jfrog / setup-jfrog-cli

Set up JFrog CLI in your GitHub Actions workflow
Apache License 2.0
247 stars 80 forks source link

action consumes github anonymous rest api rate limit #223

Open kduret opened 5 days ago

kduret commented 5 days ago

Describe the bug

the action uses anonymous request instead of github_token provided by the worklow github rest api rate limit (60) can be quickly reached.

this happens only when using custom jfrog url

Current behavior

1 anonymous request is consumed when using setup-jfrog-cli

Reproduction steps

name: test-jfrog

on:
  pull_request:

jobs:
  test-jfrog:
    runs-on: ubuntu-24.04
    steps:
      - name: Check workflow statuses and display token usage before setup-jfrog-cli
        run: |
          echo ""
          echo ""
          echo "current rest api rate usage using github token:"
          curl -s -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/rate_limit | jq .rate.used
          echo ""
          echo ""
          echo "current rest api rate usage for anonymous:"
          curl -s -H "Accept: application/vnd.github+json" https://api.github.com/rate_limit | jq .rate.used
          echo ""
          echo ""

      - uses: jfrog/setup-jfrog-cli@9fe0f98bd45b19e6e931d457f4e98f8f84461fb5 # v4.4.1
        env:
          JF_URL: <custom_jfrog_url>
          JF_ACCESS_TOKEN: <access_token>

      - name: Check workflow statuses and display token usage after setup-jfrog-cli
        run: |
          echo "current rest api rate usage using github token:"
          curl -s -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/rate_limit | jq .rate.used
          echo ""
          echo ""
          echo "current rest api rate usage for anonymous:"
          curl -s -H "Accept: application/vnd.github+json" https://api.github.com/rate_limit | jq .rate.used
          echo ""
          echo ""

Expected behavior

0 anonymous request is consumed when using setup-jfrog-cli

Setup JFrog CLI version

4.4.1

JFrog CLI version

2.67.0

Workflow operating system type and version

ubuntu-24.04

JFrog Artifactory version (if relevant)

JFrog Cloud

JFrog Xray version (if relevant)

No response

sverdlov93 commented 3 days ago

Hi @kduret, Thanks for reaching out Can you provide the logs frog the WF run?