├── .gitignore
├── CODEOWNERS
├── Dockerfile
├── SECURITY.md
├── .github
    └── workflows
    │   └── find-code-refs.yml
├── action.yml
└── README.md


/.gitignore:
--------------------------------------------------------------------------------
1 | .vscode/
2 | 


--------------------------------------------------------------------------------
/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @launchdarkly/team-fm-govern
2 | 


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM launchdarkly/ld-find-code-refs-github-action:2.14.0
 2 | 
 3 | LABEL com.github.actions.name="LaunchDarkly Code References"
 4 | LABEL com.github.actions.description="Find references to feature flags in your code."
 5 | LABEL com.github.actions.icon="toggle-right"
 6 | LABEL com.github.actions.color="gray-dark"
 7 | LABEL homepage="https://www.launchdarkly.com"
 8 | 
 9 | ENTRYPOINT ["/ld-find-code-refs-github-action"]
10 | 


--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 | # Reporting and Fixing Security Issues
2 | 
3 | Please report all security issues to the LaunchDarkly security team by submitting a bug bounty report to our [HackerOne program](https://hackerone.com/launchdarkly?type=team). LaunchDarkly will triage and address all valid security issues following the response targets defined in our program policy. Valid security issues may be eligible for a bounty.
4 | 
5 | Please do not open issues or pull requests for security issues. This makes the problem immediately visible to everyone, including potentially malicious actors.
6 | 


--------------------------------------------------------------------------------
/.github/workflows/find-code-refs.yml:
--------------------------------------------------------------------------------
 1 | on: [push, workflow_dispatch]
 2 |     
 3 | name: Find LaunchDarkly flag code references
 4 | concurrency:
 5 |   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
 6 |   cancel-in-progress: true
 7 | 
 8 | jobs:
 9 |   launchDarklyCodeReferences:
10 |     name: LaunchDarkly Code References
11 |     runs-on: ubuntu-latest
12 |     steps:
13 |     - uses: actions/checkout@v4
14 |       with:
15 |         repository: launchdarkly/SupportService
16 |         fetch-depth: 11
17 |     - name: LaunchDarkly Code References
18 |       uses: launchdarkly/find-code-references@main
19 |       with:
20 |         accessToken: ${{ secrets.LD_ACCESS_TOKEN }}
21 |         debug: true
22 |         ignoreServiceErrors: true
23 |         projKey: support-service
24 |         allowTags: true
25 |         prune: true
26 | 


--------------------------------------------------------------------------------
/action.yml:
--------------------------------------------------------------------------------
 1 | name: LaunchDarkly Code References
 2 | description: Find references to feature flags in your code.
 3 | author: LaunchDarkly
 4 | branding:
 5 |   icon: toggle-right
 6 |   color: gray-dark
 7 | inputs: 
 8 |   accessToken: 
 9 |     description: "A token with write access to the LaunchDarkly project."
10 |     required: true
11 |   allowTags: 
12 |     default: "false"
13 |     description: "Enable storing references for tags. Lists the tag as a branch."
14 |     required: false
15 |   baseUri: 
16 |     default: "https://app.launchdarkly.com"
17 |     description: "The base URL of the LaunchDarkly server for this configuration."
18 |     required: false
19 |   contextLines: 
20 |     default: "2"
21 |     description: "The number of context lines above and below a code reference for the job to send to LaunchDarkly. By default, the flag finder will not send any context lines to LaunchDarkly. If < 0, it will send no source code to LaunchDarkly. If 0, it will send only the lines containing flag references. If > 0, it will send that number of context lines above and below the flag reference. You may provide a maximum of 5 context lines."
22 |     required: false
23 |   debug: 
24 |     default: "false"
25 |     description: "Enable verbose debug logging."
26 |     required: false
27 |   ignoreServiceErrors: 
28 |     default: "false"
29 |     description: "If enabled, the scanner will terminate with exit code 0 when the LaunchDarkly API is unreachable or returns an unexpected response."
30 |     required: false
31 |   lookback: 
32 |     default: "10"
33 |     description: "Set the number of commits to search in history for whether you removed a feature flag from code. You may set to 0 to disable this feature. Setting this option to a high value will increase search time."
34 |     required: false
35 |   projKey: 
36 |     description: "Key of the LaunchDarkly project associated with this repository. Found under Account Settings -> Projects in the LaunchDarkly dashboard. Cannot be combined with `projects` block in configuration file."
37 |     required: false
38 |   repoName: 
39 |     description: "The repository name. Defaults to the current GitHub repository."
40 |     required: false
41 |   prune:
42 |     default: "false"
43 |     description: "There is a known issue where the GitHub Action will not prune deleted branch data in private repos. Only enable this if you are running the action in a public repo."
44 |     required: false
45 |   subdirectory:
46 |     description: "The subdirectory to run the action in."
47 |     required: false
48 | runs:
49 |   using: 'docker'
50 |   image: 'Dockerfile'
51 |   env:
52 |     LD_PROJ_KEY: ${{ inputs.projKey }}
53 |     LD_ACCESS_TOKEN: ${{ inputs.accessToken }}
54 |     LD_REPO_NAME: ${{ inputs.repoName }}
55 |     LD_BASE_URI: ${{ inputs.baseUri }}
56 |     LD_CONTEXT_LINES: ${{ inputs.contextLines }}
57 |     LD_ALLOW_TAGS: ${{ inputs.allowTags }}
58 |     LD_DEBUG: ${{ inputs.debug }}
59 |     LD_IGNORE_SERVICE_ERRORS: ${{ inputs.ignoreServiceErrors }}
60 |     LD_LOOKBACK: ${{ inputs.lookback }}
61 |     LD_PRUNE: ${{ inputs.prune }}
62 |     LD_SUBDIRECTORY: ${{ inputs.subdirectory }}
63 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # LaunchDarkly Code References with GitHub Actions
  2 | 
  3 | This GitHub Action is a utility that automatically populates code references in LaunchDarkly. This is useful for finding references to feature flags in your code, both for reference and for code cleanup.
  4 | 
  5 | To find code references in pull requests, use [launchdarkly/find-code-references-in-pull-request](https://github.com/launchdarkly/find-code-references-in-pull-request) instead.
  6 | 
  7 | ## Configuration
  8 | 
  9 | Once you've [created a LaunchDarkly access token](https://docs.launchdarkly.com/home/code/github-actions#prerequisites), store the newly created access token as a repository secret titled `LD_ACCESS_TOKEN`. Under Settings > Secrets in your GitHub repo, you'll see a link to "Add a new secret".  Click that and paste in your access token and click "Save secret".
 10 | 
 11 | (For help storing this see the [GitHub docs](https://help.github.com/en/articles/creating-a-github-action).)
 12 | 
 13 | Next, create a new Actions workflow in your selected GitHub repository (e.g. `code-references.yml`) in the `.github/workflows` directory of your repository.  Under "Edit new file", paste the following code:
 14 | 
 15 | ```yaml
 16 | on: push
 17 | name: Find LaunchDarkly flag code references
 18 | concurrency:
 19 |   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
 20 |   cancel-in-progress: true
 21 | 
 22 | jobs:
 23 |   launchDarklyCodeReferences:
 24 |     name: LaunchDarkly Code References
 25 |     runs-on: ubuntu-latest
 26 |     steps:
 27 |     - uses: actions/checkout@v4
 28 |       with:
 29 |         fetch-depth: 11 # This value must be set if the lookback configuration option is not disabled for find-code-references. Read more: https://github.com/launchdarkly/ld-find-code-refs#searching-for-unused-flags-extinctions
 30 |     - name: LaunchDarkly Code References
 31 |       uses: launchdarkly/find-code-references@v2.14.0
 32 |       with:
 33 |         accessToken: ${{ secrets.LD_ACCESS_TOKEN }}
 34 |         projKey: LD_PROJECT_KEY
 35 | ```
 36 | 
 37 | We strongly recommend that you update the second `uses` attribute value to reference the latest tag in the [launchdarkly/find-code-references repository](https://github.com/launchdarkly/find-code-references). This will pin your workflow to a particular version of the `launchdarkly/find-code-references` action. Also, make sure to change `projKey` to the key of the LaunchDarkly project associated with this repository.
 38 | 
 39 | Commit this file under a new branch. Submit as a PR to your code reviewers to be merged into your default branch. You do not need to have this new branch merged into the default branch for code references to appear in the LaunchDarkly UI for your flags. Code references appear for this new branch as soon as it is published.
 40 | 
 41 | As shown in the above example, the workflow should run on the `push` event, and contain an action provided by the [launchdarkly/find-code-references repository](https://github.com/launchdarkly/find-code-references). The `LD_ACCESS_TOKEN` configured in the previous step should be included as a secret, as well as a new environment variable containing your LaunchDarkly project key.
 42 | 
 43 | ## Additional configuration
 44 | 
 45 | To customize additional configuration not referenced in [Inputs](#inputs), you may use a configuration file located at `.launchdarkly/coderefs.yml`. The following links provide more inforation about configurable options:
 46 | 
 47 | - [All configuration options](https://github.com/launchdarkly/ld-find-code-refs/blob/main/docs/CONFIGURATION.md)
 48 | - [Monorepo configuration](https://github.com/launchdarkly/ld-find-code-refs/blob/main/docs/CONFIGURATION.md#projects)
 49 | - [Alias configuration](https://github.com/launchdarkly/ld-find-code-refs/blob/main/docs/ALIASES.md).
 50 | 
 51 | ## Additional Examples
 52 | The example below is the same as first, but it also excludes any `dependabot` branches. We suggest excluding any automatically generated branches where flags do not change.
 53 | 
 54 | ```yaml
 55 | on:
 56 |   push:
 57 |     branches-ignore:
 58 |       - 'dependabot/**'
 59 | 
 60 | name: Find LaunchDarkly flag code references
 61 | concurrency:
 62 |   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
 63 |   cancel-in-progress: true
 64 | 
 65 | jobs:
 66 |   launchDarklyCodeReferences:
 67 |     name: LaunchDarkly Code References
 68 |     runs-on: ubuntu-latest
 69 |     steps:
 70 |     - uses: actions/checkout@v4
 71 |       with:
 72 |         fetch-depth: 11 # This value must be set if the lookback configuration option is not disabled for find-code-references. Read more: https://github.com/launchdarkly/ld-find-code-refs#searching-for-unused-flags-extinctions
 73 |     - name: LaunchDarkly Code References
 74 |       uses: launchdarkly/find-code-references@v2.14.0
 75 |       with:
 76 |         accessToken: ${{ secrets.LD_ACCESS_TOKEN }}
 77 |         projKey: LD_PROJECT_KEY
 78 | ```
 79 | 
 80 | ## Troubleshooting
 81 | 
 82 | Once your workflow has been created, the best way to confirm that the workflow is executing correctly is to create a new pull request with the workflow file and verify that the newly created action succeeds.
 83 | 
 84 | If the action fails, there may be a problem with your configuration. To investigate, dig into the action's logs to view any error messages.
 85 | 
 86 | <!-- action-docs-inputs source="action.yml" -->
 87 | ## Inputs
 88 | 
 89 | | name | description | required | default |
 90 | | --- | --- | --- | --- |
 91 | | `accessToken` | <p>A token with write access to the LaunchDarkly project.</p> | `true` | `""` |
 92 | | `allowTags` | <p>Enable storing references for tags. Lists the tag as a branch.</p> | `false` | `false` |
 93 | | `baseUri` | <p>The base URL of the LaunchDarkly server for this configuration.</p> | `false` | `https://app.launchdarkly.com` |
 94 | | `contextLines` | <p>The number of context lines above and below a code reference for the job to send to LaunchDarkly. By default, the flag finder will not send any context lines to LaunchDarkly. If < 0, it will send no source code to LaunchDarkly. If 0, it will send only the lines containing flag references. If > 0, it will send that number of context lines above and below the flag reference. You may provide a maximum of 5 context lines.</p> | `false` | `2` |
 95 | | `debug` | <p>Enable verbose debug logging.</p> | `false` | `false` |
 96 | | `ignoreServiceErrors` | <p>If enabled, the scanner will terminate with exit code 0 when the LaunchDarkly API is unreachable or returns an unexpected response.</p> | `false` | `false` |
 97 | | `lookback` | <p>Set the number of commits to search in history for whether you removed a feature flag from code. You may set to 0 to disable this feature. Setting this option to a high value will increase search time.</p> | `false` | `10` |
 98 | | `projKey` | <p>Key of the LaunchDarkly project associated with this repository. Found under Account Settings -&gt; Projects in the LaunchDarkly dashboard. Cannot be combined with <code>projects</code> block in configuration file.</p> | `false` | `""` |
 99 | | `repoName` | <p>The repository name. Defaults to the current GitHub repository.</p> | `false` | `""` |
100 | | `prune` | <p>There is a known issue where the GitHub Action will not prune deleted branch data in private repos. Only enable this if you are running the action in a public repo.</p> | `false` | `false` |
101 | | `subdirectory` | <p>The subdirectory to run the action in.</p> | `false` | `""` |
102 | <!-- action-docs-inputs source="action.yml" -->
103 | 


--------------------------------------------------------------------------------