Comments (9)
DavidTanner
commented on July 21, 2024
The WebHook runs anytime that github sends something to Jenkins. Github sends notifications every time there is a new pull request, or a change to one.
from ghprb-plugin.
gbougeard
commented on July 21, 2024
According to my logs I think there is a loop :
Aug 28, 2015 8:05:48 PM FINEST org.jenkinsci.plugins.ghprb.GhprbGitHubAuth
Using OAuth token for context ccc-service-email_pr
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.GhprbWebHook
Comparing repository names: ebuzzing/service-kafka to ebuzzing/service-media-format, case is ignored
Aug 28, 2015 8:05:48 PM INFO org.jenkinsci.plugins.ghprb.GhprbWebHook handleWebHook
Got payload event: pull_request
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.Ghprb
Looking up credentials forb2daf6d6-*****************, using context lib-front-validators_pr for url https://api.github.com
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.Ghprb
Found 2 credentials
Aug 28, 2015 8:05:48 PM FINEST org.jenkinsci.plugins.ghprb.GhprbGitHubAuth
Using OAuth token for context lib-front-validators_pr
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.GhprbWebHook
Comparing repository names: ebuzzing/ccc-service-email to ebuzzing/service-media-format, case is ignored
Aug 28, 2015 8:05:48 PM INFO org.jenkinsci.plugins.ghprb.GhprbWebHook handleWebHook
Got payload event: pull_request
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.Ghprb
Looking up credentials for b2daf6d6-*****************, using context ccc-service-soizencoder_pr for url https://api.github.com
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.Ghprb
Found 2 credentials
Aug 28, 2015 8:05:48 PM FINEST org.jenkinsci.plugins.ghprb.GhprbGitHubAuth
Using OAuth token for context ccc-service-soizencoder_pr
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.GhprbWebHook
Comparing repository names: ebuzzing/lib-front-validators to ebuzzing/service-media-format, case is ignored
Aug 28, 2015 8:05:48 PM INFO org.jenkinsci.plugins.ghprb.GhprbWebHook handleWebHook
Got payload event: pull_request
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.Ghprb
Looking up credentials for b2daf6d6-*****************, using context tests-integration-campaign-delivery_pr for url https://api.github.com
Aug 28, 2015 8:05:48 PM FINE org.jenkinsci.plugins.ghprb.Ghprb
Found 2 credentials
and so on. Like the matchRepo loop...
from ghprb-plugin.
DavidTanner
commented on July 21, 2024
It is looking through all of your projects trying to find the matching repo. Are your sure that is abusing the rate limit though? Looks like it needs to look up the jobs from a map instead of every job.
from ghprb-plugin.
gbougeard
commented on July 21, 2024
Github support tells me I have peaks to 250 queries/s . You can imagine with 300 repositories and jobs when 10 pull requests are submitted at the same time, it could call 3000 times github in few seconds! As the rate limit is 5k calls per hour...
from ghprb-plugin.
gbougeard
commented on July 21, 2024
And by the way, I understand it tries to find the matching repo, the thing I don't understand it's why it is looking for the credentials if the repo does not match! I believe this check does a call to the api.github.com/user route and this is the one Github reported to me.
from ghprb-plugin.
DavidTanner
commented on July 21, 2024
So each time that it accesses a job and tries to parse the message, it needs the auth details to see if there is a signature involved. https://github.com/jenkinsci/ghprb-plugin/blob/ghprb-1.27/src/main/java/org/jenkinsci/plugins/ghprb/GhprbWebHook.java#L28
Part of the problem is that it checks the signature, then parses the event, then checks if the repo matches.
from ghprb-plugin.
gbougeard
commented on July 21, 2024
I understand. So it confirms there are X API calls for each pull_request where X is the number of repositories having jenkins jobs.
Could it not be possible before parse the whole payload to just get the repository involved before doing any API call?
In scala, using play-json we could get it with something like repository \ name.
from ghprb-plugin.
gbougeard
commented on July 21, 2024
Could we consider the possibility to only checkSignature after finding the matching repo?
Actually, the checkSignaturedoes not bother me, only the call to the API to retrieve the credentials ( trigger.getGitHubApiAuth().getSecret() ) disturbs me.
from ghprb-plugin.
gbougeard
commented on July 21, 2024
Great! when could you release it?
from ghprb-plugin.
Related Issues (20)
- Unable to connect to GitHub HOT 2
- Worker nodes aren't started when pipeline requests to run parallel parts on same node
- Log4j in ghprb? HOT 1
- Trigger based on directories HOT 1
- Pull request approval without fetch
- usage of org-list may incur github rate limit
- Publish multiple github-statuses from the same pipeline job HOT 1
- ${ghprbActualCommit} does not pick up current commit from hook if an additional branch is specified. HOT 2
- Create new pull request with a comments,but not be triggered. Comment a gain and reopen the pull request,then be triggered
- Restrict Specific branch for Pull request
- What kind of "actions" does the Pull request Webhook of the Github pull request builder support?
- What kind of "actions" does the Pull request Webhook of the Github pull request builder support? HOT 1
- Plug-in Question
- Changing the status context (name) in the config while a job is running leaves the old status in pending forever
- Changing(rotating) plugin credentials take no effect until Jenkins is restarted due to cached repo object
- Is this plugin is not maintained anymore? if so, is there any alternative plugin for it ? HOT 1
- Can Help WIth Plugin Upgrade
- Warning: The currently installed plugin version may not be safe to use. Please review the following security notices:
- Not able to trigger jenkins job by adding specific labels
- When A PR is not mergeable the Github status check does not get updated
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ghprb-plugin.