diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 164ad518f..49f3b4539 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -90198,6 +90198,14 @@ function getApiDetails() { function getApiClient() { return createApiClientWithDetails(getApiDetails()); } +function getAuthorizationHeaderFor(logger, apiDetails, url2, purpose = "CodeQL tools") { + if (url2.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && url2.startsWith(`${apiDetails.apiURL}/`)) { + logger.debug(`Providing an authorization token to download ${purpose}.`); + return `token ${apiDetails.auth}`; + } + logger.debug(`Downloading ${purpose} without an authorization token.`); + return void 0; +} var cachedGitHubVersion = void 0; async function getGitHubVersionFromApi(apiClient, apiDetails) { if (parseGitHubUrl(apiDetails.url) === GITHUB_DOTCOM_URL) { @@ -92391,11 +92399,12 @@ var downloadCodeQL = async function(codeqlURL, compressionMethod, maybeBundleVer let authorization = void 0; if (searchParams.has("token")) { logger.debug("CodeQL tools URL contains an authorization token."); - } else if (codeqlURL.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`)) { - logger.debug("Providing an authorization token to download CodeQL tools."); - authorization = `token ${apiDetails.auth}`; } else { - logger.debug("Downloading CodeQL tools without an authorization token."); + authorization = getAuthorizationHeaderFor( + logger, + apiDetails, + codeqlURL + ); } const toolcacheInfo = getToolcacheDestinationInfo( maybeBundleVersion, diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 7b156fce4..3fb9af143 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -128417,6 +128417,14 @@ function getApiDetails() { function getApiClient() { return createApiClientWithDetails(getApiDetails()); } +function getAuthorizationHeaderFor(logger, apiDetails, url2, purpose = "CodeQL tools") { + if (url2.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && url2.startsWith(`${apiDetails.apiURL}/`)) { + logger.debug(`Providing an authorization token to download ${purpose}.`); + return `token ${apiDetails.auth}`; + } + logger.debug(`Downloading ${purpose} without an authorization token.`); + return void 0; +} var cachedGitHubVersion = void 0; async function getGitHubVersionFromApi(apiClient, apiDetails) { if (parseGitHubUrl(apiDetails.url) === GITHUB_DOTCOM_URL) { @@ -130334,11 +130342,12 @@ var downloadCodeQL = async function(codeqlURL, compressionMethod, maybeBundleVer let authorization = void 0; if (searchParams.has("token")) { logger.debug("CodeQL tools URL contains an authorization token."); - } else if (codeqlURL.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`)) { - logger.debug("Providing an authorization token to download CodeQL tools."); - authorization = `token ${apiDetails.auth}`; } else { - logger.debug("Downloading CodeQL tools without an authorization token."); + authorization = getAuthorizationHeaderFor( + logger, + apiDetails, + codeqlURL + ); } const toolcacheInfo = getToolcacheDestinationInfo( maybeBundleVersion, diff --git a/lib/init-action.js b/lib/init-action.js index 52b99d631..08a67d16e 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -86053,6 +86053,14 @@ function getApiClient() { function getApiClientWithExternalAuth(apiDetails) { return createApiClientWithDetails(apiDetails, { allowExternal: true }); } +function getAuthorizationHeaderFor(logger, apiDetails, url, purpose = "CodeQL tools") { + if (url.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && url.startsWith(`${apiDetails.apiURL}/`)) { + logger.debug(`Providing an authorization token to download ${purpose}.`); + return `token ${apiDetails.auth}`; + } + logger.debug(`Downloading ${purpose} without an authorization token.`); + return void 0; +} var cachedGitHubVersion = void 0; async function getGitHubVersionFromApi(apiClient, apiDetails) { if (parseGitHubUrl(apiDetails.url) === GITHUB_DOTCOM_URL) { @@ -89163,11 +89171,12 @@ var downloadCodeQL = async function(codeqlURL, compressionMethod, maybeBundleVer let authorization = void 0; if (searchParams.has("token")) { logger.debug("CodeQL tools URL contains an authorization token."); - } else if (codeqlURL.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`)) { - logger.debug("Providing an authorization token to download CodeQL tools."); - authorization = `token ${apiDetails.auth}`; } else { - logger.debug("Downloading CodeQL tools without an authorization token."); + authorization = getAuthorizationHeaderFor( + logger, + apiDetails, + codeqlURL + ); } const toolcacheInfo = getToolcacheDestinationInfo( maybeBundleVersion, diff --git a/lib/upload-lib.js b/lib/upload-lib.js index d644a7ed4..aee61387c 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88544,6 +88544,14 @@ function getApiDetails() { function getApiClient() { return createApiClientWithDetails(getApiDetails()); } +function getAuthorizationHeaderFor(logger, apiDetails, url2, purpose = "CodeQL tools") { + if (url2.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && url2.startsWith(`${apiDetails.apiURL}/`)) { + logger.debug(`Providing an authorization token to download ${purpose}.`); + return `token ${apiDetails.auth}`; + } + logger.debug(`Downloading ${purpose} without an authorization token.`); + return void 0; +} var cachedGitHubVersion = void 0; async function getGitHubVersionFromApi(apiClient, apiDetails) { if (parseGitHubUrl(apiDetails.url) === GITHUB_DOTCOM_URL) { @@ -90162,11 +90170,12 @@ var downloadCodeQL = async function(codeqlURL, compressionMethod, maybeBundleVer let authorization = void 0; if (searchParams.has("token")) { logger.debug("CodeQL tools URL contains an authorization token."); - } else if (codeqlURL.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`)) { - logger.debug("Providing an authorization token to download CodeQL tools."); - authorization = `token ${apiDetails.auth}`; } else { - logger.debug("Downloading CodeQL tools without an authorization token."); + authorization = getAuthorizationHeaderFor( + logger, + apiDetails, + codeqlURL + ); } const toolcacheInfo = getToolcacheDestinationInfo( maybeBundleVersion, diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index c3ded2faa..f9de677a5 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88796,6 +88796,14 @@ function getApiDetails() { function getApiClient() { return createApiClientWithDetails(getApiDetails()); } +function getAuthorizationHeaderFor(logger, apiDetails, url2, purpose = "CodeQL tools") { + if (url2.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && url2.startsWith(`${apiDetails.apiURL}/`)) { + logger.debug(`Providing an authorization token to download ${purpose}.`); + return `token ${apiDetails.auth}`; + } + logger.debug(`Downloading ${purpose} without an authorization token.`); + return void 0; +} var cachedGitHubVersion = void 0; async function getGitHubVersionFromApi(apiClient, apiDetails) { if (parseGitHubUrl(apiDetails.url) === GITHUB_DOTCOM_URL) { @@ -90863,11 +90871,12 @@ var downloadCodeQL = async function(codeqlURL, compressionMethod, maybeBundleVer let authorization = void 0; if (searchParams.has("token")) { logger.debug("CodeQL tools URL contains an authorization token."); - } else if (codeqlURL.startsWith(`${apiDetails.url}/`) || apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`)) { - logger.debug("Providing an authorization token to download CodeQL tools."); - authorization = `token ${apiDetails.auth}`; } else { - logger.debug("Downloading CodeQL tools without an authorization token."); + authorization = getAuthorizationHeaderFor( + logger, + apiDetails, + codeqlURL + ); } const toolcacheInfo = getToolcacheDestinationInfo( maybeBundleVersion, diff --git a/src/api-client.ts b/src/api-client.ts index 8e4a30c57..baef744c9 100644 --- a/src/api-client.ts +++ b/src/api-client.ts @@ -4,6 +4,7 @@ import * as retry from "@octokit/plugin-retry"; import consoleLogLevel from "console-log-level"; import { getActionVersion, getRequiredInput } from "./actions-util"; +import { Logger } from "./logging"; import { getRepositoryNwo, RepositoryNwo } from "./repository"; import { ConfigurationError, @@ -54,7 +55,7 @@ function createApiClientWithDetails( ); } -export function getApiDetails() { +export function getApiDetails(): GitHubApiDetails { return { auth: getRequiredInput("token"), url: getRequiredEnvParam("GITHUB_SERVER_URL"), @@ -72,6 +73,34 @@ export function getApiClientWithExternalAuth( return createApiClientWithDetails(apiDetails, { allowExternal: true }); } +/** + * Gets a value for the `Authorization` header to download `url` or `undefined` if the + * `Authorization` header should not be set for `url`. + * + * @param logger The logger to use for debugging messages. + * @param apiDetails Details of the GitHub API we are using. + * @param url The URL for which we want to add an `Authorization` header. + * @param purpose A description of what we want to download, for debug messages. + * @returns The value for the `Authorization` header or `undefined` if it shouldn't be populated. + */ +export function getAuthorizationHeaderFor( + logger: Logger, + apiDetails: GitHubApiDetails, + url: string, + purpose: string = "CodeQL tools", +): string | undefined { + if ( + url.startsWith(`${apiDetails.url}/`) || + (apiDetails.apiURL && url.startsWith(`${apiDetails.apiURL}/`)) + ) { + logger.debug(`Providing an authorization token to download ${purpose}.`); + return `token ${apiDetails.auth}`; + } + + logger.debug(`Downloading ${purpose} without an authorization token.`); + return undefined; +} + let cachedGitHubVersion: GitHubVersion | undefined = undefined; export async function getGitHubVersionFromApi( diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 5a0f671fa..1bdaf8685 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -574,14 +574,12 @@ export const downloadCodeQL = async function ( let authorization: string | undefined = undefined; if (searchParams.has("token")) { logger.debug("CodeQL tools URL contains an authorization token."); - } else if ( - codeqlURL.startsWith(`${apiDetails.url}/`) || - (apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`)) - ) { - logger.debug("Providing an authorization token to download CodeQL tools."); - authorization = `token ${apiDetails.auth}`; } else { - logger.debug("Downloading CodeQL tools without an authorization token."); + authorization = api.getAuthorizationHeaderFor( + logger, + apiDetails, + codeqlURL, + ); } const toolcacheInfo = getToolcacheDestinationInfo(