github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-02 01:32:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3559 from github/henrymercer/ghes-repository-properties

Browse Source 
Load custom repository properties on GHES and remove feature flag
This commit is contained in:
Henry Mercer
2026-03-09 17:26:59 +00:00
committed by GitHub
parent b39251fe78 1b7fa1a121
commit 3c97288d80
17 changed files with 9 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -5,6 +5,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
## [UNRELEASED]
- Fixed [a bug](https://github.com/github/codeql-action/issues/3555) which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. [#3557](https://github.com/github/codeql-action/pull/3557)
- The CodeQL Action now loads [custom repository properties](https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization) on GitHub Enterprise Server, enabling the customization of features such as `github-codeql-disable-overlay` that was previously only available on GitHub.com. [#3559](https://github.com/github/codeql-action/pull/3559)
## 4.32.6 - 05 Mar 2026

5
lib/analyze-action-post.js generated
View File

@@ -162243,11 +162243,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/analyze-action.js generated
View File

@@ -107992,11 +107992,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/autobuild-action.js generated
View File

@@ -104292,11 +104292,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/init-action-post.js generated
View File

@@ -165729,11 +165729,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

24
lib/init-action.js generated
View File

@@ -104424,10 +104424,7 @@ var repositoryPropertyParsers = {
["github-codeql-disable-overlay" /* DISABLE_OVERLAY */]: booleanProperty,
["github-codeql-extra-queries" /* EXTRA_QUERIES */]: stringProperty
};
async function loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo) {
if (gitHubVersion.type === "GitHub Enterprise Server" /* GHES */) {
return {};
}
async function loadPropertiesFromApi(logger, repositoryNwo) {
try {
const response = await getRepositoryProperties(repositoryNwo);
const remoteProperties = response.data;
@@ -105552,11 +105549,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -109647,8 +109639,6 @@ async function run(startedAt) {
);
const repositoryPropertiesResult = await loadRepositoryProperties(
repositoryNwo,
gitHubVersion,
features,
logger
);
const jobRunUuid = v4_default();
@@ -110048,7 +110038,7 @@ exec ${goBinaryPath} "$@"`
logger
);
}
async function loadRepositoryProperties(repositoryNwo, gitHubVersion, features, logger) {
async function loadRepositoryProperties(repositoryNwo, logger) {
const repositoryOwnerType = github2.context.payload.repository?.owner.type;
logger.debug(
`Repository owner type is '${repositoryOwnerType ?? "unknown"}'.`
@@ -110059,16 +110049,8 @@ async function loadRepositoryProperties(repositoryNwo, gitHubVersion, features,
);
return new Success({});
}
if (!await features.getValue("use_repository_properties_v2" /* UseRepositoryProperties */)) {
logger.debug(
"Skipping loading repository properties because the UseRepositoryProperties feature flag is disabled."
);
return new Success({});
}
try {
return new Success(
await loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo)
);
return new Success(await loadPropertiesFromApi(logger, repositoryNwo));
} catch (error3) {
logger.warning(
`Failed to load repository properties: ${getErrorMessage(error3)}`

5
lib/resolve-environment-action.js generated
View File

@@ -104283,11 +104283,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/setup-codeql-action.js generated
View File

@@ -104180,11 +104180,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/start-proxy-action-post.js generated
View File

@@ -161649,11 +161649,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/start-proxy-action.js generated
View File

@@ -120972,11 +120972,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/upload-lib.js generated
View File

@@ -107439,11 +107439,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/upload-sarif-action-post.js generated
View File

@@ -161811,11 +161811,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

5
lib/upload-sarif-action.js generated
View File

@@ -107153,11 +107153,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

6
src/feature-flags.ts
View File

@@ -87,7 +87,6 @@ export enum Feature {
StartProxyRemoveUnusedRegistries = "start_proxy_remove_unused_registries",
StartProxyUseFeaturesRelease = "start_proxy_use_features_release",
UploadOverlayDbToApi = "upload_overlay_db_to_api",
UseRepositoryProperties = "use_repository_properties_v2",
ValidateDbConfig = "validate_db_config",
}
@@ -352,11 +351,6 @@ export const featureConfig = {
minimumVersion: undefined,
toolsFeature: ToolsFeature.BundleSupportsOverlay,
},
[Feature.UseRepositoryProperties]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: undefined,
},
[Feature.ValidateDbConfig]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",

71
src/feature-flags/properties.test.ts
View File

@@ -5,7 +5,6 @@ import * as api from "../api-client";
import { getRunnerLogger } from "../logging";
import { parseRepositoryNwo } from "../repository";
import { setupTests } from "../testing-utils";
import * as util from "../util";
import * as properties from "./properties";
@@ -23,13 +22,7 @@ test.serial(
const logger = getRunnerLogger(true);
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
await t.throwsAsync(
properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
),
properties.loadPropertiesFromApi(logger, mockRepositoryNwo),
{
message: /Expected repository properties API to return an array/,
},
@@ -49,13 +42,7 @@ test.serial(
const logger = getRunnerLogger(true);
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
await t.throwsAsync(
properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
),
properties.loadPropertiesFromApi(logger, mockRepositoryNwo),
{
message:
/Expected repository property object to have a 'property_name'/,
@@ -79,43 +66,11 @@ test.serial(
const logger = getRunnerLogger(true);
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
await t.notThrowsAsync(
properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
),
properties.loadPropertiesFromApi(logger, mockRepositoryNwo),
);
},
);
test.serial(
"loadPropertiesFromApi returns empty object if on GHES",
async (t) => {
sinon.stub(api, "getRepositoryProperties").resolves({
headers: {},
status: 200,
url: "",
data: [
{ property_name: "github-codeql-extra-queries", value: "+queries" },
{ property_name: "unknown-property", value: "something" },
] satisfies properties.GitHubPropertiesResponse,
});
const logger = getRunnerLogger(true);
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
const response = await properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.GHES,
version: "",
},
logger,
mockRepositoryNwo,
);
t.deepEqual(response, {});
},
);
test.serial("loadPropertiesFromApi loads known properties", async (t) => {
sinon.stub(api, "getRepositoryProperties").resolves({
headers: {},
@@ -129,9 +84,6 @@ test.serial("loadPropertiesFromApi loads known properties", async (t) => {
const logger = getRunnerLogger(true);
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
const response = await properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
);
@@ -155,9 +107,6 @@ test.serial("loadPropertiesFromApi parses true boolean property", async (t) => {
const warningSpy = sinon.spy(logger, "warning");
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
const response = await properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
);
@@ -186,9 +135,6 @@ test.serial(
const warningSpy = sinon.spy(logger, "warning");
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
const response = await properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
);
@@ -211,13 +157,7 @@ test.serial(
const logger = getRunnerLogger(true);
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
await t.throwsAsync(
properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
),
properties.loadPropertiesFromApi(logger, mockRepositoryNwo),
{
message:
/Unexpected value for repository property 'github-codeql-extra-queries' \(number\), got: 123/,
@@ -244,9 +184,6 @@ test.serial(
const warningSpy = sinon.spy(logger, "warning");
const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
const response = await properties.loadPropertiesFromApi(
{
type: util.GitHubVariant.DOTCOM,
},
logger,
mockRepositoryNwo,
);

8
src/feature-flags/properties.ts
View File

@@ -1,7 +1,6 @@
import { getRepositoryProperties } from "../api-client";
import { Logger } from "../logging";
import { RepositoryNwo } from "../repository";
import { GitHubVariant, GitHubVersion } from "../util";
/**
* Enumerates repository property names that have some meaning to us.
@@ -93,16 +92,9 @@ export type GitHubPropertiesResponse = GitHubRepositoryProperty[];
* @returns Returns a partial mapping from `RepositoryPropertyName` to values.
*/
export async function loadPropertiesFromApi(
gitHubVersion: GitHubVersion,
logger: Logger,
repositoryNwo: RepositoryNwo,
): Promise<RepositoryProperties> {
// TODO: To be safe for now; later we should replace this with a version check once we know
// which version of GHES we expect this to be supported by.
if (gitHubVersion.type === GitHubVariant.GHES) {
return {};
}
try {
const response = await getRepositoryProperties(repositoryNwo);
const remoteProperties = response.data as GitHubPropertiesResponse;

16
src/init-action.ts
View File

@@ -93,7 +93,6 @@ import {
checkActionVersion,
getErrorMessage,
BuildMode,
GitHubVersion,
Result,
getOptionalEnvVar,
Success,
@@ -250,8 +249,6 @@ async function run(startedAt: Date) {
// Fetch the values of known repository properties that affect us.
const repositoryPropertiesResult = await loadRepositoryProperties(
repositoryNwo,
gitHubVersion,
features,
logger,
);
@@ -820,8 +817,6 @@ async function run(startedAt: Date) {
*/
async function loadRepositoryProperties(
repositoryNwo: RepositoryNwo,
gitHubVersion: GitHubVersion,
features: FeatureEnablement,
logger: Logger,
): Promise<Result<RepositoryProperties, unknown>> {
// See if we can skip loading repository properties early. In particular,
@@ -839,17 +834,8 @@ async function loadRepositoryProperties(
return new Success({});
}
if (!(await features.getValue(Feature.UseRepositoryProperties))) {
logger.debug(
"Skipping loading repository properties because the UseRepositoryProperties feature flag is disabled.",
);
return new Success({});
}
try {
return new Success(
await loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo),
);
return new Success(await loadPropertiesFromApi(logger, repositoryNwo));
} catch (error) {
logger.warning(
`Failed to load repository properties: ${getErrorMessage(error)}`,