What is GHES?

I think it would be safer to add an explicit option to not add an “Authorization” header instead of a blank line. Something like

      - name: Install clojure tools
        uses: DeLaGuardo/[email protected]
        with:
          no_auth: true
          lein: 2.9.1

What do you think?

GitHub Enterprise Server

I think that could work well

@isaacsanders could you try to run from the branch?

        uses: DeLaGuardo/setup-clojure@ac5052cad8ffe5039f26968da4b4a0ca88d00971
        with:
          no-auth: 'true'

@DeLaGuardo This worked for me

This worked for me too for running locally using nektos/act. However on Github I get errors about exceeding non-authorized quotas. Also when trying with no-auth: 'false'. Removing no-auth completely makes it work again.

UPDATE: I was a bad tester. I think it actually works setting it to 'false'.

These are unauthorized requests, and you will run into quotas if you don't cache the results.

These are unauthorized requests, and you will run into quotas if you don't cache the results.

You mean it isn't related to using the no-auth directive?

I'm saying it is a direct consequence and known aspect of using the no-auth parameter.

on github you are using an IP address within the runner that is likely used by a great number of other people, so the rate will be limited. Locally, on your machine, you are less likely to have used all of the requests according to the rate limit. I used GHES, the enterprise offering, so the autogenerated token from GHA isn't valid for the authentication if generated from GHES, since it is a token for that server, not public github.

My point was that I expected that when I set no-auth to false, I would get the “normal” authenticated behaviour that I get when I omit the directive.

And, important: I tested it in a bad way. It actually seems that my assumption may have been correct. Sorry about the noise!

I just published a new version with no auth header in HTTP calls when explicit empty github-token is provided.

To test it in your environment please use following snippet:

      - name: Install all the tools
        uses: DeLaGuardo/[email protected]
        with:
          cli: latest
          lein: latest
          boot: latest
          bb: latest
          clj-kondo: latest
          cljstyle: latest
          zprint: latest

          # Explicit empty string should trigger "no auth" workflow
          # this will not set Authorisation header for any GitHub API http calls
          github-token: ''

This works great, thank you @DeLaGuardo!