Pass the token input through on GHES (#595)

README.md

@@ -111,6 +111,21 @@ jobs:
       - run: npm test
 ```
 
+## Using `setup-node` on GHES
+
+`setup-node` comes pre-installed on the appliance with GHES if Actions is enabled. When dynamically downloading Nodejs distributions, `setup-node` downloads distributions from [`actions/node-versions`](https://github.com/actions/node-versions) on github.com (outside of the appliance). These calls to `actions/node-versions` are made via unauthenticated requests, which are limited to [60 requests per hour per IP](https://docs.github.com/en/rest/overview/resources-in-the-rest-api#rate-limiting). If more requests are made within the time frame, then you will start to see rate-limit errors during downloading that looks like: `##[error]API rate limit exceeded for...`. After that error the action will try to download versions directly from the official site, but it also can have rate limit so it's better to put token.
+
+To get a higher rate limit, you can [generate a personal access token on github.com](https://github.com/settings/tokens/new) and pass it as the `token` input for the action:
+
+```yaml
+uses: actions/setup-node@v3
+with:
+  token: ${{ secrets.GH_DOTCOM_TOKEN }}
+  node-version: 16
+```
+
+If the runner is not able to access github.com, any Nodejs versions requested during a workflow run must come from the runner's tool cache. See "[Setting up the tool cache on self-hosted runners without internet access](https://docs.github.com/en/enterprise-server@3.2/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)" for more information.
+
 ## Advanced usage
 
 1. [Check latest version](docs/advanced-usage.md#check-latest-version)

action.yml

@@ -19,8 +19,8 @@ inputs:
   scope:
     description: 'Optional scope for authenticating against scoped registries. Will fall back to the repository owner when using the GitHub Packages registry (https://npm.pkg.github.com/).'
   token:
-    description: Used to pull node distributions from node-versions.  Since there's a default, this is typically not supplied by the user.
-    default: ${{ github.token }}
+    description: Used to pull node distributions from node-versions. Since there's a default, this is typically not supplied by the user. When running this action on github.com, the default value is sufficient. When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting.
+    default: ${{ github.server_url == 'https://github.com' && github.token || '' }}
   cache:
     description: 'Used to specify a package manager for caching in the default directory. Supported values: npm, yarn, pnpm.'
   cache-dependency-path:

dist/setup/index.js

@@ -73628,7 +73628,7 @@ function run() {
             }
             if (version) {
                 let token = core.getInput('token');
-                let auth = !token || cache_utils_1.isGhes() ? undefined : `token ${token}`;
+                let auth = !token ? undefined : `token ${token}`;
                 let stable = (core.getInput('stable') || 'true').toUpperCase() === 'TRUE';
                 const checkLatest = (core.getInput('check-latest') || 'false').toUpperCase() === 'TRUE';
                 yield installer.getNode(version, stable, checkLatest, auth, arch);

src/main.ts

@@ -33,7 +33,7 @@ export async function run() {
 
     if (version) {
       let token = core.getInput('token');
-      let auth = !token || isGhes() ? undefined : `token ${token}`;
+      let auth = !token ? undefined : `token ${token}`;
       let stable = (core.getInput('stable') || 'true').toUpperCase() === 'TRUE';
       const checkLatest =
         (core.getInput('check-latest') || 'false').toUpperCase() === 'TRUE';