Merge pull request #192 from crazy-max/support-ghes

enforce baseUrl to api.github.com if action used on GHES
This commit is contained in:
CrazyMax 2023-01-28 03:02:07 +01:00 committed by GitHub
commit 5e716dcfd6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 46 additions and 7 deletions

View file

@ -28,6 +28,7 @@ ___
* [Notes](#notes)
* [`nodes` output](#nodes-output)
* [BuildKit container logs](#buildkit-container-logs)
* [Using on GHES](#using-on-ghes)
* [Contributing](#contributing)
## Usage
@ -174,6 +175,35 @@ The following [official docker environment variables](https://docs.docker.com/en
See https://docs.docker.com/build/ci/github-actions/configure-builder/#buildkit-container-logs
## Using on GHES
GitHub Runners come [pre-installed with Docker Buildx](https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md)
following your virtual environment. If you specify a version or `latest` of
Docker Buildx in your workflow, the version will be downloaded from [GitHub Releases in `docker/buildx`](https://github.com/docker/buildx/releases)
repository. These calls to `docker/buildx` are made via unauthenticated requests,
which are limited to [60 requests per hour per IP](https://docs.github.com/en/rest/overview/resources-in-the-rest-api#rate-limiting).
If more requests are made within the time frame, then you will start to see
rate-limit errors during downloading that looks like:
```
##[error]API rate limit exceeded for...
```
To get a higher rate limit, you can [generate a personal access token on github.com](https://github.com/settings/tokens/new)
and pass it as the `github_token` input for the action:
```yaml
uses: docker/setup-buildx-action@v3
with:
github_token: ${{ secrets.GH_DOTCOM_TOKEN }}
version: v0.10.1
```
If the runner is not able to access `github.com`, it will take the default one
available on the GitHub Runner or runner's tool cache. See "[Setting up the tool cache on self-hosted runners without internet access](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)"
for more information.
## Contributing
Want to contribute? Awesome! You can find information about contributing to

View file

@ -45,9 +45,14 @@ inputs:
description: 'Append additional nodes to the builder'
required: false
github_token:
description: 'The GitHub token used to create an authenticated client for GitHub API'
default: ${{ github.token }}
required: false
# https://github.com/actions/setup-go/blob/21459d0b7b1d63741429b748885bf5a4974593b4/action.yml#L12-L14
description: >
Used to verifiy the Git tag exists on docker/buildx repo. Since there's a
default, this is typically not supplied by the user. When running this
action on github.com, the default value is sufficient. When running on
GHES, you can pass a personal access token for github.com if you are
experiencing rate limiting.
default: ${{ github.server_url == 'https://github.com' && github.token || '' }}
outputs:
name:

2
dist/index.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long

View file

@ -10,7 +10,9 @@ const [owner, repo] = 'docker/buildx'.split('/');
export const getReleaseTag = async (tag: string, githubToken: string): Promise<Release> => {
return (
await github
.getOctokit(githubToken)
.getOctokit(githubToken, {
baseUrl: 'https://api.github.com'
})
.rest.repos.getReleaseByTag({
owner,
repo,
@ -25,7 +27,9 @@ export const getReleaseTag = async (tag: string, githubToken: string): Promise<R
export const getLatestRelease = async (githubToken: string): Promise<Release> => {
return (
await github
.getOctokit(githubToken)
.getOctokit(githubToken, {
baseUrl: 'https://api.github.com'
})
.rest.repos.getLatestRelease({
owner,
repo