Add repository property for configuration files

[mbg]

This PR is the first in a series of changes which will add the ability to point the CodeQL Action at a configuration file using a repository property.

This PR adds the new repository property and uses its value, if provided and no explicit config-file input is provided for the CodeQL Action in the workflow. In other words, the config-file input has priority over the value of the repository property.

Risk assessment

For internal use only. Please select the risk level of this change:

• Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Which use cases does this change impact?

Workflow types:

• Advanced setup - Impacts users who have custom CodeQL workflows.
• Managed - Impacts users with dynamic workflows (Default Setup, Code Quality, ...).

Products:

• Code Scanning - The changes impact analyses when analysis-kinds: code-scanning.
• Code Quality - The changes impact analyses when analysis-kinds: code-quality.
• Other first-party - The changes impact other first-party analyses.

Environments:

• Dotcom - Impacts CodeQL workflows on github.com and/or GitHub Enterprise Cloud with Data Residency.
• GHES - Impacts CodeQL workflows on GitHub Enterprise Server.

How did/will you validate this change?

• Unit tests - I am depending on unit test coverage (i.e. tests in .test.ts files).

If something goes wrong after this change is released, what are the mitigation and rollback strategies?

• Rollback - Change can only be disabled by rolling back the release or releasing a new version with a fix.

How will you know if something goes wrong after this change is released?

• Telemetry - I rely on existing telemetry or have made changes to the telemetry.
  • Dashboards - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release.
  • Alerts - New or existing monitors will trip if something goes wrong with this change.

Are there any special considerations for merging or releasing this change?

• No special considerations - This change can be merged at any time.

Merge / deployment checklist

• Confirm this change is backwards compatible with existing workflows.
• Consider adding a changelog entry for this change.
• Confirm the readme and docs have been updated if necessary.

[Copilot]

Warning

• Copilot's review of this pull request may be incomplete because some of the changed files are excluded by your Copilot content exclusion settings. See Excluding content from Copilot for details.

Pull request overview

This PR introduces a new repository property (github-codeql-config-file) that can provide the CodeQL configuration file location when no explicit config-file workflow input is set, with the workflow input taking precedence. It wires this selection into the init action and adds unit tests around property loading and the selection logic.

Changes:

• Add RepositoryPropertyName.CONFIG_FILE and parse it from the repository properties API response.
• Add getConfigFileInput() to resolve the effective config file location (workflow input first, otherwise repository property) and use it from init-action.
• Add small test utilities and unit tests for both repository property parsing and config file resolution.

Show a summary per file

File	Description
src/actions-util.ts	Adds an ActionsEnv abstraction and getActionsEnv() to avoid stubbing globals in tests.
src/init-action.ts	Uses repository properties + getConfigFileInput() to determine configFile instead of reading the input directly.
src/feature-flags/properties.ts	Adds the new github-codeql-config-file repository property to the known/parsed property set.
src/feature-flags/properties.test.ts	Extends coverage to ensure the new property is loaded and returned from the API response.
src/config/file.ts	New helper for resolving the effective config file from workflow input vs repository property.
src/config/file.test.ts	Adds unit tests validating precedence and logging for config file resolution.
src/testing-utils.ts	Adds a helper to construct an ActionsEnv for tests.
lib/entry-points.js	Excluded from diff (generated/contents unavailable per policy).

Copilot's findings

Files excluded by content exclusion policy (1)

• lib/entry-points.js

• Files reviewed: 7/8 changed files
• Comments generated: 4