dflook
Hitting Docker Hub Rate Limit
Problem description
We've started using these actions in anger across a couple of projects and are already hitting the Dockerhub Rate Limit on our Self Hosted Runners.
It doesn't seem possible in Github Actions to supply DockerHub credentials before these are pulled, as they are pulled immediately after the "Set Up Runner" step which is before any steps etc. This issue is meaning we either have to wait out the rate limit timer, or remove our usage of dflook Github Actions.
Would it be possible to publish images to an alternative Registry with higher pull limits? Or add documentation on how to solve this issue?
Terraform version
1.10.4
Backend
s3
Workflow YAML
Simple usage of any dflook action within a workflow file
Workflow log
Has debug logging been enabled?
- [x] Yes, the
ACTIONS_STEP_DEBUGsecret was set totruewhen capturing the workflow log above. I understand that if I have not done this, I may not recieve a response.
The image is also published to GitHub container registry. You can use it by appending -ghcr to the version tag, e.g.
jobs:
plan:
steps:
- name: terraform plan
uses: dflook/terraform-plan@v1-ghcr
with:
path: my-terraform-config
Awesome thank you. It'd be great if this could be added into the Readmes, or even made the default. Dockerhub has a rate limit of 10 pulls per ip per hour, so is easily hit with self hosted runners. I imagine Github Container Registry is way more generous.
Since the primary use case for this project is inside GitHub, is there any reason not make GHCR the default (or only) way to get it?
From my testing, GHCR is consistently slower than Dockerhub when using GitHub hosted runners.
The rate limiting should only be affecting self-hosted runners, where there is not necessarily network connectivity to gchr.
The default may well change in the future (with a major version bump)