mirror of https://gitea.com/actions/checkout.git
Compare commits
12 Commits
a4e9dbb52e
...
8e5a89f166
Author | SHA1 | Date |
---|---|---|
Mikael Finstad | 8e5a89f166 | |
dependabot[bot] | 8459bc0c7e | |
dependabot[bot] | 3f603f6d5e | |
dependabot[bot] | fd084cde18 | |
Cory Miller | 9c1e94e0ad | |
John Wesley Walker III | 0ad4b8fada | |
John Wesley Walker III | 43045ae669 | |
dependabot[bot] | 37b082107b | |
Cory Miller | 9839dc14a0 | |
dependabot[bot] | 9b4c13b0bf | |
Cory Miller | 1d96c772d1 | |
Mikael Finstad | 79a832ff0d |
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
version: 2
|
||||
|
||||
updates:
|
||||
- package-ecosystem: "npm"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
groups:
|
||||
minor-npm-dependencies:
|
||||
# NPM: Only group minor and patch updates (we want to carefully review major updates)
|
||||
update-types: [minor, patch]
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
groups:
|
||||
minor-actions-dependencies:
|
||||
# GitHub Actions: Only group minor and patch updates (we want to carefully review major updates)
|
||||
update-types: [minor, patch]
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Set Node.js 20.x
|
||||
uses: actions/setup-node@v1
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 20.x
|
||||
|
||||
|
@ -44,7 +44,7 @@ jobs:
|
|||
fi
|
||||
|
||||
# If dist/ was different than expected, upload the expected version as an artifact
|
||||
- uses: actions/upload-artifact@v2
|
||||
- uses: actions/upload-artifact@v4
|
||||
if: ${{ failure() && steps.diff.conclusion == 'failure' }}
|
||||
with:
|
||||
name: dist
|
||||
|
|
|
@ -42,7 +42,7 @@ jobs:
|
|||
uses: actions/checkout@v3
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
uses: github/codeql-action/init@v3
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
|
@ -55,4 +55,4 @@ jobs:
|
|||
- run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
uses: github/codeql-action/analyze@v3
|
||||
|
|
|
@ -8,7 +8,7 @@ on:
|
|||
- releases/*
|
||||
|
||||
|
||||
# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow,
|
||||
# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow,
|
||||
# these refer to "test-data" branches on this actions/checkout repo.
|
||||
# (For example, test-data/v2/basic -> https://github.com/actions/checkout/tree/test-data/v2/basic)
|
||||
|
||||
|
@ -16,7 +16,7 @@ jobs:
|
|||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/setup-node@v1
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 20.x
|
||||
- uses: actions/checkout@v3
|
||||
|
@ -37,7 +37,7 @@ jobs:
|
|||
steps:
|
||||
# Clone this repo
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@v4.1.1
|
||||
|
||||
# Basic checkout
|
||||
- name: Checkout basic
|
||||
|
@ -257,7 +257,7 @@ jobs:
|
|||
path: basic
|
||||
- name: Verify basic
|
||||
run: __test__/verify-basic.sh --archive
|
||||
|
||||
|
||||
test-git-container:
|
||||
runs-on: ubuntu-latest
|
||||
container: bitnami/git:latest
|
||||
|
|
|
@ -31,7 +31,7 @@ jobs:
|
|||
# Use `docker/login-action` to log in to GHCR.io.
|
||||
# Once published, the packages are scoped to the account defined here.
|
||||
- name: Log in to the ghcr.io container registry
|
||||
uses: docker/login-action@v3.0.0
|
||||
uses: docker/login-action@v3.1.0
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
|
@ -48,7 +48,7 @@ jobs:
|
|||
|
||||
# Use `docker/build-push-action` to build (and optionally publish) the image.
|
||||
- name: Build Docker Image (with optional Push)
|
||||
uses: docker/build-push-action@v5.1.0
|
||||
uses: docker/build-push-action@v5.3.0
|
||||
with:
|
||||
context: .
|
||||
file: images/test-ubuntu-git.Dockerfile
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
11
CHANGELOG.md
11
CHANGELOG.md
|
@ -1,5 +1,16 @@
|
|||
# Changelog
|
||||
|
||||
## v4.1.4
|
||||
- Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1692
|
||||
- Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688
|
||||
- Bump the minor-actions-dependencies group with 2 updates by @dependabot in https://github.com/actions/checkout/pull/1693
|
||||
- Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in https://github.com/actions/checkout/pull/1643
|
||||
|
||||
## v4.1.3
|
||||
- Check git version before attempting to disable `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1656
|
||||
- Add SSH user parameter by @cory-miller in https://github.com/actions/checkout/pull/1685
|
||||
- Update `actions/checkout` version in `update-main-version.yml` by @jww3 in https://github.com/actions/checkout/pull/1650
|
||||
|
||||
## v4.1.2
|
||||
- Fix: Disable sparse checkout whenever `sparse-checkout` option is not present @dscho in https://github.com/actions/checkout/pull/1598
|
||||
|
||||
|
|
|
@ -35,6 +35,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
|||
#
|
||||
# We recommend using a service account with the least permissions necessary. Also
|
||||
# when generating a new PAT, select the least scopes necessary.
|
||||
# For a basic restricted reference, you can use the same permissions as the
|
||||
# [`GITHUB_TOKEN` gives.](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
|
||||
# This means creating a "Fine-grained personal access token" with the
|
||||
# `content` and `metadata` permissions.
|
||||
#
|
||||
# [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
|
||||
#
|
||||
|
@ -62,6 +66,11 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
|||
# Default: true
|
||||
ssh-strict: ''
|
||||
|
||||
# The user to use when connecting to the remote SSH host. By default 'git' is
|
||||
# used.
|
||||
# Default: git
|
||||
ssh-user: ''
|
||||
|
||||
# Whether to configure the token or SSH key with the local git config
|
||||
# Default: true
|
||||
persist-credentials: ''
|
||||
|
|
|
@ -169,8 +169,9 @@ describe('git-auth-helper tests', () => {
|
|||
|
||||
// Mock fs.promises.readFile
|
||||
const realReadFile = fs.promises.readFile
|
||||
jest.spyOn(fs.promises, 'readFile').mockImplementation(
|
||||
async (file: any, options: any): Promise<Buffer> => {
|
||||
jest
|
||||
.spyOn(fs.promises, 'readFile')
|
||||
.mockImplementation(async (file: any, options: any): Promise<Buffer> => {
|
||||
const userKnownHostsPath = path.join(
|
||||
os.homedir(),
|
||||
'.ssh',
|
||||
|
@ -181,8 +182,7 @@ describe('git-auth-helper tests', () => {
|
|||
}
|
||||
|
||||
return await realReadFile(file, options)
|
||||
}
|
||||
)
|
||||
})
|
||||
|
||||
// Act
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
|
@ -821,6 +821,7 @@ async function setup(testName: string): Promise<void> {
|
|||
sshKey: sshPath ? 'some ssh private key' : '',
|
||||
sshKnownHosts: '',
|
||||
sshStrict: true,
|
||||
sshUser: '',
|
||||
workflowOrganizationId: 123456,
|
||||
setSafeDirectory: true,
|
||||
githubServerUrl: githubServerUrl
|
||||
|
|
|
@ -7,11 +7,11 @@ let git: IGitCommandManager
|
|||
|
||||
describe('ref-helper tests', () => {
|
||||
beforeEach(() => {
|
||||
git = ({} as unknown) as IGitCommandManager
|
||||
git = {} as unknown as IGitCommandManager
|
||||
})
|
||||
|
||||
it('getCheckoutInfo requires git', async () => {
|
||||
const git = (null as unknown) as IGitCommandManager
|
||||
const git = null as unknown as IGitCommandManager
|
||||
try {
|
||||
await refHelper.getCheckoutInfo(git, 'refs/heads/my/branch', commit)
|
||||
throw new Error('Should not reach here')
|
||||
|
|
|
@ -68,7 +68,7 @@ describe('retry-helper tests', () => {
|
|||
|
||||
it('all attempts fail succeeds', async () => {
|
||||
let attempts = 0
|
||||
let error: Error = (null as unknown) as Error
|
||||
let error: Error = null as unknown as Error
|
||||
try {
|
||||
await retryHelper.execute(() => {
|
||||
throw new Error(`some error ${++attempts}`)
|
||||
|
|
|
@ -18,6 +18,20 @@ else
|
|||
exit 1
|
||||
fi
|
||||
|
||||
# Verify that sparse-checkout is disabled.
|
||||
SPARSE_CHECKOUT_ENABLED=$(git -C ./basic config --local --get-all core.sparseCheckout)
|
||||
if [ "$SPARSE_CHECKOUT_ENABLED" != "" ]; then
|
||||
echo "Expected sparse-checkout to be disabled (discovered: $SPARSE_CHECKOUT_ENABLED)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Verify git configuration shows worktreeConfig is effectively disabled
|
||||
WORKTREE_CONFIG_ENABLED=$(git -C ./basic config --local --get-all extensions.worktreeConfig)
|
||||
if [[ "$WORKTREE_CONFIG_ENABLED" != "" ]]; then
|
||||
echo "Expected extensions.worktreeConfig (boolean) to be disabled in git config. This could be an artifact of sparse checkout functionality."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Verify auth token
|
||||
cd basic
|
||||
git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
|
||||
|
|
|
@ -45,6 +45,10 @@ inputs:
|
|||
and `CheckHostIP=no` to the SSH command line. Use the input `ssh-known-hosts` to
|
||||
configure additional hosts.
|
||||
default: true
|
||||
ssh-user:
|
||||
description: >
|
||||
The user to use when connecting to the remote SSH host. By default 'git' is used.
|
||||
default: git
|
||||
persist-credentials:
|
||||
description: 'Whether to configure the token or SSH key with the local git config'
|
||||
default: true
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -1,5 +1,6 @@
|
|||
module.exports = {
|
||||
clearMocks: true,
|
||||
fakeTimers: {},
|
||||
moduleFileExtensions: ['js', 'ts'],
|
||||
testEnvironment: 'node',
|
||||
testMatch: ['**/*.test.ts'],
|
||||
|
|
File diff suppressed because it is too large
Load Diff
42
package.json
42
package.json
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "checkout",
|
||||
"version": "4.1.3",
|
||||
"version": "4.1.4",
|
||||
"description": "checkout action",
|
||||
"main": "lib/main.js",
|
||||
"scripts": {
|
||||
|
@ -28,28 +28,28 @@
|
|||
},
|
||||
"homepage": "https://github.com/actions/checkout#readme",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.0",
|
||||
"@actions/exec": "^1.0.1",
|
||||
"@actions/github": "^5.0.0",
|
||||
"@actions/core": "^1.10.1",
|
||||
"@actions/exec": "^1.1.1",
|
||||
"@actions/github": "^6.0.0",
|
||||
"@actions/io": "^1.1.3",
|
||||
"@actions/tool-cache": "^1.1.2",
|
||||
"uuid": "^3.3.3"
|
||||
"@actions/tool-cache": "^2.0.1",
|
||||
"uuid": "^9.0.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/jest": "^27.0.2",
|
||||
"@types/node": "^20.5.3",
|
||||
"@types/uuid": "^3.4.6",
|
||||
"@typescript-eslint/eslint-plugin": "^5.45.0",
|
||||
"@typescript-eslint/parser": "^5.45.0",
|
||||
"@vercel/ncc": "^0.36.1",
|
||||
"eslint": "^7.32.0",
|
||||
"eslint-plugin-github": "^4.3.2",
|
||||
"eslint-plugin-jest": "^25.7.0",
|
||||
"jest": "^27.3.0",
|
||||
"jest-circus": "^27.3.0",
|
||||
"js-yaml": "^3.13.1",
|
||||
"prettier": "^1.19.1",
|
||||
"ts-jest": "^27.0.7",
|
||||
"typescript": "^4.4.4"
|
||||
"@types/jest": "^29.5.12",
|
||||
"@types/node": "^20.12.7",
|
||||
"@types/uuid": "^9.0.8",
|
||||
"@typescript-eslint/eslint-plugin": "^7.7.1",
|
||||
"@typescript-eslint/parser": "^7.7.1",
|
||||
"@vercel/ncc": "^0.38.1",
|
||||
"eslint": "^8.57.0",
|
||||
"eslint-plugin-github": "^4.10.2",
|
||||
"eslint-plugin-jest": "^28.2.0",
|
||||
"jest": "^29.7.0",
|
||||
"jest-circus": "^29.7.0",
|
||||
"js-yaml": "^4.1.0",
|
||||
"prettier": "^3.2.5",
|
||||
"ts-jest": "^29.1.2",
|
||||
"typescript": "^5.4.5"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,8 +18,9 @@ export function directoryExistsSync(path: string, required?: boolean): boolean {
|
|||
}
|
||||
|
||||
throw new Error(
|
||||
`Encountered an error when checking whether path '${path}' exists: ${(error as any)
|
||||
?.message ?? error}`
|
||||
`Encountered an error when checking whether path '${path}' exists: ${
|
||||
(error as any)?.message ?? error
|
||||
}`
|
||||
)
|
||||
}
|
||||
|
||||
|
@ -45,8 +46,9 @@ export function existsSync(path: string): boolean {
|
|||
}
|
||||
|
||||
throw new Error(
|
||||
`Encountered an error when checking whether path '${path}' exists: ${(error as any)
|
||||
?.message ?? error}`
|
||||
`Encountered an error when checking whether path '${path}' exists: ${
|
||||
(error as any)?.message ?? error
|
||||
}`
|
||||
)
|
||||
}
|
||||
|
||||
|
@ -67,8 +69,9 @@ export function fileExistsSync(path: string): boolean {
|
|||
}
|
||||
|
||||
throw new Error(
|
||||
`Encountered an error when checking whether path '${path}' exists: ${(error as any)
|
||||
?.message ?? error}`
|
||||
`Encountered an error when checking whether path '${path}' exists: ${
|
||||
(error as any)?.message ?? error
|
||||
}`
|
||||
)
|
||||
}
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ import * as path from 'path'
|
|||
import * as regexpHelper from './regexp-helper'
|
||||
import * as stateHelper from './state-helper'
|
||||
import * as urlHelper from './url-helper'
|
||||
import {default as uuid} from 'uuid/v4'
|
||||
import {v4 as uuid} from 'uuid'
|
||||
import {IGitCommandManager} from './git-command-manager'
|
||||
import {IGitSourceSettings} from './git-source-settings'
|
||||
|
||||
|
@ -49,7 +49,7 @@ class GitAuthHelper {
|
|||
gitSourceSettings: IGitSourceSettings | undefined
|
||||
) {
|
||||
this.git = gitCommandManager
|
||||
this.settings = gitSourceSettings || (({} as unknown) as IGitSourceSettings)
|
||||
this.settings = gitSourceSettings || ({} as unknown as IGitSourceSettings)
|
||||
|
||||
// Token auth header
|
||||
const serverUrl = urlHelper.getServerUrl(this.settings.githubServerUrl)
|
||||
|
|
|
@ -178,6 +178,8 @@ class GitCommandManager {
|
|||
|
||||
async disableSparseCheckout(): Promise<void> {
|
||||
await this.execGit(['sparse-checkout', 'disable'])
|
||||
// Disabling 'sparse-checkout` leaves behind an undesirable side-effect in config (even in a pristine environment).
|
||||
await this.tryConfigUnset('extensions.worktreeConfig', false)
|
||||
}
|
||||
|
||||
async sparseCheckout(sparseCheckout: string[]): Promise<void> {
|
||||
|
|
|
@ -94,6 +94,11 @@ export interface IGitSourceSettings {
|
|||
*/
|
||||
sshStrict: boolean
|
||||
|
||||
/**
|
||||
* The SSH user to login as
|
||||
*/
|
||||
sshUser: string
|
||||
|
||||
/**
|
||||
* Indicates whether to persist the credentials on disk to enable scripting authenticated git commands
|
||||
*/
|
||||
|
|
|
@ -6,7 +6,7 @@ import * as io from '@actions/io'
|
|||
import * as path from 'path'
|
||||
import * as retryHelper from './retry-helper'
|
||||
import * as toolCache from '@actions/tool-cache'
|
||||
import {default as uuid} from 'uuid/v4'
|
||||
import {v4 as uuid} from 'uuid'
|
||||
import {getServerApiUrl} from './url-helper'
|
||||
|
||||
const IS_WINDOWS = process.platform === 'win32'
|
||||
|
|
|
@ -6,7 +6,7 @@ import * as workflowContextHelper from './workflow-context-helper'
|
|||
import {IGitSourceSettings} from './git-source-settings'
|
||||
|
||||
export async function getInputs(): Promise<IGitSourceSettings> {
|
||||
const result = ({} as unknown) as IGitSourceSettings
|
||||
const result = {} as unknown as IGitSourceSettings
|
||||
|
||||
// GitHub workspace
|
||||
let githubWorkspacePath = process.env['GITHUB_WORKSPACE']
|
||||
|
@ -143,13 +143,15 @@ export async function getInputs(): Promise<IGitSourceSettings> {
|
|||
result.sshKnownHosts = core.getInput('ssh-known-hosts')
|
||||
result.sshStrict =
|
||||
(core.getInput('ssh-strict') || 'true').toUpperCase() === 'TRUE'
|
||||
result.sshUser = core.getInput('ssh-user')
|
||||
|
||||
// Persist credentials
|
||||
result.persistCredentials =
|
||||
(core.getInput('persist-credentials') || 'false').toUpperCase() === 'TRUE'
|
||||
|
||||
// Workflow organization ID
|
||||
result.workflowOrganizationId = await workflowContextHelper.getOrganizationId()
|
||||
result.workflowOrganizationId =
|
||||
await workflowContextHelper.getOrganizationId()
|
||||
|
||||
// Set safe.directory in git global config.
|
||||
result.setSafeDirectory =
|
||||
|
|
|
@ -20,7 +20,7 @@ function updateUsage(
|
|||
}
|
||||
|
||||
// Load the action.yml
|
||||
const actionYaml = yaml.safeLoad(fs.readFileSync(actionYamlPath).toString())
|
||||
const actionYaml = yaml.load(fs.readFileSync(actionYamlPath).toString())
|
||||
|
||||
// Load the README
|
||||
const originalReadme = fs.readFileSync(readmePath).toString()
|
||||
|
|
|
@ -23,7 +23,7 @@ export async function getCheckoutInfo(
|
|||
throw new Error('Args ref and commit cannot both be empty')
|
||||
}
|
||||
|
||||
const result = ({} as unknown) as ICheckoutInfo
|
||||
const result = {} as unknown as ICheckoutInfo
|
||||
const upperRef = (ref || '').toUpperCase()
|
||||
|
||||
// SHA only
|
||||
|
|
|
@ -12,7 +12,8 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
|
|||
const encodedOwner = encodeURIComponent(settings.repositoryOwner)
|
||||
const encodedName = encodeURIComponent(settings.repositoryName)
|
||||
if (settings.sshKey) {
|
||||
return `git@${serviceUrl.hostname}:${encodedOwner}/${encodedName}.git`
|
||||
const user = settings.sshUser.length > 0 ? settings.sshUser : 'git'
|
||||
return `${user}@${serviceUrl.hostname}:${encodedOwner}/${encodedName}.git`
|
||||
}
|
||||
|
||||
// "origin" is SCHEME://HOSTNAME[:PORT]
|
||||
|
|
|
@ -23,8 +23,9 @@ export async function getOrganizationId(): Promise<number | undefined> {
|
|||
return id as number
|
||||
} catch (err) {
|
||||
core.debug(
|
||||
`Unable to load organization ID from GITHUB_EVENT_PATH: ${(err as any)
|
||||
.message || err}`
|
||||
`Unable to load organization ID from GITHUB_EVENT_PATH: ${
|
||||
(err as any).message || err
|
||||
}`
|
||||
)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue