From 356bf98a323f6f650748b6ef8fc445442666f514 Mon Sep 17 00:00:00 2001 From: Wolfgang Walther Date: Sun, 22 Jun 2025 22:02:14 +0200 Subject: [PATCH] workflows: log rate limits consistently This will give us a better idea about: - Which jobs use the most API calls and can possibly be made more efficient. - Which rate limits apply exactly to which tokens. --- .github/workflows/backport.yml | 10 ++++++++++ .github/workflows/check.yml | 10 ++++++++++ .github/workflows/codeowners-v2.yml | 24 ++++++++++++++++++++++ .github/workflows/eval.yml | 10 ++++++++++ .github/workflows/labels.yml | 10 ++++++++++ .github/workflows/reviewers.yml | 31 +++++++++++++++++++++++++++++ 6 files changed, 95 insertions(+) diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 72b8482ef439..9407fea7f8e5 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -43,6 +43,11 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} token: ${{ steps.app-token.outputs.token }} + - name: Log current API rate limits + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + - name: Create backport PRs id: backport uses: korthout/backport-action@436145e922f9561fc5ea157ff406f21af2d6b363 # v3.2.0 @@ -56,6 +61,11 @@ jobs: * [ ] Before merging, ensure that this backport is [acceptable for the release](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#changes-acceptable-for-releases). * Even as a non-committer, if you find that it is not acceptable, leave a comment. + - name: Log current API rate limits + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + - name: "Add 'has: port to stable' label" if: steps.backport.outputs.created_pull_numbers != '' uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 966e0f5c0d52..efe0c0c99705 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -50,6 +50,11 @@ jobs: run: | ./trusted/ci/check-cherry-picks.sh "$BASE_SHA" "$HEAD_SHA" checked-cherry-picks.md + - name: Log current API rate limits + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq + - name: Prepare review if: steps.check.outcome == 'failure' uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 @@ -148,3 +153,8 @@ jobs: }`, { node_id: review.node_id }) }) ) + + - name: Log current API rate limits + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml index 947f441f2e60..89908ede868d 100644 --- a/.github/workflows/codeowners-v2.yml +++ b/.github/workflows/codeowners-v2.yml @@ -79,6 +79,12 @@ jobs: permission-administration: read permission-members: read + - name: Log current API rate limits + if: steps.app-token.outputs.token + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + - name: Validate codeowners if: steps.app-token.outputs.token env: @@ -90,6 +96,12 @@ jobs: EXPERIMENTAL_CHECKS: "avoid-shadowing" run: result/bin/codeowners-validator + - name: Log current API rate limits + if: steps.app-token.outputs.token + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + # Request reviews from code owners request: name: Request @@ -116,8 +128,20 @@ jobs: permission-members: read permission-pull-requests: write + - name: Log current API rate limits + if: steps.app-token.outputs.token + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + - name: Request reviews if: steps.app-token.outputs.token env: GH_TOKEN: ${{ steps.app-token.outputs.token }} run: result/bin/request-code-owner-reviews.sh ${{ github.repository }} ${{ github.event.number }} "$OWNERS_FILE" + + - name: Log current API rate limits + if: steps.app-token.outputs.token + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml index 7a4f590887c9..71ba62cdf4c7 100644 --- a/.github/workflows/eval.yml +++ b/.github/workflows/eval.yml @@ -66,6 +66,11 @@ jobs: name: merged-${{ matrix.system }} path: merged/* + - name: Log current API rate limits + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq + - name: Get target run id if: inputs.targetSha id: targetRunId @@ -108,6 +113,11 @@ jobs: // This should only happen when Eval is broken on the target branch and this PR fixes it. // Continue without targetRunId to skip the remaining steps, but pass the job. + - name: Log current API rate limits + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq + - uses: actions/download-artifact@v4 if: steps.targetRunId.outputs.targetRunId with: diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index 177021ff1497..c0ec74731326 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -266,6 +266,11 @@ jobs: core.notice(`Processed ${stats.prs} PRs, made ${stats.requests + stats.artifacts} API requests and downloaded ${stats.artifacts} artifacts.`) + - name: Log current API rate limits + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 name: Labels from touched files if: | @@ -313,3 +318,8 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} configuration-path: .github/labeler-development-branches.yml sync-labels: true + + - name: Log current API rate limits + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq diff --git a/.github/workflows/reviewers.yml b/.github/workflows/reviewers.yml index 4beb755e2b64..bd1d8aed7204 100644 --- a/.github/workflows/reviewers.yml +++ b/.github/workflows/reviewers.yml @@ -54,6 +54,10 @@ jobs: permission-members: read permission-pull-requests: write + - name: Log current API rate limits (github.token) + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq # In the regular case, this workflow is called via workflow_call from the eval workflow directly. # In the more special case, when a PR is undrafted an eval run will have started already. @@ -87,6 +91,11 @@ jobs: } throw new Error("No comparison artifact found.") + - name: Log current API rate limits (github.token) + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq + - name: Download the comparison results uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: @@ -96,6 +105,17 @@ jobs: path: comparison merge-multiple: true + - name: Log current API rate limits (app-token) + if: ${{ steps.app-token.outputs.token }} + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + + - name: Log current API rate limits (github.token) + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq + - name: Requesting maintainer reviews if: ${{ steps.app-token.outputs.token }} env: @@ -111,3 +131,14 @@ jobs: jq -r 'keys[]' comparison/maintainers.json \ | while read -r id; do gh api /user/"$id" --jq .login; done \ | GH_TOKEN=${{ steps.app-token.outputs.token }} result/bin/request-reviewers.sh "$REPOSITORY" "$NUMBER" "$AUTHOR" + + - name: Log current API rate limits (app-token) + if: ${{ steps.app-token.outputs.token }} + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + run: gh api /rate_limit | jq + + - name: Log current API rate limits (github.token) + env: + GH_TOKEN: ${{ github.token }} + run: gh api /rate_limit | jq