codeql-action icon indicating copy to clipboard operation
codeql-action copied to clipboard
verified publisher icon github

Clarify documentation for the `tools` field in the `init` action

Open sidshank opened this issue 3 years ago • 1 comments

The CodeQL init action YML file has a field called tools. The field is optional, but when specified, should reference a URL to the CodeQL tools:

https://github.com/github/codeql-action/blob/40542d38bc4936c2ca7da883aeb050a6081b4b31/init/action.yml#L5

We need clear documentation for our customers on how they might specify the tools field to point to a specific version of CodeQL. For example, if a new version of CodeQL breaks their workflow for some reason, they might want to downgrade to the last working CodeQL version until the issue is resolved.

Specifically, it would be nice to have documentation on how users can derive / construct the URL that needs to be specified for the tools field.

sidshank avatar Oct 26 '22 19:10 sidshank

fwiw, making this the complete URL (e.g. https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.13.4/codeql-bundle-linux64.tar.gz) works in my setup.

brendandburns avatar Jun 22 '23 16:06 brendandburns