diff --git a/.github/actions/file/action.yml b/.github/actions/file/action.yml index 40c63947..b1a8d505 100644 --- a/.github/actions/file/action.yml +++ b/.github/actions/file/action.yml @@ -11,6 +11,9 @@ inputs: token: description: "Token with fine-grained permission 'issues: write'" required: true + base_url: + description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)" + required: false cached_filings: description: "Cached filings from previous runs, as stringified JSON. Without this, duplicate issues may be filed." required: false diff --git a/.github/actions/file/src/index.ts b/.github/actions/file/src/index.ts index 2619d79b..64b075f2 100644 --- a/.github/actions/file/src/index.ts +++ b/.github/actions/file/src/index.ts @@ -19,6 +19,7 @@ export default async function () { const findings: Finding[] = JSON.parse(core.getInput('findings', {required: true})) const repoWithOwner = core.getInput('repository', {required: true}) const token = core.getInput('token', {required: true}) + const baseUrl = core.getInput('base_url', {required: false}) const screenshotRepo = core.getInput('screenshot_repository', {required: false}) || repoWithOwner const cachedFilings: (ResolvedFiling | RepeatedFiling)[] = JSON.parse( core.getInput('cached_filings', {required: false}) || '[]', @@ -26,12 +27,14 @@ export default async function () { const shouldOpenGroupedIssues = core.getBooleanInput('open_grouped_issues') core.debug(`Input: 'findings: ${JSON.stringify(findings)}'`) core.debug(`Input: 'repository: ${repoWithOwner}'`) + core.debug(`Input: 'base_url: ${baseUrl ?? '(default)'}'`) core.debug(`Input: 'screenshot_repository: ${screenshotRepo}'`) core.debug(`Input: 'cached_filings: ${JSON.stringify(cachedFilings)}'`) core.debug(`Input: 'open_grouped_issues: ${shouldOpenGroupedIssues}'`) const octokit = new OctokitWithThrottling({ auth: token, + baseUrl, throttle: { onRateLimit: (retryAfter, options, octokit, retryCount) => { octokit.log.warn(`Request quota exhausted for request ${options.method} ${options.url}`) diff --git a/.github/actions/fix/action.yml b/.github/actions/fix/action.yml index 7a3dcf9b..7a17eab7 100644 --- a/.github/actions/fix/action.yml +++ b/.github/actions/fix/action.yml @@ -11,6 +11,9 @@ inputs: token: description: "Personal access token (PAT) with fine-grained permissions 'issues: write' and 'pull_requests: write'" required: true + base_url: + description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)" + required: false outputs: fixings: diff --git a/.github/actions/fix/src/index.ts b/.github/actions/fix/src/index.ts index aba4bf38..8ce9baca 100644 --- a/.github/actions/fix/src/index.ts +++ b/.github/actions/fix/src/index.ts @@ -14,11 +14,14 @@ export default async function () { const issues: IssueInput[] = JSON.parse(core.getInput('issues', {required: true}) || '[]') const repoWithOwner = core.getInput('repository', {required: true}) const token = core.getInput('token', {required: true}) + const baseUrl = core.getInput('base_url', {required: false}) || undefined core.debug(`Input: 'issues: ${JSON.stringify(issues)}'`) core.debug(`Input: 'repository: ${repoWithOwner}'`) + core.debug(`Input: 'base_url: ${baseUrl ?? '(default)'}'`) const octokit = new OctokitWithThrottling({ auth: token, + baseUrl, throttle: { onRateLimit: (retryAfter, options, octokit, retryCount) => { octokit.log.warn(`Request quota exhausted for request ${options.method} ${options.url}`) diff --git a/README.md b/README.md index 00252e99..226644f3 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,7 @@ jobs: repository: REPLACE_THIS/REPLACE_THIS # Provide a repository name-with-owner (in the format "primer/primer-docs"). This is where issues will be filed and where Copilot will open PRs; more information below. token: ${{ secrets.GH_TOKEN }} # This token must have write access to the repo above (contents, issues, and PRs); more information below. Note: GitHub Actions' GITHUB_TOKEN cannot be used here. cache_key: REPLACE_THIS # Provide a filename that will be used when caching results. We recommend including the name or domain of the site being scanned. + # base_url: https://REPLACE_THIS # Optional: GitHub API base URL to pass into Octokit (required for GitHub Enterprise Server) # login_url: # Optional: URL of the login page if authentication is required # username: # Optional: Username for authentication # password: ${{ secrets.PASSWORD }} # Optional: Password for authentication (use secrets!) @@ -118,6 +119,7 @@ Trigger the workflow manually or automatically based on your configuration. The | `repository` | Yes | Repository (with owner) for issues and PRs | `primer/primer-docs` | | `token` | Yes | PAT with write permissions (see above) | `${{ secrets.GH_TOKEN }}` | | `cache_key` | Yes | Key for caching results across runs
Allowed: `A-Za-z0-9._/-` | `cached_results-primer.style-main.json` | +| `base_url` | No | GitHub API base URL used by Octokit. Set this for GitHub Enterprise Server (format: `https://HOSTNAME/api/v3`). Defaults to `https://api.github.com` | `https://ghe.example.com/api/v3` | | `login_url` | No | If scanned pages require authentication, the URL of the login page | `https://github.com/login` | | `username` | No | If scanned pages require authentication, the username to use for login | `some-user` | | `password` | No | If scanned pages require authentication, the password to use for login | `${{ secrets.PASSWORD }}` | diff --git a/action.yml b/action.yml index 933a10d8..99515a42 100644 --- a/action.yml +++ b/action.yml @@ -12,6 +12,9 @@ inputs: token: description: "Personal access token (PAT) with fine-grained permissions 'contents: write', 'issues: write', and 'pull_requests: write'" required: true + base_url: + description: "Optional base URL for the GitHub API (for example, 'https://HOSTNAME/api/v3' for GitHub Enterprise Server)" + required: false cache_key: description: 'Key for caching results across runs' required: true @@ -113,6 +116,7 @@ runs: findings: ${{ steps.find.outputs.findings }} repository: ${{ inputs.repository }} token: ${{ inputs.token }} + base_url: ${{ inputs.base_url }} cached_filings: ${{ steps.normalize_cache.outputs.value }} screenshot_repository: ${{ github.repository }} open_grouped_issues: ${{ inputs.open_grouped_issues }} @@ -132,6 +136,7 @@ runs: issues: ${{ steps.get_issues_from_filings.outputs.issues }} repository: ${{ inputs.repository }} token: ${{ inputs.token }} + base_url: ${{ inputs.base_url }} - name: Set results output id: results uses: actions/github-script@v8