Comments (10)
greysteil
commented on September 25, 2024
2
@sobolevn you're going to want to make this line take an environment variable with a GitHub token. Fetching the metadata to include in PR descriptions makes a bunch of requests to GitHub, and without a token they can get rate limited really fast.
from kira-dependencies.
bpatram
commented on September 25, 2024
1
I'm also affected by this rate limiting. I've tried to modify the line you linked:
Line 21 in f1abb93
to reference and environment variable, but it seems to not to be used. What I changed it to was:
"password" => ENV['KIRA_GITHUB_PERSONAL_TOKEN']Then created a new personal token in github with repo read access to public repos and added it to my Gitlab CI pipeline variables.
Even with this set I still see errors caused by rate limiting:
Parsing dependencies information
- Updating gatsby (from 2.1.19)… submitted
- Updating gatsby-link (from 2.0.13)… submitted
- Updating gatsby-plugin-react-helmet (from 3.0.7)… submitted
- Updating gatsby-plugin-sass (from 2.0.10)…/builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/octokit-4.14.0/lib/octokit/response/raise_error.rb:16:in `on_complete': GET https://api.github.com/repos/gatsbyjs/gatsby/commits?path=packages%2Fgatsby-plugin-sass&sha=gatsby-plugin-sass%402.0.10: 403 - API rate limit exceeded for 35.243.254.89. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.) // See: https://developer.github.com/v3/#rate-limiting (Octokit::TooManyRequests)
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/response.rb:9:in `block in call'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/response.rb:61:in `on_complete'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/response.rb:8:in `call'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/octokit-4.14.0/lib/octokit/middleware/follow_redirects.rb:73:in `perform_with_redirection'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/octokit-4.14.0/lib/octokit/middleware/follow_redirects.rb:61:in `call'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/request/retry.rb:128:in `call'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/rack_builder.rb:143:in `build_response'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/connection.rb:387:in `run_request'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/faraday-0.15.4/lib/faraday/connection.rb:138:in `get'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/sawyer-0.8.2/lib/sawyer/agent.rb:94:in `call'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/octokit-4.14.0/lib/octokit/connection.rb:156:in `request'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/octokit-4.14.0/lib/octokit/connection.rb:84:in `paginate'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/octokit-4.14.0/lib/octokit/client/commits.rb:29:in `commits'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/clients/github_with_retries.rb:95:in `public_send'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/clients/github_with_retries.rb:95:in `block in method_missing'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/clients/github_with_retries.rb:116:in `retry_connection_failures'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/clients/github_with_retries.rb:92:in `method_missing'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/metadata_finders/base/commits_finder.rb:235:in `fetch_github_commits'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/metadata_finders/base/commits_finder.rb:44:in `commits'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/metadata_finders/base.rb:106:in `commits'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator/message_builder.rb:598:in `commits'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator/message_builder.rb:486:in `commits_cascade'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator/message_builder.rb:401:in `metadata_cascades_for_dep'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator/message_builder.rb:382:in `metadata_cascades'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator/message_builder.rb:63:in `pr_message'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator.rb:110:in `gitlab_creator'
from /builds/slewsystems/kira-dependencies/vendor/ruby/2.6.0/gems/dependabot-common-0.107.12/lib/dependabot/pull_request_creator.rb:67:in `create'
from ./update.rb:130:in `block in <main>'
from ./update.rb:78:in `each'
from ./update.rb:78:in `<main>'
😞
from kira-dependencies.
sobolevn
commented on September 25, 2024
You should set KIRA_GITLAB_PERSONAL_TOKEN to use authed requests.
from kira-dependencies.
lorvent
commented on September 25, 2024
that is for gitlab right..
im getting problem with github...
from kira-dependencies.
sobolevn
commented on September 25, 2024
This tool only supports gitlab. Use dependabot directly.
from kira-dependencies.
lorvent
commented on September 25, 2024
Well, you mis-understood my point.
i am using it in my gitlab instance only
but while scanning for composer dependency packages, may be it is searching github api for latest version and hence hitting rate limit.
hope it is clear now.
thanks
from kira-dependencies.
sobolevn
commented on September 25, 2024
Oh, I see. Hm, I have never seen this problem. But.
I guess you can try this piece of code: https://github.com/dependabot/dependabot-script/blob/master/generic-update-script.rb#L15-L22
Add this token to your credentials variable inside this hash here: https://github.com/wemake-services/kira-dependencies/blob/master/update.rb#L16 to test this out.
See how to get github access token in the github's docs.
from kira-dependencies.
sobolevn
commented on September 25, 2024
Let's ping @greysteil for help
from kira-dependencies.
lorvent
commented on September 25, 2024
i hard coded github token into update.rb and it seems to be working.
it is creating MRs for me.
from kira-dependencies.
lorvent
commented on September 25, 2024
perhaps we can close it, i submitted a MR and it is accepted.
from kira-dependencies.
Related Issues (20)
- Handle auto merging of MRs with merge-conflicts HOT 6
- Getting Error in GitLab CI 403 HOT 6
- Ability to run CI for multiple projects HOT 2
- Gitlab auto merge failures HOT 2
- do no update dev dependencies HOT 1
- New installs fail since octokit 4.17.0 was yanked HOT 1
- npm & yarn doesn't follow semantic versioning in package.json HOT 5
- Some Gitlab features are broken after #171 HOT 2
- How to authenticate with docker registry? HOT 2
- why it is keep updating package even when there is no new update HOT 5
- Ignore specific versions? HOT 2
- bundle install error in image HOT 7
- connect_write timeout reached
- invalid byte sequence in US-ASCII (ArgumentError) HOT 9
- Strange NoMethodError HOT 4
- The version of Ruby used by the script is not pinned to 2.7.1 and the script doesn't launch with Ruby 2.7.5 HOT 1
- package.json not always updated for monorepo with Lerna HOT 6
- timeout when updating existing npm merge requests HOT 1
- Authentication maven privat repo HOT 3
- Thinks about Merge Trains
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kira-dependencies.