Rate limiting with different third-party providers

As part of executing a step pipelines may interact with multiple third-party services on your behalf based on your dependencies.

The only direct third-party dependency pipelines have as part of a steps execution is DockerHub, and as such we run a mirror of all public layers hosted on DockerHub to avoid rate limiting wherever possible. However, as a lot of users extend images we strongly encourage users to authenticate to DockerHub to get a per-client rate limit as described on Docker Hub rate limit.

Some of these third-party services have rate-limiting policies in place and generally split traffic into two categories:

• Unauthenticated e.g. per IP rate limits

• Authenticated e.g. per client rate limits

As pipelines use shared infrastructure to execute steps, you may be rate limited based on the amount of traffic from the current node to the third-party if you don't authenticate to that third-party service directly. As such, we strongly encourage users to authenticate to third-party services whenever it is available and/or use our dependency caching feature to reduce the amount of traffic you download from 3rd party services.

Other third-party services you may interact with have their rate-limiting policies documented as below:

• GitLab.com settings | GitLab

• Getting started with the REST API - GitHub Docs

• Registry service tiers and features - Azure Container Registry

• Quotas and limits  |  Container Registry documentation  |  Google Cloud

• Quotas and limits  |  Artifact Registry documentation  |  Google Cloud

• Amazon ECR service quotas - Amazon ECR