robojerk/codeql-action

Improve logging around authorization headers

Browse source
This commit is contained in:
Henry Mercer 2023-01-06 12:28:54 +00:00
parent 5eba74a3c9
commit b2b478264a
3 changed files with 12 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

10
lib/codeql.js generated
View file

@ -267,13 +267,15 @@ async function downloadCodeQL(codeqlURL, semanticVersion, apiDetails, tempDir, l
// from the same GitHub instance the Action is running on.
// This avoids leaking Enterprise tokens to dotcom.
// We also don't want to send an authorization header if there's already a token provided in the URL.
if (codeqlURL.startsWith(`${apiDetails.url}/`) &&
!searchParams.has("token")) {
logger.debug("Downloading CodeQL bundle with token.");
if (searchParams.has("token")) {
logger.debug("CodeQL tools URL contains an authorization token.");
}
else if (codeqlURL.startsWith(`${apiDetails.url}/`)) {
logger.debug("Providing an authorization token to download CodeQL tools.");
headers.authorization = `token ${apiDetails.auth}`;
}
else {
logger.debug("Downloading CodeQL bundle without token.");
logger.debug("Downloading CodeQL tools without an authorization token.");
}
logger.info(`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`);
const dest = path.join(tempDir, (0, uuid_1.v4)());