robojerk/codeql-action

fixes

Browse source
This commit is contained in:
Marco Gario 2024-08-15 12:17:00 +00:00
parent 5b34615fe0
commit 7baf39279e
4 changed files with 43 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

16
lib/start-proxy-action.js generated
View file

@ -29,8 +29,8 @@ const core = __importStar(require("@actions/core"));
const toolcache = __importStar(require("@actions/tool-cache")); const toolcache = __importStar(require("@actions/tool-cache"));
const node_forge_1 = require("node-forge"); const node_forge_1 = require("node-forge");
const actionsUtil = __importStar(require("./actions-util")); const actionsUtil = __importStar(require("./actions-util"));
const util = __importStar(require("./util"));
const logging_1 = require("./logging"); const logging_1 = require("./logging");
const util = __importStar(require("./util"));
const UPDATEJOB_PROXY = "update-job-proxy"; const UPDATEJOB_PROXY = "update-job-proxy";
const UPDATEJOB_PROXY_VERSION = "v2.0.20240722180912"; const UPDATEJOB_PROXY_VERSION = "v2.0.20240722180912";
const UPDATEJOB_PROXY_URL = "https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.18.1/update-job-proxy.tar.gz"; const UPDATEJOB_PROXY_URL = "https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.18.1/update-job-proxy.tar.gz";
@ -87,7 +87,9 @@ async function runWrapper() {
core.saveState("proxy-log-file", proxyLogFilePath); core.saveState("proxy-log-file", proxyLogFilePath);
// Get the configuration options // Get the configuration options
const credentials = getCredentials(logger); const credentials = getCredentials(logger);
logger.info(`Credentials loaded for the following registries:\n ${credentials.map(c => credentialToStr(c)).join("\n")}`); logger.info(`Credentials loaded for the following registries:\n ${credentials
.map((c) => credentialToStr(c))
.join("\n")}`);
const ca = generateCertificateAuthority(); const ca = generateCertificateAuthority();
const proxyAuth = getProxyAuth(); const proxyAuth = getProxyAuth();
const proxyConfig = { const proxyConfig = {
@ -149,7 +151,7 @@ async function startProxy(binPath, config, logFilePath, logger) {
function getCredentials(logger) { function getCredentials(logger) {
const registriesCredentials = actionsUtil.getOptionalInput("registries_credentials"); const registriesCredentials = actionsUtil.getOptionalInput("registries_credentials");
const registrySecrets = actionsUtil.getOptionalInput("registry_secrets"); const registrySecrets = actionsUtil.getOptionalInput("registry_secrets");
var credentialsStr; let credentialsStr;
if (registriesCredentials !== undefined) { if (registriesCredentials !== undefined) {
logger.info(`Using registries_credentials input.`); logger.info(`Using registries_credentials input.`);
credentialsStr = Buffer.from(registriesCredentials, "base64").toString(); credentialsStr = Buffer.from(registriesCredentials, "base64").toString();
@ -164,10 +166,10 @@ function getCredentials(logger) {
} }
// Parse and validate the credentials // Parse and validate the credentials
const parsed = JSON.parse(credentialsStr); const parsed = JSON.parse(credentialsStr);
let out = []; const out = [];
parsed.forEach(e => { for (const e of parsed) {
if (e.url === undefined && e.host === undefined) { if (e.url === undefined && e.host === undefined) {
throw "Invalid credentials - must specify host or url"; throw new Error("Invalid credentials - must specify host or url");
} }
out.push({ out.push({
type: e.type, type: e.type,
@ -177,7 +179,7 @@ function getCredentials(logger) {
password: e.password, password: e.password,
token: e.token, token: e.token,
}); });
}); }
return out; return out;
} }
// getProxyAuth returns the authentication information for the proxy itself. // getProxyAuth returns the authentication information for the proxy itself.

2
lib/start-proxy-action.js.map
View file

File diff suppressed because one or more lines are too long

53
src/start-proxy-action.ts
View file

@ -6,8 +6,8 @@ import * as toolcache from "@actions/tool-cache";
import { pki } from "node-forge"; import { pki } from "node-forge";
import * as actionsUtil from "./actions-util"; import * as actionsUtil from "./actions-util";
import * as util from "./util";
import { getActionsLogger, Logger } from "./logging"; import { getActionsLogger, Logger } from "./logging";
import * as util from "./util";
const UPDATEJOB_PROXY = "update-job-proxy"; const UPDATEJOB_PROXY = "update-job-proxy";
const UPDATEJOB_PROXY_VERSION = "v2.0.20240722180912"; const UPDATEJOB_PROXY_VERSION = "v2.0.20240722180912";
@ -100,7 +100,11 @@ async function runWrapper() {
// Get the configuration options // Get the configuration options
const credentials = getCredentials(logger); const credentials = getCredentials(logger);
logger.info(`Credentials loaded for the following registries:\n ${credentials.map(c => credentialToStr(c)).join("\n")}`); logger.info(
`Credentials loaded for the following registries:\n ${credentials
.map((c) => credentialToStr(c))
.join("\n")}`,
);
const ca = generateCertificateAuthority(); const ca = generateCertificateAuthority();
const proxyAuth = getProxyAuth(); const proxyAuth = getProxyAuth();
@ -116,7 +120,12 @@ async function runWrapper() {
await startProxy(proxyBin, proxyConfig, proxyLogFilePath, logger); await startProxy(proxyBin, proxyConfig, proxyLogFilePath, logger);
} }
async function startProxy(binPath: string, config: ProxyConfig, logFilePath: string, logger: Logger) { async function startProxy(
binPath: string,
config: ProxyConfig,
logFilePath: string,
logger: Logger,
) {
const host = "127.0.0.1"; const host = "127.0.0.1";
let port = 49152; let port = 49152;
try { try {
@ -170,10 +179,12 @@ async function startProxy(binPath: string, config: ProxyConfig, logFilePath: str
// It prefers `registries_credentials` over `registry_secrets`. // It prefers `registries_credentials` over `registry_secrets`.
// If neither is set, it returns an empty array. // If neither is set, it returns an empty array.
function getCredentials(logger: Logger): Credential[] { function getCredentials(logger: Logger): Credential[] {
const registriesCredentials = actionsUtil.getOptionalInput("registries_credentials"); const registriesCredentials = actionsUtil.getOptionalInput(
"registries_credentials",
);
const registrySecrets = actionsUtil.getOptionalInput("registry_secrets"); const registrySecrets = actionsUtil.getOptionalInput("registry_secrets");
var credentialsStr: string; let credentialsStr: string;
if (registriesCredentials !== undefined) { if (registriesCredentials !== undefined) {
logger.info(`Using registries_credentials input.`); logger.info(`Using registries_credentials input.`);
credentialsStr = Buffer.from(registriesCredentials, "base64").toString(); credentialsStr = Buffer.from(registriesCredentials, "base64").toString();
@ -187,25 +198,25 @@ function getCredentials(logger: Logger): Credential[] {
// Parse and validate the credentials // Parse and validate the credentials
const parsed = JSON.parse(credentialsStr) as Credential[]; const parsed = JSON.parse(credentialsStr) as Credential[];
let out: Credential[] = [] const out: Credential[] = [];
parsed.forEach(e => { for (const e of parsed) {
if (e.url === undefined && e.host === undefined) { if (e.url === undefined && e.host === undefined) {
throw "Invalid credentials - must specify host or url" throw new Error("Invalid credentials - must specify host or url");
} }
out.push({ out.push({
type: e.type, type: e.type,
host: e.host, host: e.host,
url: e.url, url: e.url,
username: e.username, username: e.username,
password: e.password, password: e.password,
token: e.token, token: e.token,
}) });
}); }
return out; return out;
} }
// getProxyAuth returns the authentication information for the proxy itself. // getProxyAuth returns the authentication information for the proxy itself.
function getProxyAuth(): BasicAuthCredentials | undefined{ function getProxyAuth(): BasicAuthCredentials | undefined {
const proxy_password = actionsUtil.getOptionalInput("proxy_password"); const proxy_password = actionsUtil.getOptionalInput("proxy_password");
if (proxy_password) { if (proxy_password) {
return { return {
@ -213,10 +224,9 @@ function getProxyAuth(): BasicAuthCredentials | undefined{
password: proxy_password, password: proxy_password,
}; };
} }
return ; return;
} }
async function getProxyBinaryPath(): Promise<string> { async function getProxyBinaryPath(): Promise<string> {
let proxyBin = toolcache.find(UPDATEJOB_PROXY, UPDATEJOB_PROXY_VERSION); let proxyBin = toolcache.find(UPDATEJOB_PROXY, UPDATEJOB_PROXY_VERSION);
if (!proxyBin) { if (!proxyBin) {
@ -233,8 +243,9 @@ async function getProxyBinaryPath(): Promise<string> {
} }
function credentialToStr(c: Credential): string { function credentialToStr(c: Credential): string {
return `Type: ${c.type}; Host: ${c.host}; Url: ${c.url} Username: ${c.username}; Password: ${c.password !== undefined}; Token: ${c.token !== undefined}` return `Type: ${c.type}; Host: ${c.host}; Url: ${c.url} Username: ${
c.username
}; Password: ${c.password !== undefined}; Token: ${c.token !== undefined}`;
} }
void runWrapper(); void runWrapper();

2
start-proxy/action.yml
View file

@ -1,5 +1,5 @@
name: "CodeQL: Start proxy" name: "CodeQL: Start proxy"
description: "[Experimental] Start HTTP proxy server" description: "[Experimental] Start HTTP proxy server. This action is for internal GitHub used only and will change without notice."
author: "GitHub" author: "GitHub"
inputs: inputs:
registry_secrets: registry_secrets: