Merge pull request #11 from SecureCodeWarrior/language

Added support for fetching repository language

Author: cwong-scw

.jest/setEnvVars.js

@@ -0,0 +1 @@
+process.env.GITHUB_REPOSITORY = 'scw/test-repo';

README.md

@@ -32,6 +32,7 @@ Currently supports adding training material based on CWE references included in
         with:
           inputSarifFile: sarif/findings.sarif
           outputSarifFile: sarif/findings.processed.sarif
+          githubToken: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Import Results
         uses: github/codeql-action/upload-sarif@v1
@@ -48,3 +49,7 @@ The SARIF file to add Secure Code Warrior contextual training material to. **Def
 ### `outputSarifFile`
 
 The SARIF file to add Secure Code Warrior contextual training material to. **Default value:** `./findings.processed.sarif`
+
+### `githubToken` (optional)
+
+Provide `${{ secrets.GITHUB_TOKEN }}` to use the GitHub access token automatically supplied by GitHub Workflows. This enables language-specific training links to be generated (where available) by fetching the repository language from the GitHub API.

action.yml

@@ -5,13 +5,16 @@ branding:
   color: 'orange'
 inputs:
   inputSarifFile:
-    description: 'relative location of SARIF file to process'
+    description: 'Relative location of SARIF file to process'
     required: true
     default: './findings.sarif'
   outputSarifFile:
-    description: 'relative destination location for processed SARIF file'
+    description: 'Relative destination location for processed SARIF file'
     required: true
     default: './findings.processed.sarif'
+  githubToken:
+    description: 'Provide `secrets.GITHUB_TOKEN` to use the GitHub access token automatically supplied by GitHub Workflows'
+    required: false
 runs:
   using: 'node12'
   main: 'dist/index.js'