diff --git a/docs/codeql/codeql-cli/about-codeql-workspaces.rst b/docs/codeql/codeql-cli/about-codeql-workspaces.rst index 3f27672d502..bab102d7ff6 100644 --- a/docs/codeql/codeql-cli/about-codeql-workspaces.rst +++ b/docs/codeql/codeql-cli/about-codeql-workspaces.rst @@ -14,10 +14,11 @@ In most cases, you should store the CodeQL workspace and the CodeQL packs contai The ``codeql-workspace.yml`` file --------------------------------- -A CodeQL workspace is defined by a ``codeql-workspace.yml`` yaml file. This file contains a ``provide`` block, and optionally an ``ignore`` block. +A CodeQL workspace is defined by a ``codeql-workspace.yml`` yaml file. This file contains a ``provide`` block, and optionally ``ignore``, and ``registries`` blocks. * The ``provide`` block contains a list of glob patterns that define the CodeQL packs that are available in the workspace. * The ``ignore`` block contains a list of glob patterns that define CodeQL packs that are not available in the workspace. +* The ``registries`` block contains a list of GHES URLs and package patterns that control which container registry is used for publishing CodeQL packs. For more information, see :ref:`Working with CodeQL packs on GitHub Enterprise Server `. Each entry in the ``provide`` or ``ignore`` section must map to the location of a ``qlpack.yml`` file. All glob patterns are defined relative to the directory that contains the workspace file. For a list of patterns accepted in this file, see" `@actions/glob `__ . @@ -30,6 +31,10 @@ For example, the following ``codeql-workspace.yml`` file defines a workspace tha ignore: - "*/codeql-packs/**/experimental/**/qlpack.yml" + registries: + - packages: '*' + url: https://containers.GHE_HOSTNAME/v2/ + To verify that your ``codeql-workspace.yml`` file includes the CodeQL packs that you expect, run the ``codeql pack ls`` command in the same directory as your workspace. The result of the command is a list of all CodeQL packs in the workspace. .. _source-dependencies: diff --git a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst index 3aa61e2b7fe..88d57059ea4 100644 --- a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst +++ b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst @@ -74,6 +74,8 @@ The ``analyze`` command will run the default suite of any specified CodeQL packs codeql analyze / / +.. _working-with-codeql-packs-on-ghes: + Working with CodeQL packs on GitHub Enterprise Server ----------------------------------------------------- @@ -91,13 +93,17 @@ For example, the following ``qlconfig.yml`` file associates all packs with the C .. code-block:: yaml registries: - - packages: 'codeql/*' + - packages: + - 'codeql/*' + - 'other-org/*' url: https://ghcr.io/v2/ - packages: '*' url: https://containers.GHE_HOSTNAME/v2/ The CodeQL CLI will determine which registry to use for a given package name by finding the first item in the ``registries`` list with a ``packages`` property that matches that package name. -This means that you'll generally want to define the most specific package name patterns first. +This means that you'll generally want to define the most specific package name patterns first. The ``packages`` property may be a single package name, a glob pattern, or a YAML list of package names and glob patterns. + +The ``registries`` list can also be placed inside of a ``codeql-workspace.yml`` file. Doing so will allow you to fix the registries list for a specific workspace, so that it can be shared amongst other CodeQL users of the workspace. The ``registries`` list in the ``codeql-workspace.yml`` will be merged with and take precedence over the list in the global ``qlconfig.yml``. For more information about ``codeql-workspace.yml``, see :ref:`About CodeQL workspaces `. You can now use ``codeql pack publish``, ``codeql pack download``, and ``codeql database analyze`` to manage packs on GitHub Enterprise Server.