diff --git a/lib/analyze-action.js b/lib/analyze-action.js index a94e3af59e..9515b2a434 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -83621,6 +83621,16 @@ async function deleteActionsCache(id) { cache_id: id }); } +function isEnablementError(msg) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/ + ].some((pattern) => pattern.test(msg)); +} +function getFeatureEnablementError(message) { + return `Please verify that the necessary features are enabled: ${message}`; +} function wrapApiConfigurationError(e) { const httpError = asHTTPError(e); if (httpError !== void 0) { @@ -83637,6 +83647,11 @@ function wrapApiConfigurationError(e) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write" ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message) + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index a41fc9c2d2..69e6230d21 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -116758,6 +116758,16 @@ async function listActionsCaches(key, ref) { } ); } +function isEnablementError(msg) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/ + ].some((pattern) => pattern.test(msg)); +} +function getFeatureEnablementError(message) { + return `Please verify that the necessary features are enabled: ${message}`; +} function wrapApiConfigurationError(e) { const httpError = asHTTPError(e); if (httpError !== void 0) { @@ -116774,6 +116784,11 @@ function wrapApiConfigurationError(e) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write" ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message) + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); } diff --git a/lib/init-action.js b/lib/init-action.js index 2302468f1a..c976f2e30a 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -80926,6 +80926,16 @@ async function getRepositoryProperties(repositoryNwo) { repo: repositoryNwo.repo }); } +function isEnablementError(msg) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/ + ].some((pattern) => pattern.test(msg)); +} +function getFeatureEnablementError(message) { + return `Please verify that the necessary features are enabled: ${message}`; +} function wrapApiConfigurationError(e) { const httpError = asHTTPError(e); if (httpError !== void 0) { @@ -80942,6 +80952,11 @@ function wrapApiConfigurationError(e) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write" ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message) + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); } diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index a1a7ecdb25..327dcfcb86 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -79275,6 +79275,16 @@ async function getAnalysisKey() { core5.exportVariable(analysisKeyEnvVar, analysisKey); return analysisKey; } +function isEnablementError(msg) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/ + ].some((pattern) => pattern.test(msg)); +} +function getFeatureEnablementError(message) { + return `Please verify that the necessary features are enabled: ${message}`; +} function wrapApiConfigurationError(e) { const httpError = asHTTPError(e); if (httpError !== void 0) { @@ -79291,6 +79301,11 @@ function wrapApiConfigurationError(e) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write" ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message) + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); } diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 330eeed1a7..bc3545aa64 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -82146,6 +82146,16 @@ function computeAutomationID(analysis_key, environment) { } return automationID; } +function isEnablementError(msg) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/ + ].some((pattern) => pattern.test(msg)); +} +function getFeatureEnablementError(message) { + return `Please verify that the necessary features are enabled: ${message}`; +} function wrapApiConfigurationError(e) { const httpError = asHTTPError(e); if (httpError !== void 0) { @@ -82162,6 +82172,11 @@ function wrapApiConfigurationError(e) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write" ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message) + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); } diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 540515b7ad..ed785239d6 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -82191,6 +82191,16 @@ function computeAutomationID(analysis_key, environment) { } return automationID; } +function isEnablementError(msg) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/ + ].some((pattern) => pattern.test(msg)); +} +function getFeatureEnablementError(message) { + return `Please verify that the necessary features are enabled: ${message}`; +} function wrapApiConfigurationError(e) { const httpError = asHTTPError(e); if (httpError !== void 0) { @@ -82207,6 +82217,11 @@ function wrapApiConfigurationError(e) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write" ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message) + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); } diff --git a/src/api-client.test.ts b/src/api-client.test.ts index d2647b2bbb..29e3ef852e 100644 --- a/src/api-client.test.ts +++ b/src/api-client.test.ts @@ -169,4 +169,39 @@ test("wrapApiConfigurationError correctly wraps specific configuration errors", res, new util.ConfigurationError("Resource not accessible by integration"), ); + + // Enablement errors. + const codeSecurityNotEnabledError = new util.HTTPError( + "Code Security must be enabled for this repository to use code scanning", + 403, + ); + res = api.wrapApiConfigurationError(codeSecurityNotEnabledError); + t.deepEqual( + res, + new util.ConfigurationError( + api.getFeatureEnablementError(codeSecurityNotEnabledError.message), + ), + ); + const advancedSecurityNotEnabledError = new util.HTTPError( + "Advanced Security must be enabled for this repository to use code scanning", + 403, + ); + res = api.wrapApiConfigurationError(advancedSecurityNotEnabledError); + t.deepEqual( + res, + new util.ConfigurationError( + api.getFeatureEnablementError(advancedSecurityNotEnabledError.message), + ), + ); + const codeScanningNotEnabledError = new util.HTTPError( + "Code Scanning is not enabled for this repository. Please enable code scanning in the repository settings.", + 403, + ); + res = api.wrapApiConfigurationError(codeScanningNotEnabledError); + t.deepEqual( + res, + new util.ConfigurationError( + api.getFeatureEnablementError(codeScanningNotEnabledError.message), + ), + ); }); diff --git a/src/api-client.ts b/src/api-client.ts index 4289c2058f..f271c27910 100644 --- a/src/api-client.ts +++ b/src/api-client.ts @@ -283,6 +283,20 @@ export async function getRepositoryProperties(repositoryNwo: RepositoryNwo) { }); } +function isEnablementError(msg: string) { + return [ + /Code Security must be enabled/, + /Advanced Security must be enabled/, + /Code Scanning is not enabled/, + ].some((pattern) => pattern.test(msg)); +} + +// TODO: Move to `error-messages.ts` after refactoring import order to avoid cycle +// since `error-messages.ts` currently depends on this file. +export function getFeatureEnablementError(message: string): string { + return `Please verify that the necessary features are enabled: ${message}`; +} + export function wrapApiConfigurationError(e: unknown) { const httpError = asHTTPError(e); if (httpError !== undefined) { @@ -304,6 +318,11 @@ export function wrapApiConfigurationError(e: unknown) { "Please check that your token is valid and has the required permissions: contents: read, security-events: write", ); } + if (httpError.status === 403 && isEnablementError(httpError.message)) { + return new ConfigurationError( + getFeatureEnablementError(httpError.message), + ); + } if (httpError.status === 429) { return new ConfigurationError("API rate limit exceeded"); }