github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-28 02:00:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Supply authorization parameter to toolcache.downloadTool()

Browse Source 
Previously we supplied the authorization information via the 'headers'
parameter. This works fine, except in some cases when the request is
retried.
This commit is contained in:
Arthur Baars
2023-02-03 14:55:56 +01:00
parent 0b2a40fa4a
commit 2fed02cbe2
3 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/setup-codeql.ts
View File

@@ -543,11 +543,12 @@ export async function downloadCodeQL(
// from the same GitHub instance the Action is running on.
// This avoids leaking Enterprise tokens to dotcom.
// We also don't want to send an authorization header if there's already a token provided in the URL.
let authorization: string | undefined = undefined;
if (searchParams.has("token")) {
logger.debug("CodeQL tools URL contains an authorization token.");
} else if (codeqlURL.startsWith(`${apiDetails.url}/`)) {
logger.debug("Providing an authorization token to download CodeQL tools.");
headers.authorization = `token ${apiDetails.auth}`;
authorization = `token ${apiDetails.auth}`;
} else {
logger.debug("Downloading CodeQL tools without an authorization token.");
}
@@ -565,7 +566,7 @@ export async function downloadCodeQL(
const codeqlPath = await toolcache.downloadTool(
codeqlURL,
dest,
undefined,
authorization,
finalHeaders
);
const toolsDownloadDurationMs = Math.round(