I’m currently writing an integration of our CI/CD server product (Ikan ALM, https://www.ikanalm.com/) with GitHub as an Issue tracking system. we provide automatic parsing of commit comments for issue IDs, retrieving the details for these issues from the relevant API, as well as the ability to automatically add comments to an issue on a successful server side build or deploy with some details about the build or deploy.
Now, because comments on GitHub issues cause notifications to go out, these have abuse rate limit rules. Generally speaking a build or deploy will only have a handful of issues, maybe a dozen or so. However, in some extreme cases, like a deploy stage that hasn’t been activated in years, there may be 500 or more issues associated with a single build or deploy, and triggering comment notifications on 500 issues is probably a really good way to trigger abuse rate limits.
I’m already requiring the use of a Personal Access Token using the header, but I don’t know how much that will help. Would it be enough to add a fixed delay of 2-3 seconds between creating comments? Or would there be a more appropriate way to deal with this?