Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Remove usage of secrets to fix failing builds #2369

Merged
merged 1 commit into from
May 2, 2023
Merged

fix: Remove usage of secrets to fix failing builds #2369

merged 1 commit into from
May 2, 2023
+1 −1

Conversation

ryancfogarty
Copy link

Fixes #

Illegal use of secrets, see comment in this PR for more context

#2360

I'm working on a way to resolve the original issue (rate-limiting) without breaking things, but this pull request will at least fix the new problem in the meantime.

Test Plan

How do we know the code works?

.

Checklist

  • Documented
  • Unit tested
  • Integration tests updated

@ryancfogarty
Copy link
Author

ryancfogarty commented May 2, 2023
edited
Loading

@Fry-kun can you approve and merge this? I'm aware this will be breaking things for a lot of people.

@adamvduke
Copy link
Contributor

Seems like this partial rollback of #2360 should be safe, because there is a guard against adding the token to the request if it's blank, and it wasn't being passed previously.

flank/flank-scripts/src/main/kotlin/flank/scripts/data/github/GithubApi.kt

Lines 197 to 201 in 3a21357

fun Request.appendGitHubHeaders(githubToken: String, contentType: String = "application/vnd.github.v3+json") =
appendHeader("Accept", contentType).also {
if (githubToken.isNotBlank())
appendHeader("Authorization", "token $githubToken")
}

@adamvduke adamvduke changed the title Remove usage of secrets to fix failing builds fix: Remove usage of secrets to fix failing builds May 2, 2023
@adamvduke adamvduke merged commit ee8b463 into Flank:master May 2, 2023
@baygaillardclasspass
Copy link

I see the PR fixing this got reverted. Did this ever get fixed? We're running into this now that we're on GHA instead of Jenkins where we maintained our own download script.

@ryancfogarty
Copy link
Author

I see the PR fixing this got reverted. Did this ever get fixed? We're running into this now that we're on GHA instead of Jenkins where we maintained our own download script.

No sorry, I never got around to working out a fix that didn't break things.

@baygaillardclasspass
Copy link

I suppose we can't use your github action then :( it's entirely unusable for larger teams.

@adamvduke
Copy link
Contributor

adamvduke commented Dec 6, 2024
edited
Loading

I suppose we can't use your github action then :( it's entirely unusable for larger teams.
@baygaillardclasspass
Are you specifying a version? I don't work at Google anymore, but from what I remember this issue was largely caused by multiple unauthenticated requests when trying to use the action without a version. Not specifying a version causes the download process to make extra github requests to determine the latest version.

@baygaillardclasspass
Copy link

I will bring that back to my devs, thank you for the tip!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adamvduke adamvduke adamvduke approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ryancfogarty @adamvduke @baygaillardclasspass