Allowing Access to Private Repo

[iiTzHyper]

I am not quite sure how to configure this. I have heard that I can use GITHUB_TOKEN authenticate.

- name: Configuring GitHub Access
        env:
            TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run:
          git config --global url."https://${TOKEN}@github.com/<Username>/<Repo Name>".insteadOf "https://github.com/<Username>/<Repo Name>"

Is this the right way to configure it?

[robertbrignull]

Could you explain more what you're trying to achieve and what is not working? This currently seems to be more of a general GitHub Actions question, and not really about the codeql-action.

Perhaps the issue is that the token from secrets.GITHUB_TOKEN only has access to read the repository that the workflow is from. If you want to clone other private repositories in your workflow you'll need to use a personal access token or a deploy key.

[robertbrignull]

What is the error message you are getting?

The only place where the codeql-action requires access to another repository is if you are wanting to run queries located in that repository. Is that what you're wanting to do?

Also note that code scanning is only free for public repositories, and is still in beta so you need to sign up for it. You can sign up for the beta on the "security" tab on your repository.

[robertbrignull]

You're still on the waiting list as you only signed up recently and we're processing people from the start. You'll be onboarded in time. Also, code scanning is only going to be free on open source repositories. To use it on private repositories you'll need to contact GitHub sales.

[ehsankhfr]

@robertbrignull is the codeql still unavailable for non-enterprise accounts` private repos?

[robertbrignull]

@ehsankhfr, yes, CodeQL and Code Scanning are still both only freely available for public repositories. To use on private repositories you'll need a paid account.