
Example request using the `PRIVATE-TOKEN` header:
```shell
2023-01-13 00:05:48 +05:30
curl --location --output artifacts.zip --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/jobs/42/artifacts"
2020-10-24 23:57:45 +05:30
```
2021-09-30 23:02:18 +05:30
To use this in a [`script` definition ](../ci/yaml/index.md#script ) inside
2020-10-24 23:57:45 +05:30
`.gitlab-ci.yml` ** (PREMIUM)**, you can use either:
- The `JOB-TOKEN` header with the GitLab-provided `CI_JOB_TOKEN` variable.
2021-02-22 17:27:13 +05:30
For example, the following job downloads the artifacts of the job with ID
2021-10-27 15:23:28 +05:30
`42` . The command is wrapped in single quotes because it contains a
2020-10-24 23:57:45 +05:30
colon (`:`):
```yaml
artifact_download:
stage: test
script:
- 'curl --location --output artifacts.zip --header "JOB-TOKEN: $CI_JOB_TOKEN" "https://gitlab.example.com/api/v4/projects/1/jobs/42/artifacts"'
```
- Or the `job_token` attribute with the GitLab-provided `CI_JOB_TOKEN` variable.
2021-02-22 17:27:13 +05:30
For example, the following job downloads the artifacts of the job with ID `42` :
2020-10-24 23:57:45 +05:30
```yaml
artifact_download:
stage: test
script:
- 'curl --location --output artifacts.zip "https://gitlab.example.com/api/v4/projects/1/jobs/42/artifacts?job_token=$CI_JOB_TOKEN"'
```
Possible response status codes:
| Status | Description |
|-----------|---------------------------------|
| 200 | Serves the artifacts file. |
| 404 | Build not found or no artifacts.|
## Download the artifacts archive
> The use of `CI_JOB_TOKEN` in the artifacts download API was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2346) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.5.
Download the artifacts zipped archive from the latest successful pipeline for
the given reference name and job, provided the job finished successfully. This
is the same as [getting the job's artifacts ](#get-job-artifacts ), but by
defining the job's name instead of its ID.
2021-02-22 17:27:13 +05:30
NOTE:
2022-10-11 01:57:18 +05:30
If a pipeline is [parent of other child pipelines ](../ci/pipelines/downstream_pipelines.md#parent-child-pipelines ), artifacts
2021-01-03 14:25:43 +05:30
are searched in hierarchical order from parent to child. For example, if both parent and
2021-02-22 17:27:13 +05:30
child pipelines have a job with the same name, the artifact from the parent pipeline is returned.
2021-01-03 14:25:43 +05:30
2020-10-24 23:57:45 +05:30
```plaintext
GET /projects/:id/jobs/artifacts/:ref_name/download?job=name
```
Parameters
2022-08-27 11:52:29 +05:30
| Attribute | Type | Required | Description |
|---------------------------|----------------|----------|-------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) owned by the authenticated user. |
2022-08-27 11:52:29 +05:30
| `ref_name` | string | yes | Branch or tag name in repository. HEAD or SHA references are not supported. |
| `job` | string | yes | The name of the job. |
| `job_token` ** (PREMIUM)** | string | no | To be used with [triggers ](../ci/jobs/ci_job_token.md#download-an-artifact-from-a-different-pipeline ) for multi-project pipelines. It should be invoked only in a CI/CD job defined in the `.gitlab-ci.yml` file. The value is always `$CI_JOB_TOKEN` . The job associated with the `$CI_JOB_TOKEN` must be running when this token is used. |
2020-10-24 23:57:45 +05:30
Example request using the `PRIVATE-TOKEN` header:
```shell
2023-01-13 00:05:48 +05:30
curl --location --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/main/download?job=test"
2020-10-24 23:57:45 +05:30
```
2021-09-30 23:02:18 +05:30
To use this in a [`script` definition ](../ci/yaml/index.md#script ) inside
2020-10-24 23:57:45 +05:30
`.gitlab-ci.yml` ** (PREMIUM)**, you can use either:
- The `JOB-TOKEN` header with the GitLab-provided `CI_JOB_TOKEN` variable.
2021-02-22 17:27:13 +05:30
For example, the following job downloads the artifacts of the `test` job
2021-10-27 15:23:28 +05:30
of the `main` branch. The command is wrapped in single quotes
2021-03-08 18:12:59 +05:30
because it contains a colon (`:`):
2020-10-24 23:57:45 +05:30
```yaml
artifact_download:
stage: test
script:
2021-09-04 01:27:46 +05:30
- 'curl --location --output artifacts.zip --header "JOB-TOKEN: $CI_JOB_TOKEN" "https://gitlab.example.com/api/v4/projects/$CI_PROJECT_ID/jobs/artifacts/main/download?job=test"'
2020-10-24 23:57:45 +05:30
```
- Or the `job_token` attribute with the GitLab-provided `CI_JOB_TOKEN` variable.
2021-02-22 17:27:13 +05:30
For example, the following job downloads the artifacts of the `test` job
2021-09-04 01:27:46 +05:30
of the `main` branch:
2020-10-24 23:57:45 +05:30
```yaml
artifact_download:
stage: test
script:
2021-09-04 01:27:46 +05:30
- 'curl --location --output artifacts.zip "https://gitlab.example.com/api/v4/projects/$CI_PROJECT_ID/jobs/artifacts/main/download?job=test& job_token=$CI_JOB_TOKEN"'
2020-10-24 23:57:45 +05:30
```
Possible response status codes:
| Status | Description |
|-----------|---------------------------------|
| 200 | Serves the artifacts file. |
| 404 | Build not found or no artifacts.|
## Download a single artifact file by job ID
2021-04-17 20:07:23 +05:30
> - Introduced in GitLab 10.0.
> - The use of `CI_JOB_TOKEN` in the artifacts download API was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55042) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.10.
2020-10-24 23:57:45 +05:30
2021-03-08 18:12:59 +05:30
Download a single artifact file from a job with a specified ID from inside
2020-10-24 23:57:45 +05:30
the job's artifacts zipped archive. The file is extracted from the archive and
streamed to the client.
```plaintext
GET /projects/:id/jobs/:job_id/artifacts/*artifact_path
```
Parameters
2022-08-27 11:52:29 +05:30
| Attribute | Type | Required | Description |
|---------------------------|----------------|----------|-------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) owned by the authenticated user. |
2022-08-27 11:52:29 +05:30
| `job_id` | integer | yes | The unique job identifier. |
| `artifact_path` | string | yes | Path to a file inside the artifacts archive. |
| `job_token` ** (PREMIUM)** | string | no | To be used with [triggers ](../ci/jobs/ci_job_token.md#download-an-artifact-from-a-different-pipeline ) for multi-project pipelines. It should be invoked only in a CI/CD job defined in the `.gitlab-ci.yml` file. The value is always `$CI_JOB_TOKEN` . The job associated with the `$CI_JOB_TOKEN` must be running when this token is used. |
2020-10-24 23:57:45 +05:30
Example request:
```shell
curl --location --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/jobs/5/artifacts/some/release/file.pdf"
```
Possible response status codes:
| Status | Description |
|-----------|--------------------------------------|
| 200 | Sends a single artifact file |
| 400 | Invalid path provided |
| 404 | Build not found or no file/artifacts |
## Download a single artifact file from specific tag or branch
2021-04-17 20:07:23 +05:30
> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/23538) in GitLab 11.5.
> - The use of `CI_JOB_TOKEN` in the artifacts download API was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55042) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.10.
2020-10-24 23:57:45 +05:30
Download a single artifact file for a specific job of the latest successful
2021-03-08 18:12:59 +05:30
pipeline for the given reference name from inside the job's artifacts archive.
2020-10-24 23:57:45 +05:30
The file is extracted from the archive and streamed to the client.
2022-07-16 23:28:13 +05:30
The artifact file provides more detail than what is available in the
[CSV export ](../user/application_security/vulnerability_report/index.md#export-vulnerability-details ).
2021-01-03 14:25:43 +05:30
In [GitLab 13.5 ](https://gitlab.com/gitlab-org/gitlab/-/issues/201784 ) and later, artifacts
2022-10-11 01:57:18 +05:30
for [parent and child pipelines ](../ci/pipelines/downstream_pipelines.md#parent-child-pipelines ) are searched in hierarchical
2021-01-03 14:25:43 +05:30
order from parent to child. For example, if both parent and child pipelines have a
job with the same name, the artifact from the parent pipeline is returned.
2020-10-24 23:57:45 +05:30
```plaintext
GET /projects/:id/jobs/artifacts/:ref_name/raw/*artifact_path?job=name
```
Parameters:
2022-08-27 11:52:29 +05:30
| Attribute | Type | Required | Description |
|---------------------------|----------------|----------|-------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) owned by the authenticated user. |
2022-08-27 11:52:29 +05:30
| `ref_name` | string | yes | Branch or tag name in repository. `HEAD` or `SHA` references are not supported. |
| `artifact_path` | string | yes | Path to a file inside the artifacts archive. |
| `job` | string | yes | The name of the job. |
| `job_token` ** (PREMIUM)** | string | no | To be used with [triggers ](../ci/jobs/ci_job_token.md#download-an-artifact-from-a-different-pipeline ) for multi-project pipelines. It should be invoked only in a CI/CD job defined in the `.gitlab-ci.yml` file. The value is always `$CI_JOB_TOKEN` . The job associated with the `$CI_JOB_TOKEN` must be running when this token is used. |
2020-10-24 23:57:45 +05:30
Example request:
```shell
2021-09-04 01:27:46 +05:30
curl --location --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/main/raw/some/release/file.pdf?job=pdf"
2020-10-24 23:57:45 +05:30
```
Possible response status codes:
| Status | Description |
|-----------|--------------------------------------|
| 200 | Sends a single artifact file |
| 400 | Invalid path provided |
| 404 | Build not found or no file/artifacts |
## Keep artifacts
Prevents artifacts from being deleted when expiration is set.
```plaintext
POST /projects/:id/jobs/:job_id/artifacts/keep
```
Parameters
2021-02-22 17:27:13 +05:30
| Attribute | Type | Required | Description |
|-----------|----------------|----------|--------------------------------------------------------------------------------------------------------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) owned by the authenticated user. |
2020-10-24 23:57:45 +05:30
| `job_id` | integer | yes | ID of a job. |
Example request:
```shell
curl --request POST --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/jobs/1/artifacts/keep"
```
Example response:
```json
{
"commit": {
"author_email": "admin@example.com",
"author_name": "Administrator",
"created_at": "2015-12-24T16:51:14.000+01:00",
"id": "0ff3ae198f8601a285adcf5c0fff204ee6fba5fd",
"message": "Test the CI integration.",
"short_id": "0ff3ae19",
"title": "Test the CI integration."
},
"coverage": null,
"allow_failure": false,
"download_url": null,
"id": 42,
"name": "rubocop",
2021-09-04 01:27:46 +05:30
"ref": "main",
2020-10-24 23:57:45 +05:30
"artifacts": [],
"runner": null,
"stage": "test",
"created_at": "2016-01-11T10:13:33.506Z",
"started_at": "2016-01-11T10:13:33.506Z",
"finished_at": "2016-01-11T10:15:10.506Z",
"duration": 97.0,
"status": "failed",
2022-01-26 12:08:38 +05:30
"failure_reason": "script_failure",
2020-10-24 23:57:45 +05:30
"tag": false,
"web_url": "https://example.com/foo/bar/-/jobs/42",
"user": null
}
```
2022-03-02 08:16:31 +05:30
## Delete job artifacts
2020-10-24 23:57:45 +05:30
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/25522) in GitLab 11.9.
Delete artifacts of a job.
```plaintext
DELETE /projects/:id/jobs/:job_id/artifacts
```
2021-02-22 17:27:13 +05:30
| Attribute | Type | Required | Description |
|-----------|----------------|----------|-----------------------------------------------------------------------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) |
2020-10-24 23:57:45 +05:30
| `job_id` | integer | yes | ID of a job. |
Example request:
```shell
curl --request DELETE --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/jobs/1/artifacts"
```
2021-02-22 17:27:13 +05:30
NOTE:
2020-10-24 23:57:45 +05:30
At least Maintainer role is required to delete artifacts.
If the artifacts were deleted successfully, a response with status `204 No Content` is returned.
2022-03-02 08:16:31 +05:30
## Delete project artifacts
2022-06-21 17:19:12 +05:30
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/223793) in GitLab 14.7 [with a flag](../administration/feature_flags.md) named `bulk_expire_project_artifacts`. Enabled by default on GitLab self-managed. Enabled on GitLab.com.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/350609) in GitLab 14.10.
2022-03-02 08:16:31 +05:30
2022-04-04 11:22:00 +05:30
Delete artifacts of a project that can be deleted.
2023-06-20 00:43:36 +05:30
By default, [artifacts from the most recent successful pipeline of each ref are kept ](../ci/jobs/job_artifacts.md#keep-artifacts-from-most-recent-successful-jobs ).
2022-03-02 08:16:31 +05:30
```plaintext
DELETE /projects/:id/artifacts
```
| Attribute | Type | Required | Description |
|-----------|----------------|----------|-----------------------------------------------------------------------------|
2023-04-23 21:23:45 +05:30
| `id` | integer/string | yes | ID or [URL-encoded path of the project ](rest/index.md#namespaced-path-encoding ) |
2022-03-02 08:16:31 +05:30
Example request:
```shell
curl --request DELETE --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/projects/1/artifacts"
```
NOTE:
At least Maintainer role is required to delete artifacts.
Schedules a worker to update to the current time the expiry of all artifacts that can be deleted.
A response with status `202 Accepted` is returned.