Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: update eslint job failed #48213

Closed
nodejs-github-bot opened this issue May 28, 2023 · 8 comments
Closed

deps: update eslint job failed #48213

nodejs-github-bot opened this issue May 28, 2023 · 8 comments
Labels
dependencies Pull requests that update a dependency file.

Comments

@nodejs-github-bot
Copy link
Collaborator

This is an automatically generated issue by the GitHub Action.
The update workflow has failed for .
@nodejs/security-wg @nodejs/actions

@nodejs-github-bot nodejs-github-bot added the dependencies Pull requests that update a dependency file. label May 28, 2023
@marco-ippolito marco-ippolito closed this as not planned Won't fix, can't repro, duplicate, stale May 28, 2023
@marco-ippolito
Copy link
Member

marco-ippolito commented May 28, 2023

A lot of dependencies update failure happened, I've closed most of the issue automatically opened. I think the main cause is github api rate limit. There is a PR open to solve this issue
#48200

@fasenderos
Copy link
Contributor

The error message of one of the failed job is

data: {
      message: 'You have exceeded a secondary rate limit and have been temporarily blocked from content creation. Please retry your request again later.',
      documentation_url: 'https://docs.github.com/rest/overview/resources-in-the-rest-api#secondary-rate-limits'
}

As per the doc, even authenticated request can hit a secondary rate limits. To avoid these limits, requests for a single user (e.g. GITHUB_TOKEN) must be done serially, not concurrently and - for large (??) number of call - wait one second between each request.

  1. Make requests for a single user or client ID serially. Do not make requests for a single user or client ID concurrently.

  2. If you're making a large number of POST, PATCH, PUT, or DELETE requests for a single user or client ID, wait at least one second between each request.

By default jobs run in parallel and we can try to run the jobs sequentially, but we have also to consider that all the other jobs count in these limits, not only the one that update the dependencies, so it is very likely reaching these limits. It might be useful have a last resort job that act as a DLQ of failed jobs to be runned again

@aduh95
Copy link
Contributor

aduh95 commented May 30, 2023

we have also to consider that all the other jobs count in these limits

We have to consider all the other jobs that do API calls with the bot token, and I think that's only the CQ and the Auto-start-ci workflows (and only if there are PRs on the queue). (At least there are only those on this repo, I don't know if we use nodejs-github-bot elsewhere, I assume no). Making the deps_updater workflow run sequentially should be enough I think.

@targos
Copy link
Member

targos commented May 30, 2023

I'm not sure this is related to a rate limit.

I see nothing that indicates it in the logs of https://github.com/nodejs/node/actions/runs/5101478266/jobs/9170360142

@targos
Copy link
Member

targos commented May 30, 2023

It's also not clear to me why it opened an issue at all. It's supposed to only happen on failure and the eslint job didn't fail.

@marco-ippolito
Copy link
Member

the errors are all different, there is api rate limit, missing template(? weird) etc... https://github.com/nodejs/node/actions/runs/5101478266

@targos
Copy link
Member

targos commented May 30, 2023

That doesn't explain why it opened issues for jobs that finished without errors like the eslint one.

@marco-ippolito
Copy link
Member

there were some issue with the github action which have been reverted: #48312

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file.
Projects
None yet
Development

No branches or pull requests

5 participants