Fix GitHub rate limiting when generating pull request descriptions (#…

…1362) * Set github registry credentials to avoid rate-limiting when generating pull request descriptions * Set github registry credentials to avoid rate-limiting when generating pull request descriptions
tinglesoftware · Sep 28, 2024 · 4f3ffc0 · 4f3ffc0
1 parent 618968d
commit 4f3ffc0
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 0 deletions.
diff --git a/extension/tasks/dependabotV2/index.ts b/extension/tasks/dependabotV2/index.ts
@@ -61,6 +61,7 @@ async function run() {
     );
 
     const dependabotUpdaterOptions = {
+      azureDevOpsAccessToken: taskInputs.systemAccessToken,
       gitHubAccessToken: taskInputs.githubAccessToken,
       collectorImage: undefined, // TODO: Add config for this?
       proxyImage: undefined, // TODO: Add config for this?

diff --git a/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotCli.ts b/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotCli.ts
@@ -39,6 +39,7 @@ export class DependabotCli {
   public async update(
     operation: IDependabotUpdateOperation,
     options?: {
+      azureDevOpsAccessToken?: string;
       gitHubAccessToken?: string;
       collectorImage?: string;
       proxyImage?: string;
@@ -85,6 +86,7 @@ export class DependabotCli {
         env: {
           DEPENDABOT_JOB_ID: jobId.replace(/-/g, '_'), // replace hyphens with underscores
           LOCAL_GITHUB_ACCESS_TOKEN: options?.gitHubAccessToken, // avoid rate-limiting when pulling images from GitHub container registries
+          LOCAL_AZURE_ACCESS_TOKEN: options?.azureDevOpsAccessToken, // technically not needed since we already supply this in our 'git_source' registry, but included for consistency
         },
       });
       if (dependabotResultCode != 0) {

diff --git a/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotJobBuilder.ts b/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotJobBuilder.ts
@@ -233,14 +233,25 @@ function mapRegistryCredentialsFromDependabotConfigToJobConfig(
 ): any[] {
   let registryCredentials = new Array();
   if (taskInputs.systemAccessToken) {
+    // Required to authenticate with the Azure DevOps git repository when cloning the source code
     registryCredentials.push({
       type: 'git_source',
       host: taskInputs.hostname,
       username: taskInputs.systemAccessUser?.trim()?.length > 0 ? taskInputs.systemAccessUser : 'x-access-token',
       password: taskInputs.systemAccessToken,
     });
   }
+  if (taskInputs.githubAccessToken) {
+    // Required to avoid rate-limiting errors when generating pull request descriptions (e.g. fetching release notes, commit messages, etc)
+    registryCredentials.push({
+      type: 'git_source',
+      host: 'github.com',
+      username: 'x-access-token',
+      password: taskInputs.githubAccessToken,
+    });
+  }
   if (registries) {
+    // Required to authenticate with private package feeds when finding the latest version of dependencies
     for (const key in registries) {
       const registry = registries[key];
       registryCredentials.push({