github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-09 15:20:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add proxy_ca_certificate_file output to start-proxy action

Browse Source 
Useful to avoid duplicating this across different extractors (e.g. C# and Go)
This commit is contained in:
Michael B. Gale
2025-04-07 13:16:12 +01:00
parent 4b508f5964
commit f28be5853f
3 changed files with 32 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/start-proxy-action.js
Generated
+12
View File
@@ -34,6 +34,7 @@ var __importStar = (this && this.__importStar) || (function () {
})();
Object.defineProperty(exports, "__esModule", { value: true });
const child_process_1 = require("child_process");
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const core = __importStar(require("@actions/core"));
const toolcache = __importStar(require("@actions/tool-cache"));
@@ -111,6 +112,16 @@ async function runWrapper() {
all_credentials: credentials,
ca,
};
// Try to write the certificate to disk. Some extractors may use this to populate
// the `SSL_CERT_FILE` environment variable.
try {
const certificatePath = path.join(actionsUtil.getTemporaryDirectory(), "codeql_package_proxy.crt");
fs.writeFileSync(certificatePath, ca.cert);
proxyConfig.ca_certificate_file = certificatePath;
}
catch (error) {
logger.error(`Failed to write the proxy certificate to disk: ${util.getErrorMessage(error)}`);
}
// Start the Proxy
const proxyBin = await getProxyBinaryPath();
await startProxy(proxyBin, proxyConfig, proxyLogFilePath, logger);
@@ -154,6 +165,7 @@ async function startProxy(binPath, config, logFilePath, logger) {
core.setOutput("proxy_host", host);
core.setOutput("proxy_port", port.toString());
core.setOutput("proxy_ca_certificate", config.ca.cert);
core.setOutput("proxy_ca_certificate_file", config.ca_certificate_file);
const registry_urls = config.all_credentials
.filter((credential) => credential.url !== undefined)
.map((credential) => ({
lib/start-proxy-action.js.map
+1 -1
View File
File diff suppressed because one or more lines are too long
src/start-proxy-action.ts
+19
View File
@@ -1,4 +1,5 @@
import { ChildProcess, spawn } from "child_process";
import * as fs from "fs";
import * as path from "path";
import * as core from "@actions/core";
@@ -29,6 +30,7 @@ type BasicAuthCredentials = {
type ProxyConfig = {
all_credentials: Credential[];
ca_certificate_file?: string;
ca: CertificateAuthority;
proxy_auth?: BasicAuthCredentials;
};
@@ -118,6 +120,22 @@ async function runWrapper() {
ca,
};
// Try to write the certificate to disk. Some extractors may use this to populate
// the `SSL_CERT_FILE` environment variable.
try {
const certificatePath = path.join(
actionsUtil.getTemporaryDirectory(),
"codeql_package_proxy.crt",
);
fs.writeFileSync(certificatePath, ca.cert);
proxyConfig.ca_certificate_file = certificatePath;
} catch (error) {
logger.error(
`Failed to write the proxy certificate to disk: ${util.getErrorMessage(error)}`,
);
}
// Start the Proxy
const proxyBin = await getProxyBinaryPath();
await startProxy(proxyBin, proxyConfig, proxyLogFilePath, logger);
@@ -171,6 +189,7 @@ async function startProxy(
core.setOutput("proxy_host", host);
core.setOutput("proxy_port", port.toString());
core.setOutput("proxy_ca_certificate", config.ca.cert);
core.setOutput("proxy_ca_certificate_file", config.ca_certificate_file);
const registry_urls = config.all_credentials
.filter((credential) => credential.url !== undefined)