From 983f1c499e27e51f76cfae2b747e171dbaa44607 Mon Sep 17 00:00:00 2001
From: Dominik Schilling <dominikschilling+git@gmail.com>
Date: Mon, 6 Sep 2021 09:00:20 +0200
Subject: [PATCH] Replace hard-coded references to GitHub.com (#296)

* Replace hard-coded reference to GitHub.com with environment variables

* Address ESLint errors

* Apply prettier to src/git.js

* Update GitHub hostname variable declaration and naming

* Add clone URL to GitHub context

* Update tests

Co-authored-by: Linden Huhmann <lindenhuhmann@gmail.com>
---
 dist/index.js               | 23 ++++++++++++++++-------
 src/git.js                  | 14 ++++++++------
 src/github/api.js           |  2 +-
 src/github/context.js       |  8 ++++++++
 test/github/context.test.js | 12 ++++++++++++
 5 files changed, 45 insertions(+), 14 deletions(-)

diff --git a/dist/index.js b/dist/index.js
index 0f6a4931..b05ed449 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -707,15 +707,17 @@ function checkOutRemoteBranch(context) {
 	if (context.repository.hasFork) {
 		// Fork: Add fork repo as remote
 		core.info(`Adding "${context.repository.forkName}" fork as remote with Git`);
-		run(
-			`git remote add fork https://${context.actor}:${context.token}@github.com/${context.repository.forkName}.git`,
-		);
+		const cloneURl = new URL(context.repository.forkCloneUrl);
+		cloneURl.username = context.actor;
+		cloneURl.username = context.token;
+		run(`git remote add fork ${cloneURl.toString()}`);
 	} else {
 		// No fork: Update remote URL to include auth information (so auto-fixes can be pushed)
 		core.info(`Adding auth information to Git remote URL`);
-		run(
-			`git remote set-url origin https://${context.actor}:${context.token}@github.com/${context.repository.repoName}.git`,
-		);
+		const cloneURl = new URL(context.repository.cloneUrl);
+		cloneURl.username = context.actor;
+		cloneURl.username = context.token;
+		run(`git remote set-url origin ${cloneURl.toString()}`);
 	}
 
 	const remote = context.repository.hasFork ? "fork" : "origin";
@@ -864,7 +866,7 @@ async function createCheck(linterName, sha, context, lintResult, neutralCheckOnW
 		core.info(
 			`Creating GitHub check with ${conclusion} conclusion and ${annotations.length} annotations for ${linterName}…`,
 		);
-		await request(`https://api.github.com/repos/${context.repository.repoName}/check-runs`, {
+		await request(`${process.env.GITHUB_API_URL}/repos/${context.repository.repoName}/check-runs`, {
 			method: "POST",
 			headers: {
 				"Content-Type": "application/json",
@@ -911,7 +913,9 @@ const { getEnv } = __nccwpck_require__(575);
  * Information about the GitHub repository and its fork (if it exists)
  * @typedef GithubRepository
  * @property {string} repoName Repo name.
+ * @property {string} cloneUrl Repo clone URL.
  * @property {string} forkName Fork name.
+ * @property {string} forkCloneUrl Fork repo clone URL.
  * @property {boolean} hasFork Whether repo has a fork.
  */
 
@@ -980,17 +984,22 @@ function parseBranch(eventName, event) {
  */
 function parseRepository(eventName, event) {
 	const repoName = event.repository.full_name;
+	const cloneUrl = event.repository.clone_url;
 	let forkName;
+	let forkCloneUrl;
 	if (eventName === "pull_request" || eventName === "pull_request_target") {
 		// "pull_request" events are triggered on the repository where the PR is made. The PR branch can
 		// be on the same repository (`forkRepository` is set to `null`) or on a fork (`forkRepository`
 		// is defined)
 		const headRepoName = event.pull_request.head.repo.full_name;
 		forkName = repoName === headRepoName ? undefined : headRepoName;
+		forkCloneUrl = event.pull_request.head.repo.clone_url;
 	}
 	return {
 		repoName,
+		cloneUrl,
 		forkName,
+		forkCloneUrl,
 		hasFork: forkName != null && forkName !== repoName,
 	};
 }
diff --git a/src/git.js b/src/git.js
index f05872aa..c2e1e2b4 100644
--- a/src/git.js
+++ b/src/git.js
@@ -12,15 +12,17 @@ function checkOutRemoteBranch(context) {
 	if (context.repository.hasFork) {
 		// Fork: Add fork repo as remote
 		core.info(`Adding "${context.repository.forkName}" fork as remote with Git`);
-		run(
-			`git remote add fork https://${context.actor}:${context.token}@github.com/${context.repository.forkName}.git`,
-		);
+		const cloneURl = new URL(context.repository.forkCloneUrl);
+		cloneURl.username = context.actor;
+		cloneURl.username = context.token;
+		run(`git remote add fork ${cloneURl.toString()}`);
 	} else {
 		// No fork: Update remote URL to include auth information (so auto-fixes can be pushed)
 		core.info(`Adding auth information to Git remote URL`);
-		run(
-			`git remote set-url origin https://${context.actor}:${context.token}@github.com/${context.repository.repoName}.git`,
-		);
+		const cloneURl = new URL(context.repository.cloneUrl);
+		cloneURl.username = context.actor;
+		cloneURl.username = context.token;
+		run(`git remote set-url origin ${cloneURl.toString()}`);
 	}
 
 	const remote = context.repository.hasFork ? "fork" : "origin";
diff --git a/src/github/api.js b/src/github/api.js
index 55af4963..cb865e09 100644
--- a/src/github/api.js
+++ b/src/github/api.js
@@ -66,7 +66,7 @@ async function createCheck(linterName, sha, context, lintResult, neutralCheckOnW
 		core.info(
 			`Creating GitHub check with ${conclusion} conclusion and ${annotations.length} annotations for ${linterName}…`,
 		);
-		await request(`https://api.github.com/repos/${context.repository.repoName}/check-runs`, {
+		await request(`${process.env.GITHUB_API_URL}/repos/${context.repository.repoName}/check-runs`, {
 			method: "POST",
 			headers: {
 				"Content-Type": "application/json",
diff --git a/src/github/context.js b/src/github/context.js
index 336f1408..0f19c694 100644
--- a/src/github/context.js
+++ b/src/github/context.js
@@ -19,7 +19,9 @@ const { getEnv } = require("../utils/action");
  * Information about the GitHub repository and its fork (if it exists)
  * @typedef GithubRepository
  * @property {string} repoName Repo name.
+ * @property {string} cloneUrl Repo clone URL.
  * @property {string} forkName Fork name.
+ * @property {string} forkCloneUrl Fork repo clone URL.
  * @property {boolean} hasFork Whether repo has a fork.
  */
 
@@ -88,17 +90,23 @@ function parseBranch(eventName, event) {
  */
 function parseRepository(eventName, event) {
 	const repoName = event.repository.full_name;
+	const cloneUrl = event.repository.clone_url;
 	let forkName;
+	let forkCloneUrl;
 	if (eventName === "pull_request" || eventName === "pull_request_target") {
 		// "pull_request" events are triggered on the repository where the PR is made. The PR branch can
 		// be on the same repository (`forkRepository` is set to `null`) or on a fork (`forkRepository`
 		// is defined)
 		const headRepoName = event.pull_request.head.repo.full_name;
 		forkName = repoName === headRepoName ? undefined : headRepoName;
+		const headForkCloneUrl = event.pull_request.head.repo.clone_url;
+		forkCloneUrl = cloneUrl === headForkCloneUrl ? undefined : headForkCloneUrl;
 	}
 	return {
 		repoName,
+		cloneUrl,
 		forkName,
+		forkCloneUrl,
 		hasFork: forkName != null && forkName !== repoName,
 	};
 }
diff --git a/test/github/context.test.js b/test/github/context.test.js
index fb086c2a..04dd22d4 100644
--- a/test/github/context.test.js
+++ b/test/github/context.test.js
@@ -106,7 +106,9 @@ describe("parseRepository()", () => {
 		// Fork detection is not supported for "push" events
 		expect(parseRepository("push", pushEvent)).toEqual({
 			repoName: REPOSITORY,
+			cloneUrl: `https://github.com/${REPOSITORY}.git`,
 			forkName: undefined,
+			forkCloneUrl: undefined,
 			hasFork: false,
 		});
 	});
@@ -114,13 +116,17 @@ describe("parseRepository()", () => {
 	test('works with "pull_request" event on repository without fork', () => {
 		expect(parseRepository("pull_request", prOpenEvent)).toEqual({
 			repoName: REPOSITORY,
+			cloneUrl: `https://github.com/${REPOSITORY}.git`,
 			forkName: undefined,
+			forkCloneUrl: undefined,
 			hasFork: false,
 		});
 
 		expect(parseRepository("pull_request", prSyncEvent)).toEqual({
 			repoName: REPOSITORY,
+			cloneUrl: `https://github.com/${REPOSITORY}.git`,
 			forkName: undefined,
+			forkCloneUrl: undefined,
 			hasFork: false,
 		});
 	});
@@ -128,17 +134,23 @@ describe("parseRepository()", () => {
 	test('works with "pull_request" event on repository with fork', () => {
 		const prOpenEventMod = { ...prOpenEvent };
 		prOpenEventMod.pull_request.head.repo.full_name = FORK_REPOSITORY;
+		prOpenEventMod.pull_request.head.repo.clone_url = `https://github.com/${FORK_REPOSITORY}.git`;
 		expect(parseRepository("pull_request", prOpenEventMod)).toEqual({
 			repoName: REPOSITORY,
+			cloneUrl: `https://github.com/${REPOSITORY}.git`,
 			forkName: FORK_REPOSITORY,
+			forkCloneUrl: `https://github.com/${FORK_REPOSITORY}.git`,
 			hasFork: true,
 		});
 
 		const prSyncEventMod = { ...prSyncEvent };
 		prSyncEventMod.pull_request.head.repo.full_name = FORK_REPOSITORY;
+		prSyncEventMod.pull_request.head.repo.clone_url = `https://github.com/${FORK_REPOSITORY}.git`;
 		expect(parseRepository("pull_request", prSyncEventMod)).toEqual({
 			repoName: REPOSITORY,
+			cloneUrl: `https://github.com/${REPOSITORY}.git`,
 			forkName: FORK_REPOSITORY,
+			forkCloneUrl: `https://github.com/${FORK_REPOSITORY}.git`,
 			hasFork: true,
 		});
 	});