Closed simonw closed 1 year ago
This is happening in the "checkout til-db" step, which uses a personal access token so I can push back to that other repo in a later step:
This was my very hacky workaround from a while ago to store the TIL database in between steps even though it was too big to download from Vercel:
I'm going to store it in an S3 bucket instead, using s3-credentials
.
I'm going to stash the file in a folder in a new bucket:
~ % s3-credentials create til.simonwillison.net -c
Created bucket: til.simonwillison.net
Created user: 's3.read-write.til.simonwillison.net' with permissions boundary: 'arn:aws:iam::aws:policy/AmazonS3FullAccess'
Attached policy s3.read-write.til.simonwillison.net to user s3.read-write.til.simonwillison.net
Created access key for user: s3.read-write.til.simonwillison.net
{
"UserName": "s3.read-write.til.simonwillison.net",
"AccessKeyId": "AKIAWXFXAIOZOFEAZH56",
"Status": "Active",
"SecretAccessKey": "...",
"CreateDate": "2022-10-08 15:08:04+00:00"
}
Secret access key is in my 1Password.
Uploading a copy of that database from the til-db
repo:
til-db % s3-credentials put-objects til.simonwillison.net tils.db
Uploading 27.2 MB (1 file) [#####-------------------------------] 15% 00:01:13
Realized I want the bucket to be public, so deleted and recreated:
aws s3api delete-object --bucket til.simonwillison.net --key tils.db
aws s3api delete-bucket --bucket til.simonwillison.net
s3-credentials create til.simonwillison.net -c --public
s3-credentials put-objects til.simonwillison.net tils.db
Confirmed: this works without authentication now:
wget https://s3.amazonaws.com/til.simonwillison.net/tils.db
Added those AWS secrets to this repo.
That fixed it.
I'm going to archive the til-db repo now.
I'm seeing this in my deploys quite often at the moment: https://github.com/simonw/til/actions/runs/3210803803/jobs/5248557801
I tried contacting GitHub support and asking for a rate limit raise but I got back a templated response that effectively said no.