CI: Use GitHub Actions token for higher rate limit

nextstrain / nextstrain.org

The Nextstrain website

https://nextstrain.org

GNU Affero General Public License v3.0

88 stars 49 forks source link

CI: Use GitHub Actions token for higher rate limit #817

Closed victorlin closed 5 months ago

victorlin commented 5 months ago

Description of proposed changes

Previously, the unauthenticated requests were limited to 60 per hour per IP address which are likely shared by other jobs using the same GitHub-hosted runners.

Related issue(s)

Prompted by https://github.com/nextstrain/nextstrain.org/pull/810#discussion_r1556421873

Checklist

[x] Updated repo's Actions settings to use read-only permissions on GITHUB_TOKEN
[x] Checks pass
[x] Not testing the new rate limit - will monitor CI on other builds.

victorlin commented 5 months ago

@jameshadfield good point. All the testing operations are read-only, so the restricted access should be sufficient. Since this is the only usage of GITHUB_TOKEN in this repo's CI, I've updated it to be restricted in the repo settings.

victorlin commented 5 months ago

Rebased onto latest master which should fix the issue with aws-region.

The org-wide change is to store AWS_REGION in an organization variable instead of per-repo secrets.