Skip to content

feat: add GitHub token authentication support#909

Open
azrsh wants to merge 1 commit intoaquaproj:mainfrom
azrsh:feat/add-github-token-auth
Open

feat: add GitHub token authentication support#909
azrsh wants to merge 1 commit intoaquaproj:mainfrom
azrsh:feat/add-github-token-auth

Conversation

@azrsh
Copy link

@azrsh azrsh commented Feb 19, 2026
edited
Loading

Summary

Adds optional GitHub token authentication support to the aqua-installer script, enabling authenticated downloads when the GITHUB_TOKEN environment variable is available. The action.yaml sets the GITHUB_TOKEN environment variable, so the aqua-installer action user can utilize their token to fetch the aqua binary.
This moves the request from IP-address-based GitHub rate limit budget to identity-based one, which has higher rate limits.

https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api?apiVersion=2022-11-28

Changes Made

  • Rate Limit Benefits: Authenticated requests get higher GitHub API rate limits (1,000/hr vs 60/hr on the primary rate limit)
  • Conditional Authentication: Uses Authorization: Bearer header when GITHUB_TOKEN is set
  • Backward Compatibility: Maintains existing unauthenticated behavior when no token is provided

Benefits

  • Higher Rate Limits: Authenticated requests avoid GitHub's strict rate limiting
  • Future-Proof: Aligns with GitHub's recommended authentication practices
  • Zero Breaking Changes: Existing usage patterns continue to work unchanged

Usage

# Existing usage (unchanged)
./aqua-installer

# New authenticated usage
GITHUB_TOKEN=ghp_xxxxxxxxxxxx ./aqua-installer

Testing

  • Tested with both curl and wget
  • Verified backward compatibility with unauthenticated requests
  • Confirmed proper header formatting for GitHub API authentication

@github-actions

This comment was marked as resolved.

Sign in to view
@azrsh
feat: add GitHub token authentication support to aqua-installer
2e4fcca 
- Add conditional authentication using GITHUB_TOKEN environment variable
- Support Bearer token auth for both curl and wget download methods
- Maintain backward compatibility with unauthenticated requests
- Provide user feedback when authentication is being used
- Enables higher rate limits and potential private repository access

Resolves unauthenticated GitHub API requests when token is available.
@azrsh azrsh force-pushed the feat/add-github-token-auth branch from 49b2b26 to 2e4fcca Compare February 19, 2026 18:01
@suzuki-shunsuke
Copy link
Member

suzuki-shunsuke commented Feb 20, 2026
edited
Loading

aqua-installer/aqua-installer

Line 66 in c780ffb

URL=https://github.com/aquaproj/aqua/releases/download/$bootstrap_version/$filename

The endpoint isn't GitHub REST API.
IIRC, there is no rate limit for this endpoint the API rate limit for GitHub REST API isn't applied to this endpoint.

@suzuki-shunsuke
Copy link
Member

suzuki-shunsuke commented Feb 20, 2026

If you have any trouble, could you create an issue first?

@azrsh
Copy link
Author

azrsh commented Feb 20, 2026

@suzuki-shunsuke Thank you for your response! We are facing some 403 errors (which is usually the rate limit errors on GitHub), but if the endpoint doesn't have the rate limit, then the cause can be another factor. Let me try to investigate a bit more 🙇

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@azrsh @suzuki-shunsuke