quickstart-openshift icon indicating copy to clipboard operation
quickstart-openshift copied to clipboard

Published 20 hours ago verified publisher icon bcgov

Need to look at how to avoid ZAP rate limiting issues

Open mishraomp opened this issue 1 year ago • 4 comments
trafficstars

Thanks to @afwilcox for reporting. https://github.com/bcgov/nr-compliance-enforcement/actions/runs/8806409114/job/24171796325

Error: You have exceeded a secondary rate limit. Please wait a few minutes before you try again. If you reach out to GitHub Support for help, please include the request ID E0A8:2C1F3A:1299426:1E4A642:662816D6. - https://docs.github.com/free-pro-team@latest/rest/overview/rate-limits-for-the-rest-api#about-secondary-rate-limits

mishraomp avatar Apr 23 '24 20:04 mishraomp

@mishraomp I'm unfortunately not sure we can do anything about this. It's a ZAP bug that doesn't appear to be recurring regularly. Should we just keep notes and try to predict fails?

DerekRoberts avatar Apr 24 '24 02:04 DerekRoberts

@mishraomp I'm unfortunately not sure we can do anything about this. It's a ZAP bug that doesn't appear to be recurring regularly. Should we just keep notes and try to predict fails?

may be it happens with repository where matrix strategy is used and multiple zap scans for different components are running in parallel, just assumption based on the finding of C&E repo, since that's the only one with 3 components having routes exposed and pen test enabled.

mishraomp avatar Apr 24 '24 02:04 mishraomp

ZAP isn't wonderfully configurable, but we could use sequential instead of parallel runs. Any idea how often the problem happens?

DerekRoberts avatar Apr 24 '24 03:04 DerekRoberts

Poop. This error is turning up elsewhere. https://github.com/bcgov/quickstart-openshift/actions/runs/8785653950/job/24106670587

DerekRoberts avatar Apr 24 '24 03:04 DerekRoberts

I think this has been resolved upstream. Closing.

DerekRoberts avatar May 22 '24 18:05 DerekRoberts