Github rate limit error HACS

beikeland · November 30, 2020, 4:22am

Just tried HACS today, and seems i hit the limit before it was set up for the first time, interestingly enough a second setup couldn’t even start adding the HACS integration with a separate token due to the rate limit seemingly being applied per github userid and not per token.

For the second and unused token:

curl -i -u YOUR_GITHUB_USER:YOUR_GITHUB_PERSONAL_TOKEN 'https://api.github.com/users/YOUR_GITHUB_USER'

Status: 403 Forbidden
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1606709870
X-RateLimit-Used: 5000
{
  "message": "API rate limit exceeded for user ID nnnnnnn.",
  "documentation_url": "https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"
}

DavidFW1960 · November 30, 2020, 4:38am

Yes you can’t just make a new token as it adds up all API requests on a per account basis.
I also set up a second github account just for HACS as I was hitting the 5000 limit. You really can ONLY use that account exclusively for HACS and even then I hit the 5000 probably once a day but because other stuff using github token is using a different account everything still works and HACS updates properly in the next hour.

daneboom · December 3, 2020, 12:12am

My logs are filled with github rate limit errors. Such a bummer. I hadn’t even been actively using HACs

tom_l · December 3, 2020, 4:04am

That’s not normal. I’ve never seen a rate limit. You have something misconfigured.

DavidFW1960 · December 3, 2020, 4:10am

It can happen. HACS uses a bunch or requests. It’s supposed to stop at 4900 but can go over - it does once a day for me… The important thing is to make sure you have a github account with the token ONLY used for HACS otherwise it’s easy to go over and then if other sensors etc are relying on it you get failures.
Here is what my github requests look like:

and my non-HACS account:

You can see if I was using the one account/token it blows through the 5000 easily

tom_l · December 3, 2020, 4:11am

Could you share the config for that sensor please David?

I’d be interested in seeing what mine does.

DavidFW1960 · December 3, 2020, 4:16am

# Github Rate Limits
  - platform: rest
    resource: https://api.github.com/rate_limit
    name: Github HACS
    value_template: '{{ value_json.resources.core.used }}'
    headers:
      Authorization: !secret hacs2
      Accept: application/vnd.github.v3+json
      Content-Type: application/json
      User-Agent: Home Assistant REST sensor
  - platform: rest
    resource: https://api.github.com/rate_limit
    name: Github Main
    value_template: '{{ value_json.resources.core.used }}'
    headers:
      Authorization: !secret github-access-token-token
      Accept: application/vnd.github.v3+json
      Content-Type: application/json
      User-Agent: Home Assistant REST sensor

And in lovelace it’s just a history graph

tom_l · December 3, 2020, 6:57am

Hmm, I get 0. Even after updating an integration in HACS.

- platform: rest
  resource: https://api.github.com/rate_limit
  name: HACS Github Access
  value_template: '{{ value_json.resources.core.used }}'
  headers:
    Authorization: !secret github_access_token
    Accept: application/vnd.github.v3+json
    Content-Type: application/json
    User-Agent: Home Assistant REST sensor

I only have one access token and that’s for HACS. Does the authorization token need “bearer” in front of it in the secret?

No errors in the log.

DavidFW1960 · December 3, 2020, 7:01am

Yeah. Mine has

hacs2: token xxxxx

tom_l · December 3, 2020, 7:05am

That was it. Thanks.

DavidFW1960 · December 3, 2020, 7:06am

Interested to hear how yours compares… it seems to spike once a day… Ludeeus says that is normal.

tom_l · December 3, 2020, 7:14am

Mine is at 425 now. Just realised it has no unit so I cant graph it. Restart again…

Will update you tomorrow.

tom_l · December 4, 2020, 5:36am

Seeing the same thing David:

hacs

However I haven’t yet seen it go over the rate limit.

DavidFW1960 · December 4, 2020, 5:50am

See I have almost every theme installed via HACS so I wonder if that is what is causing it. But yeah… 4000 eh!

tom_l · December 4, 2020, 7:05am

I have no themes, 17 frontend cards and 7 integrations insalled through HACS.

tom_l · December 7, 2020, 6:21am

Did you see the release notes for HACS v1.9?

This version brings in OAuth if you configure HACS in the UI so you don’t have to create a personal access token, for YAML config nothing changes.

DavidFW1960 · December 7, 2020, 6:54am

I didn’t notice it. I do have it configured in the GUI… wonder if I need to delete and add again…

wmaker · December 7, 2020, 7:15pm

(did you mean v1.8?)
I tried OAuth out by upgrading my already GUI configured HACS and there was no problem with the upgrade…however this simply kept using the original github personal token and not OAuth
.
So using the GUI I deleted HACS in the integration page (did the suggested HA reboot), then came back using the GUI, I added HACS back in. This time it provides a popup for the OAuth based scheme. Before you do anything else, open up another tab in your same browser and log into the github account you want OAuth to use (if you have another github account already logged into, I suggest you log out of it first). HACS will use this login for OAuth.

Then follow the instructions. Here is the updated documentation:

As a note: my popup card shows the auth code as a string that looks something like: \n \nXXXX-XXXX\n. The code of course is XXXX-XXXX so ignore the \n.

DavidFW1960 · December 8, 2020, 12:14am

Ok so this is just a different auth than using a token. It still generates API hits so I don’t think it’s going to help… (I switched and all is well but situation normal with the calls sensor)

tanc · December 10, 2020, 3:24pm

As a new user to HACS I found the docs very confusing over this as they say to create a personal access token but nothing about what to do with it. But it sounds like from the release notes that the token is not needed and OAuth handles all authentication and bypasses the rate limit.