robojerk/codeql-action

Use externalRepoAuth when getting a remote config

Browse source 
This allows users to specify a different token for retrieving the
codeql config from a different repository.

Fixes https://github.com/github/advanced-security-field/issues/185
This commit is contained in:
Andrew Eisenberg 2021-04-09 14:17:46 -07:00 committed by Andrew Eisenberg
parent 7f9fb10a74
commit 534192fa05
9 changed files with 194 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/api-client.ts
View file

@ -25,14 +25,17 @@ export interface GitHubApiExternalRepoDetails {
}
export const getApiClient = function (
apiDetails: GitHubApiDetails,
allowLocalRun = false
apiDetails: GitHubApiCombinedDetails,
{ allowLocalRun = false, allowExternal = false } = {}
) {
if (isLocalRun() && !allowLocalRun) {
throw new Error("Invalid API call in local run");
}
const auth =
(allowExternal && apiDetails.externalRepoAuth) || apiDetails.auth;
return new githubUtils.GitHub(
githubUtils.getOctokitOptions(apiDetails.auth, {
githubUtils.getOctokitOptions(auth, {
baseUrl: getApiUrl(apiDetails.url),
userAgent: "CodeQL Action",
log: consoleLogLevel({ level: "debug" }),
@ -63,5 +66,5 @@ export function getActionsApiClient(allowLocalRun = false) {
url: getRequiredEnvParam("GITHUB_SERVER_URL"),
};
return getApiClient(apiDetails, allowLocalRun);
return getApiClient(apiDetails, { allowLocalRun });
}