Add query parameters for code scanning, secret scanning, and dependab…

…ot alerts

action.yml

@@ -24,14 +24,23 @@ inputs:
     description: Whether to export code scanning alerts
     required: false
     default: true
+  code-scanning-query-parameters:
+    description: "query parameters as JSON Ex: {\"state\": dismissed}"
+    required: false
   secret-scanning:
     description: Whether to export secret scanning alerts
     required: false
     default: true
+  secret-scanning-query-parameters:
+    description: "query parameters as JSON"
+    required: false
   dependabot:
     description: Whether to export dependabot alerts
     required: false
     default: true
+  dependabot-query-parameters:
+    description: "query parameters as JSON Ex: {\"state\": dismissed}"
+    required: false
 
 outputs:
   dependabot:

src/github-security.ts

@@ -4,6 +4,7 @@ export interface Input {
   organization?: string;
   enterprise?: string;
   repository?: string;
+  queryParams?: any;
 }
 
 const getCodeScanningAlerts = async (
@@ -15,6 +16,7 @@ const getCodeScanningAlerts = async (
       "GET /orgs/{org}/code-scanning/alerts",
       {
         org: input.organization,
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -25,6 +27,7 @@ const getCodeScanningAlerts = async (
       {
         org: input.enterprise,
         // enterprise: input.enterprise,
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -34,6 +37,7 @@ const getCodeScanningAlerts = async (
       {
         owner: input.repository.split("/")[0],
         repo: input.repository.split("/")[1],
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -51,6 +55,7 @@ const getDependabotAlerts = async (
       "GET /orgs/{org}/dependabot/alerts",
       {
         org: input.organization,
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -59,6 +64,7 @@ const getDependabotAlerts = async (
       "GET /enterprises/{enterprise}/dependabot/alerts",
       {
         enterprise: input.enterprise,
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -68,6 +74,7 @@ const getDependabotAlerts = async (
       {
         owner: input.repository.split("/")[0],
         repo: input.repository.split("/")[1],
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -85,6 +92,7 @@ const getSecretScanningAlerts = async (
       "GET /orgs/{org}/secret-scanning/alerts",
       {
         org: input.organization,
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -93,6 +101,7 @@ const getSecretScanningAlerts = async (
       "GET /enterprises/{enterprise}/secret-scanning/alerts",
       {
         enterprise: input.enterprise,
+        ...input.queryParams,
       },
       (response) => response.data
     );
@@ -102,6 +111,7 @@ const getSecretScanningAlerts = async (
       {
         owner: input.repository.split("/")[0],
         repo: input.repository.split("/")[1],
+        ...input.queryParams,
       },
       (response) => response.data
     );

src/index.ts

@@ -8,8 +8,11 @@ interface Input {
   enterprise?: string;
   repository?: string;
   dependabot?: boolean;
+  dependabotQueryParams?: string;
   codeScanning?: boolean;
+  codeScanningQueryParams?: string;
   secretScanning?: boolean;
+  secretScanningQueryParams?: string;
 }
 
 export function getInputs(): Input {
@@ -30,34 +33,42 @@ export function getInputs(): Input {
   if (!result.dependabot && !result.codeScanning && !result.secretScanning) {
     throw new Error("dependabot, code-scanning, or secret-scanning is required");
   }
+  result.dependabotQueryParams = getInput("dependabot-query-params");
+  result.codeScanningQueryParams = getInput("code-scanning-query-params");
+  result.secretScanningQueryParams = getInput("secret-scanning-query-params");
   return result;
 }
 
 export const run = async (): Promise<void> => {
   const input = getInputs();
   const octokit = getOctokit(input.token);
+  const owner = {
+    organization: input.organization,
+    enterprise: input.enterprise,
+    repository: input.repository,
+  };
 
   startGroup('Getting GitHub Security Alerts');
   info(`Settings: ${JSON.stringify(input)}`);
   endGroup();
-
+  
   if (input.dependabot) {
     const dependabotAlerts = group('Dependabot Alerts', async () => {
-      return getDependabotAlerts(octokit, input);
+      return getDependabotAlerts(octokit, { ...owner, queryParams: input.dependabotQueryParams });
     });
     setOutput('dependabot', JSON.stringify(dependabotAlerts));
   }
 
   if (input.codeScanning) {
     const codeScanningAlerts = await group('Code Scanning Alerts', async () => {
-      return getCodeScanningAlerts(octokit, input);
+      return getCodeScanningAlerts(octokit, { ...owner, queryParams: input.codeScanningQueryParams });
     });
     setOutput('code-scanning', JSON.stringify(codeScanningAlerts));
   }
 
   if (input.secretScanning) {
     const secretScanningAlerts = await group('Secret Scanning Alerts', async () => {
-      return getSecretScanningAlerts(octokit, input);
+      return getSecretScanningAlerts(octokit, { ...owner, queryParams: input.secretScanningQueryParams });
     });
     setOutput('secret-scanning', JSON.stringify(secretScanningAlerts));
   }