fix after review from @henrymercer

README.md

@@ -137,41 +137,35 @@ By default, this will override any queries specified in a config file. If you wi
 
 ### Configuration via `config` input
 
-
 You can alternatively configure CodeQL using the `config` input to the `init` Action. The value of this input must be a YAML string that follows the configuration file format documented at "[Using a custom configuration file](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration-file)."
 
+#### Example configuration
+
+```yaml
+- uses: github/codeql-action/init@v2
+  with:
+    languages: ${{ matrix.language }}
+    config: |
+      disable-default-queries: true
+      queries:
+        - uses: security-extended
+        - uses: security-and-quality
+      query-filters:
+        - include:
+      tags: /cwe-020/
+```
 
 
-- **Complete Configuration**
-
-    ```yaml
-    - uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        config: |
-          disable-default-queries: true
-          queries:
-            - uses: security-extended
-            - uses: security-and-quality
-          query-filters:
-            - include:
-          tags: /cwe-020/
-    ```
-
-
-- **Actions Variables**
+#### Sharing configuration across multiple repositories
   
-  You can use actions or environment variables to share configuration across multiple repositories and to modify configuration without needing to edit the workflow file.
+You can use Actions or environment variables to share configuration across multiple repositories and to modify configuration without needing to edit the workflow file.  In the following example, `vars.CODEQL_CONF` is an [Actions configuration variable](https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows):
 
-  ```yaml
-  - uses: github/codeql-action/init@v2
-    with:
-      languages: ${{ matrix.language }}
-      config: ${{ vars.CODEQL_CONF }}
-  ```
-
-
-  where `vars.CODEQL_CONF` references an [Actions configuration variable](https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows).
+```yaml
+- uses: github/codeql-action/init@v2
+  with:
+    languages: ${{ matrix.language }}
+    config: ${{ vars.CODEQL_CONF }}
+```
 
 ## Troubleshooting
 

lib/config-utils.js

@@ -936,6 +936,9 @@ async function initConfig(languagesInput, queriesInput, packsInput, registriesIn
     let config;
     // if configInput is set, it takes precedence over configFile
     if (configInput) {
+        if (configFile) {
+            logger.warning(`Both a config file and config input were provided. Ignoring config file.`);
+        }
         configFile = path.resolve(workspacePath, "user-config-from-action.yml");
         fs.writeFileSync(configFile, configInput);
         logger.debug(`Using config from action input: ${configFile}`);

lib/config-utils.test.js

@@ -495,9 +495,9 @@ function queriesToResolvedQueryForm(queries) {
         t.true(config.queries["javascript"].custom[2].queries[0].endsWith(`${path.sep}foo`));
     });
 });
-(0, ava_1.default)("Queries can be specified in configuration, same as file", async (t) => {
+(0, ava_1.default)("Queries can be specified using config input", async (t) => {
     return await util.withTmpDir(async (tmpDir) => {
-        const inputFileContents = `
+        const configInput = `
       name: my config
       queries:
         - uses: ./foo
@@ -520,7 +520,7 @@ function queriesToResolvedQueryForm(queries) {
         });
         // Only JS, python packs will be ignored
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, undefined, inputFileContents, false, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, undefined, configInput, false, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries
         // and once for `./foo` from the config file.

src/config-utils.test.ts

@@ -925,9 +925,9 @@ test("Queries in workflow file can be added to the set of queries without overri
   });
 });
 
-test("Queries can be specified in configuration, same as file", async (t) => {
+test("Queries can be specified using config input", async (t) => {
   return await util.withTmpDir(async (tmpDir) => {
-    const inputFileContents = `
+    const configInput = `
       name: my config
       queries:
         - uses: ./foo
@@ -967,7 +967,7 @@ test("Queries can be specified in configuration, same as file", async (t) => {
       undefined,
       undefined,
       undefined,
-      inputFileContents,
+      configInput,
       false,
       false,
       "",

src/config-utils.ts

@@ -1708,6 +1708,11 @@ export async function initConfig(
 
   // if configInput is set, it takes precedence over configFile
   if (configInput) {
+    if (configFile) {
+      logger.warning(
+        `Both a config file and config input were provided. Ignoring config file.`
+      );
+    }
     configFile = path.resolve(workspacePath, "user-config-from-action.yml");
     fs.writeFileSync(configFile, configInput);
     logger.debug(`Using config from action input: ${configFile}`);