All GitHub badges throw error with no token set

[chris48s]

❓ Question

It used to be possible to run your dev copy with no GH_TOKEN set. The allowance is too low to do a full test run, but the anon allowance is enough to render a few badges in the front-end.
Now if no GH_TOKEN is set, all GH badges will fail to render. This is probably unexpected to new/casual contributors.

Is this change intentional, or is it a mistake that has been introduce in the recent work around server secrets/GH auth?

[paulmelnikow]

Yes, this is a usability regression that should be fixed. (I mentioned it in the top post of #2733.) Let’s track it here.

[chris48s]

Basically the issue here is that if config.private.gh_token is set, we'll use that. Otherwise, we'll use pooling.

In reality, there should be 3 valid options:

• config.private.gh_token is set --> use global token
• config.private.postgres_url is set --> use token pool
• neither config.private.gh_token nor config.private.postgres_url is set --> use anonymous access

The most important block is here

shields/services/github/github-constellation.js

Lines 22 to 44 in 528165f

	constructor(config) {
	this._debugEnabled = config.service.debug.enabled
	this._debugIntervalSeconds = config.service.debug.intervalSeconds
	const { postgres_url: pgUrl, gh_token: globalToken } = config.private
	if (pgUrl) {
	log.log('Token persistence configured with dbUrl')
	this.persistence = new SqlTokenPersistence({
	url: pgUrl,
	table: 'github_user_tokens',
	})
	}
	this.apiProvider = new GithubApiProvider({
	baseUrl: config.service.baseUri,
	globalToken,
	withPooling: !globalToken,
	onTokenInvalidated: tokenString => this.onTokenInvalidated(tokenString),
	restApiVersion: config.service.restApiVersion,
	})
	this.oauthHelper = this.constructor._createOauthHelper(config)
	}