Skip to content

Use GitHub token for CLI version checks (avoid anonymous rate‑limit) #3050

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 11, 2025
Merged

Use GitHub token for CLI version checks (avoid anonymous rate‑limit) #3050

merged 1 commit into from
Aug 11, 2025

Conversation

nirvanin
Copy link
Contributor

@nirvanin nirvanin commented Aug 7, 2025
edited by EyalDelarea
Loading

  • All tests have passed. If this feature is not already covered by the tests, new tests have been added.
  • The pull request is targeting the dev branch.
  • The code has been validated to compile successfully by running go vet ./....
  • The code has been formatted properly using go fmt ./....

Why

When JFrog CLI checks for the latest version, it calls the GitHub Releases API.
Without a token, these requests are anonymous and can quickly hit GitHub’s low rate limit, especially in CI.
This surfaced in the setup action as workflows intermittently failing due to HTTP 403 from the GitHub API (rate limit).

What’s changing

  1. Tokenized version check

    • utils.CheckNewCliVersionAvailable(currentVersion) now reads JFROG_CLI_GITHUB_TOKEN from the environment and uses it as a Bearer token for the GitHub API request.
    • If absent, the call proceeds anonymously, but with clearer logging.

  2. New env var

    • Introduce JFROG_CLI_GITHUB_TOKEN, documented in docs/common/env.go and surfaced in global env var help.

  3. API & flags cleanup

    • Remove the app-level --github-token global flag and its plumbing from main.go.
    • Configuration via env var is now the single supported path.

Relates to :
jfrog/setup-jfrog-cli#223

EyalDelarea
EyalDelarea approved these changes Aug 7, 2025
View reviewed changes
Copy link
Contributor

@EyalDelarea EyalDelarea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

See my comments which are open for discussion.

@nirvanin nirvanin requested a review from EyalDelarea August 10, 2025 10:24
EyalDelarea
EyalDelarea approved these changes Aug 10, 2025
View reviewed changes
Copy link
Contributor

@EyalDelarea EyalDelarea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM :)
Just see the interval change comment

@EyalDelarea EyalDelarea added the bug Something isn't working label Aug 10, 2025
@EyalDelarea EyalDelarea changed the title JGC-402 - transfer github token to env var Use GitHub token for version check if available Aug 10, 2025
@EyalDelarea EyalDelarea changed the title Use GitHub token for version check if available Use GitHub token for CLI version checks (avoid anonymous rate‑limit) Aug 10, 2025
@EyalDelarea EyalDelarea added the safe to test Approve running integration tests on a pull request label Aug 10, 2025
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 10, 2025
cyrilc-pro
cyrilc-pro approved these changes Aug 11, 2025
View reviewed changes
@ehl-jf ehl-jf added the safe to test Approve running integration tests on a pull request label Aug 11, 2025
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 11, 2025
@ehl-jf ehl-jf merged commit 5842704 into jfrog:dev Aug 11, 2025
57 of 66 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Aug 11, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EyalDelarea EyalDelarea EyalDelarea approved these changes

@cyrilc-pro cyrilc-pro cyrilc-pro approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nirvanin @EyalDelarea @cyrilc-pro @ehl-jf