diff --git a/.github/actions/file/action.yml b/.github/actions/file/action.yml index 3c6da3d..836e125 100644 --- a/.github/actions/file/action.yml +++ b/.github/actions/file/action.yml @@ -11,6 +11,9 @@ inputs: token: description: "Token with fine-grained permission 'issues: write'" required: true + base_url: + description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)" + required: false cached_filings_file: description: "Path to a JSON file containing cached filings from previous runs. Without this, duplicate issues may be filed." required: false diff --git a/.github/actions/file/src/index.ts b/.github/actions/file/src/index.ts index 601e732..86d14ec 100644 --- a/.github/actions/file/src/index.ts +++ b/.github/actions/file/src/index.ts @@ -22,6 +22,7 @@ export default async function () { const findings: Finding[] = JSON.parse(fs.readFileSync(findingsFile, 'utf8')) const repoWithOwner = core.getInput('repository', {required: true}) const token = core.getInput('token', {required: true}) + const baseUrl = core.getInput('base_url', {required: false}) const screenshotRepo = core.getInput('screenshot_repository', {required: false}) || repoWithOwner const cachedFilingsFile = core.getInput('cached_filings_file', {required: false}) const cachedFilings: (ResolvedFiling | RepeatedFiling)[] = cachedFilingsFile @@ -30,12 +31,14 @@ export default async function () { const shouldOpenGroupedIssues = core.getBooleanInput('open_grouped_issues') core.debug(`Input: 'findings_file: ${findingsFile}'`) core.debug(`Input: 'repository: ${repoWithOwner}'`) + core.debug(`Input: 'base_url: ${baseUrl ?? '(default)'}'`) core.debug(`Input: 'screenshot_repository: ${screenshotRepo}'`) core.debug(`Input: 'cached_filings_file: ${cachedFilingsFile}'`) core.debug(`Input: 'open_grouped_issues: ${shouldOpenGroupedIssues}'`) const octokit = new OctokitWithThrottling({ auth: token, + baseUrl, throttle: { onRateLimit: (retryAfter, options, octokit, retryCount) => { octokit.log.warn(`Request quota exhausted for request ${options.method} ${options.url}`) diff --git a/.github/actions/fix/action.yml b/.github/actions/fix/action.yml index 8cc768e..d92046c 100644 --- a/.github/actions/fix/action.yml +++ b/.github/actions/fix/action.yml @@ -11,6 +11,9 @@ inputs: token: description: "Personal access token (PAT) with fine-grained permissions 'issues: write' and 'pull_requests: write'" required: true + base_url: + description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)" + required: false outputs: fixings_file: diff --git a/.github/actions/fix/src/index.ts b/.github/actions/fix/src/index.ts index 8a81e92..de6abe4 100644 --- a/.github/actions/fix/src/index.ts +++ b/.github/actions/fix/src/index.ts @@ -17,11 +17,14 @@ export default async function () { const issues: IssueInput[] = JSON.parse(fs.readFileSync(issuesFile, 'utf8')) const repoWithOwner = core.getInput('repository', {required: true}) const token = core.getInput('token', {required: true}) + const baseUrl = core.getInput('base_url', {required: false}) || undefined core.debug(`Input: 'issues_file: ${issuesFile}'`) core.debug(`Input: 'repository: ${repoWithOwner}'`) + core.debug(`Input: 'base_url: ${baseUrl ?? '(default)'}'`) const octokit = new OctokitWithThrottling({ auth: token, + baseUrl, throttle: { onRateLimit: (retryAfter, options, octokit, retryCount) => { octokit.log.warn(`Request quota exhausted for request ${options.method} ${options.url}`) diff --git a/README.md b/README.md index 00252e9..226644f 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,7 @@ jobs: repository: REPLACE_THIS/REPLACE_THIS # Provide a repository name-with-owner (in the format "primer/primer-docs"). This is where issues will be filed and where Copilot will open PRs; more information below. token: ${{ secrets.GH_TOKEN }} # This token must have write access to the repo above (contents, issues, and PRs); more information below. Note: GitHub Actions' GITHUB_TOKEN cannot be used here. cache_key: REPLACE_THIS # Provide a filename that will be used when caching results. We recommend including the name or domain of the site being scanned. + # base_url: https://REPLACE_THIS # Optional: GitHub API base URL to pass into Octokit (required for GitHub Enterprise Server) # login_url: # Optional: URL of the login page if authentication is required # username: # Optional: Username for authentication # password: ${{ secrets.PASSWORD }} # Optional: Password for authentication (use secrets!) @@ -118,6 +119,7 @@ Trigger the workflow manually or automatically based on your configuration. The | `repository` | Yes | Repository (with owner) for issues and PRs | `primer/primer-docs` | | `token` | Yes | PAT with write permissions (see above) | `${{ secrets.GH_TOKEN }}` | | `cache_key` | Yes | Key for caching results across runs
Allowed: `A-Za-z0-9._/-` | `cached_results-primer.style-main.json` | +| `base_url` | No | GitHub API base URL used by Octokit. Set this for GitHub Enterprise Server (format: `https://HOSTNAME/api/v3`). Defaults to `https://api.github.com` | `https://ghe.example.com/api/v3` | | `login_url` | No | If scanned pages require authentication, the URL of the login page | `https://github.com/login` | | `username` | No | If scanned pages require authentication, the username to use for login | `some-user` | | `password` | No | If scanned pages require authentication, the password to use for login | `${{ secrets.PASSWORD }}` | diff --git a/action.yml b/action.yml index e0a566e..054d6a4 100644 --- a/action.yml +++ b/action.yml @@ -12,6 +12,9 @@ inputs: token: description: "Personal access token (PAT) with fine-grained permissions 'contents: write', 'issues: write', and 'pull_requests: write'" required: true + base_url: + description: "Optional base URL for the GitHub API (for example, 'https://HOSTNAME/api/v3' for GitHub Enterprise Server)" + required: false cache_key: description: 'Key for caching results across runs' required: true @@ -118,6 +121,7 @@ runs: findings_file: ${{ steps.find.outputs.findings_file }} repository: ${{ inputs.repository }} token: ${{ inputs.token }} + base_url: ${{ inputs.base_url }} cached_filings_file: ${{ steps.normalize_cache.outputs.cached_filings_file }} screenshot_repository: ${{ github.repository }} open_grouped_issues: ${{ inputs.open_grouped_issues }} @@ -137,6 +141,7 @@ runs: issues_file: ${{ steps.get_issues_from_filings.outputs.issues_file }} repository: ${{ inputs.repository }} token: ${{ inputs.token }} + base_url: ${{ inputs.base_url }} - name: Set results output id: results shell: bash