Add a CLI interface to the upload-sarif action

src/api-client.ts

@@ -2,16 +2,45 @@ import * as core from "@actions/core";
 import * as github from "@actions/github";
 import consoleLogLevel from "console-log-level";
 
-import { isLocalRun } from "./util";
+import { getRequiredEnvParam, isLocalRun } from "./util";
 
-export const getApiClient = function(allowLocalRun = false) {
+export const getApiClient = function(githubAuth: string, githubApiUrl: string, allowLocalRun = false) {
   if (isLocalRun() && !allowLocalRun) {
     throw new Error('Invalid API call in local run');
   }
   return new github.GitHub(
-    core.getInput('token'),
     {
+      auth: parseAuth(githubAuth),
+      baseUrl: githubApiUrl,
       userAgent: "CodeQL Action",
       log: consoleLogLevel({ level: "debug" })
     });
 };
+
+// Parses the user input as either a single token,
+// or a username and password / PAT.
+function parseAuth(auth: string): string {
+  // Check if it's a username:password pair
+  const c = auth.indexOf(':');
+  if (c !== -1) {
+    return 'basic ' + Buffer.from(auth).toString('base64');
+    // return {
+    //   username: auth.substring(0, c),
+    //   password: auth.substring(c + 1),
+    //   on2fa: async () => { throw new Error(''); }
+    // };
+  }
+
+  // Otherwise use the token as it is
+  return auth;
+}
+
+// Temporary function to aid in the transition to running on and off of github actions.
+// Once all code has been coverted this function should be removed or made canonical
+// and called only from the action entrypoints.
+export function getActionsApiClient(allowLocalRun = false) {
+  return getApiClient(
+    core.getInput('token'),
+    getRequiredEnvParam('GITHUB_API_URL'),
+    allowLocalRun);
+}