Skip to content

Enhance setup-python Action in GitHub Enterprise Server with Raw API Fallback Mechanism #756

New issue
New issue
Closed
#766
Closed
Enhance setup-python Action in GitHub Enterprise Server with Raw API Fallback Mechanism#756
#766
Assignees
priya-kinthali
Labels
feature requestNew feature or request to improve the current logic
@Shegox

Description

@Shegox
Shegox
opened on Oct 31, 2023

Description:

In the context of GitHub Enterprise Server (GHES), it is typical for runners to share the same IP address due to Network Address Translation (NAT). This configuration results in the quick exhaustion of the unauthenticated rate limit (60 requests per hour per IP address) when accessing the versions-manifest.json file, leading to failures in the setup-python action. The current workaround is to incorporate a "github.com" token into the setup-python action. Although this solution is functional, it necessitates the creation of an additional github.com token (and technical user) for each repository/team, which is not optimal. Moreover, Pull Requests from forks are not supported due to their lack of access to the secret.

A potential improvement could be leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token.

Justification:
Our GitHub Enterprise Server has frequently encountered rate limit issues, and the manual token addition method does not scale well. Utilizing the raw API as a fallback could provide an automatic workaround for this issue. If this approach fails, users can still resort to adding a token.

Are you willing to submit a PR?
I have created a fork to verify that the raw API isn't affected by the rate limit and can be used as a fallback solution. (https://github.com/actions/setup-python/compare/main...Shegox:setup-python:raw-access?expand=1)

The log extract from the workaround is as follows:

  Version 3.10 was not found in the local cache
  ##[debug]Getting manifest from actions/python-versions@main
  ##[debug]{"name":"HttpClientError","statusCode":403,"result":{"message":"API rate limit exceeded for xx.xx.xx.xx. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}}
  ##[debug]Fetching via the API failed. Fetching using raw URL.
  ##[debug]check 3.13.0-alpha.1 satisfies 3.10
  ##[debug]check 3.12.0 satisfies 3.10
  ##[debug]check 3.12.0-rc.3 satisfies 3.10
  ##[debug]check 3.12.0-rc.2 satisfies 3.10
  ##[debug]check 3.12.0-rc.1 satisfies 3.10

I am prepared to submit a PR incorporating the proposed changes.
Before proposing this PR I wanted to check if that would be accepted or if there are other ideas to overcome this?

Related Issues

Metadata

Metadata

Assignees

Labels

feature requestNew feature or request to improve the current logic

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions