V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
爱意满满的作品展示区。
sn0wdr1am
V2EX  ›  分享创造

Bypass Cloudflare for GitHub Action Pro

  •  
  •   sn0wdr1am · 21 天前 · 957 次点击

    Bypass Cloudflare for GitHub Action Pro

    Repo: https://github.com/snowdreamtech/bypass-cloudflare-for-github-action

    Marketplace: https://github.com/marketplace/actions/bypass-cloudflare-for-github-action-pro

    Never receive 403 Forbidden from Cloudflare again.

    Inspired by xiaotianxt/bypass-cloudflare-for-github-action

    GitHub Super-Linter CI Check dist/ CodeQL Coverage

    Requests from GitHub Action servers to a Cloudflare proxied host may be blocked by Cloudflare's Web Application Firewall(WAF) or Bot Fight Mode. This action automatically adds the public IP of the GitHub Action runner to Cloudflare's firewall Custom rules or Lists

    Features

    • Automatically retrieves the public IP of the GitHub Action runner.
    • Adds the runner's IP to Cloudflare's firewall custom rules.
    • Adds the runner's IP to Cloudflare's account list.
    • Cleans up by removing the IP from Cloudflare's firewall custom rules after the job is complete.
    • Cleans up by removing the IP from Cloudflare's account list after the job is complete.

    Inputs

    Input Description Required Default
    mode single/list/github false github
    cf_zone_id Cloudflare Zone ID true /
    cf_api_token Cloudflare API Token true /
    cf_account_id Cloudflare Account ID true /
    github_api_token Github API Token true /
    single_rule_description Rule Description For Mode Single false Bypass Cloudflare for GitHub Action (Single)
    list_rule_description Rule Description For Mode List false Bypass Cloudflare for GitHub Action (List)
    list_name List name false github_actions_runners
    clean Caution: It will remove your zone ruleset rule and your list false false

    Outputs

    Output Description
    time Time when finished.

    Usage

    To use this action, create a workflow in your repository's .github/workflows directory. Below is an example workflow file:

    name: Bypass Cloudflare for Github Action Pro
    on: [push]
    jobs:
      bypass-cloudflare-for-github-action-pro:
        runs-on: ubuntu-latest
        steps:
          - name: Checkout repository
            uses: actions/[email protected]
          - name: Bypass Cloudflare for Github Action Pro
            uses: snowdreamtech/[email protected]
            with:
              mode: 'github'
              cf_account_id: ${{ secrets.CF_ACCOUNT_ID }}
              cf_api_token: ${{ secrets.CF_API_TOKEN }}
              cf_zone_id: ${{ secrets.CF_ZONE_ID }}
              github_api_token: ${{ secrets.GITHUB_TOKEN }}
          - name: Send request to Cloudflare-protected server
            run: curl https://example.com/api
    

    Important Note

    This action requires a Cloudflare API Token, not the Global API Key. To create an API token:

    1. Log in to the Cloudflare dashboard.
    2. Go to "My Profile" > "API Tokens".
    3. Click "Create Token".
    4. Create a custom token with the following permissions:
      • Account > Account Filter > Edit
      • Zone > Zone WAF > Edit
      • Zone > Zone Settings > Edit
      • Zone > Zone > Edit
    5. Set the token to access the specific account you're working with.
    6. Set the token to access the specific zone you're working with.
    7. Create the token and save it securely.

    Remember to add your Cloudflare Account ID, Cloudflare Zone ID and the new API Token to your GitHub repository secrets as CF_ACCOUNT_ID, CF_ZONE_ID and CF_API_TOKEN respectively.

    About the GITHUB_TOKEN secret

    At the start of each workflow job, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in the workflow job.

    Before each job begins, GitHub fetches an installation access token for the job. The GITHUB_TOKEN expires when a job finishes or after a maximum of 24 hours.

    Limits

    The global rate limit for the Cloudflare API is 1200 requests per five minute period per user, and applies cumulatively regardless of whether the request is made via the dashboard, API key, or API token.

    If you exceed this limit, all API calls for the next five minutes will be blocked, receiving a HTTP 429 - Too Many Requests response.

    目前尚无回复
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   3434 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 26ms · UTC 10:51 · PVG 18:51 · LAX 02:51 · JFK 05:51
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.