feat: Implement GitHub Token retrieval and enhance CodeQL installation process

GeekMasher · GeekMasher · commit 28cc5320c013 · 2025-09-12T11:48:26.000+01:00
diff --git a/src/action.rs b/src/action.rs
@@ -103,6 +103,15 @@ pub struct Action {
 }
 
 impl Action {
+    /// Returns the GitHub Token for the action
+    pub fn get_token(&self) -> String {
+        if self.token.is_empty() {
+            std::env::var("GITHUB_TOKEN").unwrap_or_default()
+        } else {
+            self.token.clone()
+        }
+    }
+
     /// Returns the working directory for the action
     ///
     /// If no working directory is provided, the current directory is used.
diff --git a/src/codeql.rs b/src/codeql.rs
@@ -5,8 +5,66 @@
 //! installation process fails.
 
 use anyhow::{Context, Result};
+use ghactions::ActionTrait;
 use ghastoolkit::CodeQL;
 
+use crate::action::Action;
+
+/// Download and install the CodeQL CLI, with fallback to GitHub CLI if necessary
+pub async fn codeql_download(action: &Action) -> Result<CodeQL> {
+    let token = action.get_token();
+
+    let mut codeql = CodeQL::init()
+        .build()
+        .await
+        .context("Failed to create CodeQL instance")?;
+    log::debug!("CodeQL :: {codeql:?}");
+
+    if !codeql.is_installed().await {
+        let codeql_version = action.codeql_version();
+        log::info!("CodeQL not installed, installing `{codeql_version}`...");
+
+        // Try to install with authentication first (if token is available)
+        if !token.is_empty() {
+            let octocrab_auth = action.octocrab_with_token(token)?;
+            if let Ok(_) = codeql.install(&octocrab_auth, codeql_version).await {
+                log::info!("CodeQL installed using authentication");
+                return Ok(codeql);
+            } else {
+                log::warn!(
+                    "Failed to install CodeQL with authentication, trying without authentication..."
+                );
+            }
+        }
+
+        // Try to install without authentication
+        let octocrab = action.octocrab_without_token()?;
+        if let Ok(_) = codeql.install(&octocrab, codeql_version).await {
+            log::info!("CodeQL installed without authentication");
+            return Ok(codeql);
+        } else {
+            log::warn!("Failed to install CodeQL without authentication");
+            log::info!("Attempting to install CodeQL using GitHub CLI...");
+        }
+
+        let location = gh_codeql_download(codeql_version)
+            .await
+            .context("Failed to download CodeQL using GitHub CLI")?;
+        // Reinitialize CodeQL with the new path
+        codeql = CodeQL::init()
+            .path(location)
+            .build()
+            .await
+            .context("Failed to create CodeQL instance after GitHub CLI installation")?;
+
+        log::info!("CodeQL installed");
+    } else {
+        log::info!("CodeQL already installed");
+    }
+
+    Ok(codeql)
+}
+
 /// Download and install the CodeQL CLI using the GitHub CLI
 ///
 /// This function serves as a fallback installation method when the standard CodeQL
@@ -20,7 +78,7 @@ use ghastoolkit::CodeQL;
 ///
 /// # Returns
 /// * `Result<String>` - Path to the installed CodeQL binary or an error
-pub async fn gh_codeql_download(codeql_version: &str) -> Result<String> {
+async fn gh_codeql_download(codeql_version: &str) -> Result<String> {
     log::info!("Downloading CodeQL Extension for GitHub CLI...");
     log::debug!("Running command: gh extensions install github/gh-codeql");
     let status = tokio::process::Command::new("gh")
diff --git a/src/main.rs b/src/main.rs
@@ -13,10 +13,9 @@ mod action;
 mod codeql;
 mod extractors;
 
+use crate::codeql::codeql_download;
 use action::{AUTHORS, Action, BANNER, VERSION};
 
-use crate::codeql::gh_codeql_download;
-
 /// Main function that drives the CodeQL Extractor Action workflow
 ///
 /// This function:
@@ -50,35 +49,14 @@ async fn main() -> Result<()> {
 
     group!("Setting up CodeQL");
 
-    let mut codeql = CodeQL::init()
-        .build()
+    let mut codeql = codeql_download(&action)
         .await
-        .context("Failed to create CodeQL instance")?;
-    log::debug!("CodeQL :: {codeql:?}");
-
-    if !codeql.is_installed().await {
-        let codeql_version = action.codeql_version();
-        log::info!("CodeQL not installed, installing `{codeql_version}`...");
-
-        if let Err(error) = codeql.install(&octocrab, codeql_version).await {
-            log::warn!("Failed to install CodeQL: {error:?}");
-            log::info!("Attempting to install CodeQL using GitHub CLI...");
-
-            let location = gh_codeql_download(codeql_version)
-                .await
-                .context("Failed to download CodeQL using GitHub CLI")?;
-
-            codeql = CodeQL::init()
-                .path(location)
-                .build()
-                .await
-                .context("Failed to create CodeQL instance after GitHub CLI installation")?;
-        }
+        .context("Failed to set up CodeQL")?;
+    log::info!(
+        "CodeQL CLI Version :: {}",
+        codeql.version().unwrap_or_default()
+    );
 
-        log::info!("CodeQL installed");
-    } else {
-        log::info!("CodeQL already installed");
-    }
     // Packs installation
     action.install_packs(&codeql).await?;
 
