search

github / vscode-github-actions

GitHub Actions extension for VS Code
https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-github-actions
MIT License
469 stars 70 forks source link

Extension consumes all api quota making requests for variables in GHES 3.7 #313

Closed planetsLightningArrester closed 1 month ago

planetsLightningArrester commented 3 months ago

Describe the bug Opening a Workspace in VSCode with the GitHub Actions extension enabled connected to a GHES 3.7 will quickly consume all the quota available because the extension performs hundreds of failing attempts to get Variables (404 not found). This is because the Variables support was introduced on GHES 3.8. Therefore, all requests to get Variables will return 404.

To Reproduce Steps to reproduce the behavior:

  1. Log into a GitHub Enterprise server version 3.7 in VSCode
  2. Open any workspace with workflows
  3. Open the vscode-github-actions logs in VS Code
  4. See several 404 errors trying to reach https://<ghes_url>/api/v3/repos/<user>/<repo>/actions/variables

Expected behavior In one of my tests, the extension made 154 attempts to get Variables just by opening the workspace. I guess it's ok to try to get it once and stop. Or try to check if the server version has Variables available before making the request.

Screenshots Here you can see one of the attempts of the log (sensitive data hidden by ***)

Failure to retrieve variables:  Cs [HttpError]: Not Found
    at /home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2786513
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.next (/home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2792020)
    at async /home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2863050
    at async wa.get (/home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2869053)
    at async /home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2862965
    at async /home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2862914
    at async Object.getContext (/home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2862568)
    at async oi (/home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2735467)
    at async yn (/home/***/.vscode-server/extensions/github.vscode-github-actions-0.26.2/dist/server-node.js:2:2761083) {
  status: 404,
  response: {
    url: 'https://***/api/v3/repos/***/***/actions/variables?per_page=100',
    status: 404,
    headers: {
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
      'content-encoding': 'gzip',
      'content-security-policy': "default-src 'none'",
      'content-type': 'application/json; charset=utf-8',
      date: 'Wed, 10 Apr 2024 16:41:09 GMT',
      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
      server: 'GitHub.com',
      'strict-transport-security': 'max-age=31536000; includeSubdomains',
      'transfer-encoding': 'chunked',
      'x-accepted-oauth-scopes': 'repo',
      'x-content-type-options': 'nosniff',
      'x-frame-options': 'deny',
      'x-github-enterprise-version': '3.7.5',
      'x-github-media-type': 'github.v3; format=json',
      'x-github-request-id': '***',
      'x-oauth-client-id': '***',
      'x-oauth-scopes': 'repo, workflow',
      'x-ratelimit-limit': '5000',
      'x-ratelimit-remaining': '4982',
      'x-ratelimit-reset': '1712767559',
      'x-ratelimit-resource': 'core',
      'x-ratelimit-used': '18',
      'x-runtime-rack': '0.033786',
      'x-xss-protection': '0'
    },
    data: {
      message: 'Not Found',
      documentation_url: 'https://docs.github.com/enterprise-server@3.7/rest'
    }
  },
  request: {
    method: 'GET',
    url: 'https://***/api/v3/repos/***/***/actions/variables?per_page=100',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'VS Code GitHub Actions (0.26.2) octokit-rest.js/19.0.7 octokit-core.js/4.1.0 Node.js/18.18.2 (linux; x64)',
      authorization: 'token [REDACTED]'
    },
    request: { hook: [Function: bound bound e] }
  }
}

Extension Version v0.26.2

Additional context It looks like the request attempts are even more aggressive when using SSH, e.g. using WSL. Typing an if statement in a workflow made almost 500 requests. Tested on GHES v3.7.5.

Might be related to #192

I hope this can be easily fixed. The extension is amazing and I'd be really happy to use it at its full potential :)

felipesu19 commented 1 month ago

GHES is unfortunately not officially supported, and it is not currently on our roadmap. I'm closing this, because without robust GHES version handling we probably can't effectively handle this case.