Skip to content

Commit df07a38

Browse files
aeisenbergaeisenberg
committed
Add support for downloading packs from GHES
This change adds: - new `registries` block allowed in code scanning config file - new `registries-auth-tokens` input in init action - Change the downloadPacks function so that it accepts new parameters: - registries block - api auth - Generate a qlconfig.yml file with the registries block if one is supplied. Use this file when downloading packs. - temporarily set the `GITHUB_TOKEN` and `CODEQL_REGISTRIES_AUTH` based on api auth TODO: 1. integration test 2. handle pack downloads when the config is generated by the CLI
1 parent 2074e84 commit df07a38

37 files changed

+421
-93
lines changed

Diff for: init/action.yml

+12-2
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,19 @@ inputs:
1010
description: The languages to be analysed
1111
required: false
1212
token:
13+
description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use registries-auth-tokens.
1314
default: ${{ github.token }}
15+
required: false
16+
registries-auth-tokens:
17+
description: |
18+
Authenticate to GitHub Enterprise Server Container registries by passing a comma-separated list of <registry_url>=<token> pairs.
19+
20+
For example, you can pass `https://containers.GHEHOSTNAME1/v2/=TOKEN1,https://containers.GHEHOSTNAME2/v2/=TOKEN2`` to authenticate to two GitHub Enterprise Server instances.
21+
This overrides the `token` input for pack downloads.
22+
required: false
1423
matrix:
1524
default: ${{ toJson(matrix) }}
25+
required: false
1626
config-file:
1727
description: Path of the config file to use
1828
required: false
@@ -32,7 +42,7 @@ inputs:
3242
analyses, you must specify packs in the codeql-config.yml file.
3343
required: false
3444
external-repository-token:
35-
description: A token for fetching external config files and queries if they reside in a private repository.
45+
description: A token for fetching external config files and queries if they reside in a private repository in the same GitHub instance that is running this action.
3646
required: false
3747
setup-python-dependencies:
3848
description: Try to auto-install your python dependencies
@@ -82,4 +92,4 @@ outputs:
8292
runs:
8393
using: 'node16'
8494
main: '../lib/init-action.js'
85-
post: '../lib/init-action-post.js'
95+
post: '../lib/init-action-post.js'

Diff for: lib/analyze-action.js

+2
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: lib/analyze-action.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: lib/api-client.js

+2
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: lib/api-client.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)