Merge pull request #128 from github/enterprise_status_reports

Avoid sending status reports on enterprise

src/codeql.ts

@@ -83,13 +83,8 @@ const CODEQL_ACTION_CMD = "CODEQL_ACTION_CMD";
 
 const CODEQL_BUNDLE_VERSION = "codeql-bundle-20200630";
 const CODEQL_BUNDLE_NAME = "codeql-bundle.tar.gz";
-const GITHUB_DOTCOM_API_URL = "https://api.github.com";
 const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
 
-function getInstanceAPIURL(): string {
-  return process.env["GITHUB_API_URL"] || GITHUB_DOTCOM_API_URL;
-}
-
 function getCodeQLActionRepository(): string {
   // Actions do not know their own repository name,
   // so we currently use this hack to find the name based on where our files are.
@@ -110,19 +105,19 @@ async function getCodeQLBundleDownloadURL(): Promise<string> {
   const codeQLActionRepository = getCodeQLActionRepository();
   const potentialDownloadSources = [
     // This GitHub instance, and this Action.
-    [getInstanceAPIURL(), codeQLActionRepository],
+    [util.getInstanceAPIURL(), codeQLActionRepository],
     // This GitHub instance, and the canonical Action.
-    [getInstanceAPIURL(), CODEQL_DEFAULT_ACTION_REPOSITORY],
+    [util.getInstanceAPIURL(), CODEQL_DEFAULT_ACTION_REPOSITORY],
     // GitHub.com, and the canonical Action.
-    [GITHUB_DOTCOM_API_URL, CODEQL_DEFAULT_ACTION_REPOSITORY],
+    [util.GITHUB_DOTCOM_API_URL, CODEQL_DEFAULT_ACTION_REPOSITORY],
   ];
   // We now filter out any duplicates.
   // Duplicates will happen either because the GitHub instance is GitHub.com, or because the Action is not a fork.
   const uniqueDownloadSources = potentialDownloadSources.filter((url, index, self) => index === self.indexOf(url));
   for (let downloadSource of uniqueDownloadSources) {
     let [apiURL, repository] = downloadSource;
     // If we've reached the final case, short-circuit the API check since we know the bundle exists and is public.
-    if (apiURL === GITHUB_DOTCOM_API_URL && repository === CODEQL_DEFAULT_ACTION_REPOSITORY) {
+    if (apiURL === util.GITHUB_DOTCOM_API_URL && repository === CODEQL_DEFAULT_ACTION_REPOSITORY) {
       break;
     }
     let [repositoryOwner, repositoryName] = repository.split("/");
@@ -181,7 +176,7 @@ export async function setupCodeQL(): Promise<CodeQL> {
       // We only want to provide an authorization header if we are downloading
       // from the same GitHub instance the Action is running on.
       // This avoids leaking Enterprise tokens to dotcom.
-      if (codeqlURL.startsWith(getInstanceAPIURL() + "/")) {
+      if (codeqlURL.startsWith(util.getInstanceAPIURL() + "/")) {
         core.debug('Downloading CodeQL bundle with token.');
         let token = core.getInput('token', { required: true });
         headers.authorization = `token ${token}`;

src/util.ts

@@ -7,6 +7,26 @@ import * as path from 'path';
 import * as api from './api-client';
 import * as sharedEnv from './shared-environment';
 
+/**
+ * The API URL for github.com.
+ */
+export const GITHUB_DOTCOM_API_URL = "https://api.github.com";
+
+/**
+ * Get the API URL for the GitHub instance we are connected to.
+ * May be for github.com or for an enterprise instance.
+ */
+export function getInstanceAPIURL(): string {
+  return process.env["GITHUB_API_URL"] || GITHUB_DOTCOM_API_URL;
+}
+
+/**
+ * Are we running against a GitHub Enterpise instance, as opposed to github.com.
+ */
+export function isEnterprise(): boolean {
+  return getInstanceAPIURL() !== GITHUB_DOTCOM_API_URL;
+}
+
 /**
  * Should the current action be aborted?
  *
@@ -248,6 +268,11 @@ export async function sendStatusReport<S extends StatusReportBase>(
   statusReport: S,
   ignoreFailures?: boolean): Promise<boolean> {
 
+  if (isEnterprise()) {
+    core.debug("Not sending status report to GitHub Enterprise");
+    return true;
+  }
+
   const statusReportJSON = JSON.stringify(statusReport);
 
   core.debug('Sending status report: ' + statusReportJSON);