mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-07-04 15:46:16 +00:00
The validate-caddyfile workflow fetched the Caddy binary by first hitting api.github.com/releases/latest to resolve the version tag, then building a release-asset URL from it. That API call is unauthenticated, so it shares the 60-requests/hour-per-IP limit across all GitHub-hosted runners and returns 403 under load. On failure jq emits "null", the URL becomes caddy_null_linux_amd64.tar.gz, and `curl -sL` silently pipes a 404 page into tar — a confusing, flaky failure on every PR that touches the Caddyfile. Switch to Caddy's official download API, which serves the latest linux/amd64 binary directly: one request, no GitHub API, no jq/tar parsing. Add `-f` so curl fails loudly on an HTTP error instead of writing an error page to disk. |
||
|---|---|---|
| .. | ||
| workflows | ||
| dependabot.yml | ||