feat: fallback to "raw" endpoint for manifest when rate limit is reached

[Shegox]

Description:
This PR leverages the raw endpoint (https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json) to retrieve the golang manifest as a fallback mechanism. This allows GitHub Actions Runners, which have no API token and exceed the anonymous rate limit of 60 requests/hour/IP to still retrieve the manifest list without needing credentials.
This is especially helpful for GitHub Enterprise Server and self-hosted runners, as there multiple runners might share the same IP-address and quickly exceed the available rate limit. Supplying an access token for github.com is cumbersome, as it requires another technical user and the secret isn't exposed to forks, preventing builds from forks.
The implementation as a fallback mechanism minimizes the risk of breaking current workflows, as they will still use the normal API to retrieve the manifest.

Related issue:

This is similar to the implementation setup-python uses:

• Pull Request: feat: fallback to "raw" endpoint for manifest when rate limit is reached setup-python#766
• Issue: Enhance setup-python Action in GitHub Enterprise Server with Raw API Fallback Mechanism setup-python#756

Check list:

• Mark if documentation changes are required.
• Mark if tests were added or updated to cover the changes.

I have tested this on our GitHub Enterprise Server with success:

Attempting to download 1.20.0...
##[debug]No manifest cached
##[debug]Getting manifest from actions/go-versions@main
##[debug]Fetching the manifest via the API failed.
##[debug]API rate limit exceeded for xx.xx.xx.xx. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)
##[debug]Falling back to fetching the manifest using raw URL.
matching 1.20.0...
...
##[debug]matched 1.20.0
Acquiring 1.20.0 from https://github.com/actions/go-versions/releases/download/1.20.0-40721327[86](https://github.enterprise.com/xxxx/setup-go-test/actions/runs/7672571/job/29795181#step:4:87)/go-1.20.0-linux-x64.tar.gz

[priyagupta108]

Hi @Shegox 👋,
Thank you for your contribution.
The fallback mechanism to download directly from Go is already implemented in this repository. Here is a screenshot showing the existing fallback mechanism.

Could you please share the logs where you encountered a rate limit issue? This will help us better understand the need for the changes you've proposed.

[Shegox]

I observed when running the actions with go-version: "stable" seems to not fallback to the direct go versions and rather fails:

2024-11-11T06:17:44.9844323Z Download action repository 'actions/setup-go@v5' (SHA:41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed)
...
2024-11-11T06:18:06.6559386Z ##[group]Run actions/setup-go@v5
2024-11-11T06:18:06.6559977Z with:
2024-11-11T06:18:06.6560397Z   go-version: stable
2024-11-11T06:18:06.6560884Z   check-latest: false
2024-11-11T06:18:06.6561414Z   cache: true
2024-11-11T06:18:06.6564022Z ##[endgroup]
2024-11-11T06:18:07.1680967Z Setup go version spec stable
2024-11-11T06:18:07.5151665Z ##[error]API rate limit exceeded for xx.xx.xx.xx. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)
2024-11-11T06:18:07.5192312Z ##[debug]Node Action run completed with exit code 1
2024-11-11T06:18:07.5202438Z ##[debug]Finishing: Set up Golang (v5)

[priyagupta108]

@Shegox, Thank you for your response!
To keep the documentation up-to-date, could you please add the necessary details? For reference, you can check the documentation updates in setup-python PR #835.

Thanks for your effort!

[priyagupta108]

@Shegox, Basic validation checks are failing. Please review your changes and address these issues.
You can find the details of the failing job here: Job Details.

[priyagupta108]

@Shegox, the Basic validation is still failing. Please take a look at the job details and fix the issues.