The fetch currently hits gitlab.com unauthenticated. build.yml passes
GITHUB_TOKEN (from secrets.HEARTBEAT_PAT) to the fetch step but no
GITLAB_TOKEN, and refresh.yml only pings the Vercel deploy hook. The
provider (scripts/providers/gitlab.ts) already reads
process.env.GITLAB_TOKEN and sends it via the PRIVATE-TOKEN header, and
the README documents the variable — it's just never supplied in CI.
This was fine with one GitLab repo, but #<issue 1> and #<issue 2> add ~32.
Each repo costs a project lookup plus paginated commits/MRs/issues/releases
requests, so a refresh becomes a few hundred GitLab calls from a shared
CI/Vercel IP. Throttled requests currently fail the repo for that run (see
#<429 issue>).
Tasks:
The fetch currently hits gitlab.com unauthenticated.
build.ymlpassesGITHUB_TOKEN(fromsecrets.HEARTBEAT_PAT) to the fetch step but noGITLAB_TOKEN, andrefresh.ymlonly pings the Vercel deploy hook. Theprovider (
scripts/providers/gitlab.ts) already readsprocess.env.GITLAB_TOKENand sends it via thePRIVATE-TOKENheader, andthe README documents the variable — it's just never supplied in CI.
This was fine with one GitLab repo, but #<issue 1> and #<issue 2> add ~32.
Each repo costs a project lookup plus paginated commits/MRs/issues/releases
requests, so a refresh becomes a few hundred GitLab calls from a shared
CI/Vercel IP. Throttled requests currently fail the repo for that run (see
#<429 issue>).
Tasks:
read_apiscope onlyGITLAB_TOKENGITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}to the fetch step envin
build.ymlif Vercel, set the env var there too