Skip to content

Add optional base_url input to support GitHub Enterprise Octokit endpoints #176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Copilot wants to merge 9 commits into
base: main
Choose a base branch
from
+19 −0
Open

Add optional base_url input to support GitHub Enterprise Octokit endpoints #176

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
e9a0ae7
Initial plan
Copilot Mar 25, 2026
285e444
feat: add optional base_url input for Octokit enterprise support
Copilot Mar 25, 2026
9a3d20d
Apply suggestion from @JoyceZhu
JoyceZhu Mar 25, 2026
1f1f714
Apply suggestion from @JoyceZhu
JoyceZhu Mar 25, 2026
7cecc75
Apply suggestion from @JoyceZhu
JoyceZhu Mar 25, 2026
0142e69
Apply suggestion from @JoyceZhu
JoyceZhu Mar 25, 2026
1f1a6b0
Delete super-verbose tests which aren't useful
JoyceZhu Mar 25, 2026
552478e
Feedback from Lindsey: rearrange optional inputs
JoyceZhu Mar 26, 2026
ffdf8ea
Remove redundant type default
JoyceZhu Mar 26, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .github/actions/file/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ inputs:
token:
description: "Token with fine-grained permission 'issues: write'"
required: true
base_url:
description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)"
required: false
cached_filings:
description: "Cached filings from previous runs, as stringified JSON. Without this, duplicate issues may be filed."
required: false
Expand Down
3 changes: 3 additions & 0 deletions .github/actions/file/src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,22 @@ export default async function () {
const findings: Finding[] = JSON.parse(core.getInput('findings', {required: true}))
const repoWithOwner = core.getInput('repository', {required: true})
const token = core.getInput('token', {required: true})
const baseUrl = core.getInput('base_url', {required: false})
const screenshotRepo = core.getInput('screenshot_repository', {required: false}) || repoWithOwner
const cachedFilings: (ResolvedFiling | RepeatedFiling)[] = JSON.parse(
core.getInput('cached_filings', {required: false}) || '[]',
)
const shouldOpenGroupedIssues = core.getBooleanInput('open_grouped_issues')
core.debug(`Input: 'findings: ${JSON.stringify(findings)}'`)
core.debug(`Input: 'repository: ${repoWithOwner}'`)
core.debug(`Input: 'base_url: ${baseUrl ?? '(default)'}'`)
core.debug(`Input: 'screenshot_repository: ${screenshotRepo}'`)
core.debug(`Input: 'cached_filings: ${JSON.stringify(cachedFilings)}'`)
core.debug(`Input: 'open_grouped_issues: ${shouldOpenGroupedIssues}'`)

const octokit = new OctokitWithThrottling({
auth: token,
baseUrl,
throttle: {
onRateLimit: (retryAfter, options, octokit, retryCount) => {
octokit.log.warn(`Request quota exhausted for request ${options.method} ${options.url}`)
Expand Down
3 changes: 3 additions & 0 deletions .github/actions/fix/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ inputs:
token:
description: "Personal access token (PAT) with fine-grained permissions 'issues: write' and 'pull_requests: write'"
required: true
base_url:
description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)"
required: false

outputs:
fixings:
Expand Down
3 changes: 3 additions & 0 deletions .github/actions/fix/src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,14 @@ export default async function () {
const issues: IssueInput[] = JSON.parse(core.getInput('issues', {required: true}) || '[]')
const repoWithOwner = core.getInput('repository', {required: true})
const token = core.getInput('token', {required: true})
const baseUrl = core.getInput('base_url', {required: false}) || undefined
core.debug(`Input: 'issues: ${JSON.stringify(issues)}'`)
core.debug(`Input: 'repository: ${repoWithOwner}'`)
core.debug(`Input: 'base_url: ${baseUrl ?? '(default)'}'`)

const octokit = new OctokitWithThrottling({
auth: token,
baseUrl,
Copy link
Copy Markdown
Member

@helen helen Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need the key here, even just to be consistent? (I am also overthinking the quotes oops)

Suggested change
baseUrl,
"baseUrl": baseUrl,

Copy link
Copy Markdown
Contributor

@abdulahmad307 abdulahmad307 Mar 26, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I might be misunderstanding the question; are you asking 'should we always include the key 'baseUrl' even if a value is not provided for it via inputs'?

assuming that's your question (and assuming you dont already know the following 😅 - you can ignore me if you already know); assigning baseUrl to the options object that OctokitWithThrottling accepts will automatically assign both key and value to that object (even if the value is undefined).

const someVar = undefined
const object = {
  someVar 
}

// will result in an object that looks like this:
{
  someVar: undefined
}

so line 24 looks right to me (unless you were referring to something else that I'm not seeing)

Copy link
Copy Markdown
Contributor

@JoyceZhu JoyceZhu Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

^agreed with Abdul -- we get a neat little shorthand/syntactic sugar if the key and value share a name (it's an ES6 thing)

throttle: {
onRateLimit: (retryAfter, options, octokit, retryCount) => {
octokit.log.warn(`Request quota exhausted for request ${options.method} ${options.url}`)
Expand Down
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ jobs:
repository: REPLACE_THIS/REPLACE_THIS # Provide a repository name-with-owner (in the format "primer/primer-docs"). This is where issues will be filed and where Copilot will open PRs; more information below.
token: ${{ secrets.GH_TOKEN }} # This token must have write access to the repo above (contents, issues, and PRs); more information below. Note: GitHub Actions' GITHUB_TOKEN cannot be used here.
cache_key: REPLACE_THIS # Provide a filename that will be used when caching results. We recommend including the name or domain of the site being scanned.
# base_url: https://REPLACE_THIS # Optional: GitHub API base URL to pass into Octokit (required for GitHub Enterprise Server)
# login_url: # Optional: URL of the login page if authentication is required
# username: # Optional: Username for authentication
# password: ${{ secrets.PASSWORD }} # Optional: Password for authentication (use secrets!)
Expand Down Expand Up @@ -118,6 +119,7 @@ Trigger the workflow manually or automatically based on your configuration. The
| `repository` | Yes | Repository (with owner) for issues and PRs | `primer/primer-docs` |
| `token` | Yes | PAT with write permissions (see above) | `${{ secrets.GH_TOKEN }}` |
| `cache_key` | Yes | Key for caching results across runs<br>Allowed: `A-Za-z0-9._/-` | `cached_results-primer.style-main.json` |
| `base_url` | No | GitHub API base URL used by Octokit. Set this for GitHub Enterprise Server (format: `https://HOSTNAME/api/v3`). Defaults to `https://api.github.com` | `https://ghe.example.com/api/v3` |
| `login_url` | No | If scanned pages require authentication, the URL of the login page | `https://github.com/login` |
| `username` | No | If scanned pages require authentication, the username to use for login | `some-user` |
| `password` | No | If scanned pages require authentication, the password to use for login | `${{ secrets.PASSWORD }}` |
Expand Down
5 changes: 5 additions & 0 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ inputs:
token:
description: "Personal access token (PAT) with fine-grained permissions 'contents: write', 'issues: write', and 'pull_requests: write'"
required: true
base_url:
description: "Optional base URL for the GitHub API (for example, 'https://HOSTNAME/api/v3' for GitHub Enterprise Server)"
Copy link
Copy Markdown
Contributor

@JoyceZhu JoyceZhu Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
description: "Optional base URL for the GitHub API (for example, 'https://HOSTNAME/api/v3' for GitHub Enterprise Server)"
description: "Optional base URL to pass into Octokit for the GitHub API (for example, `https://YOUR_HOSTNAME/api/v3` for GitHub Enterprise Server)"

required: false
cache_key:
description: 'Key for caching results across runs'
required: true
Expand Down Expand Up @@ -113,6 +116,7 @@ runs:
findings: ${{ steps.find.outputs.findings }}
repository: ${{ inputs.repository }}
token: ${{ inputs.token }}
base_url: ${{ inputs.base_url }}
cached_filings: ${{ steps.normalize_cache.outputs.value }}
screenshot_repository: ${{ github.repository }}
open_grouped_issues: ${{ inputs.open_grouped_issues }}
Expand All @@ -132,6 +136,7 @@ runs:
issues: ${{ steps.get_issues_from_filings.outputs.issues }}
repository: ${{ inputs.repository }}
token: ${{ inputs.token }}
base_url: ${{ inputs.base_url }}
- name: Set results output
id: results
uses: actions/github-script@v8
Expand Down
Loading