Merge ab5d862ce8 into c2d88d3ecc

- Updated README.md examples to reference @v6
- Updated all workflow files to use actions/checkout@v6

.github/workflows/check-dist.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v6
 
       - name: Set Node.js 24.x
         uses: actions/setup-node@v4

.github/workflows/codeql-analysis.yml

@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4.1.6
+      uses: actions/checkout@v6
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3

.github/workflows/licensed.yml

@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v6
       - run: npm ci
       - run: npm run licensed-check

.github/workflows/publish-immutable-actions.yml

@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Checking out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Publish
         id: publish
         uses: actions/publish-immutable-action@0.0.3

.github/workflows/test.yml

@@ -19,7 +19,7 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           node-version: 24.x
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v6
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
@@ -37,7 +37,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
 
       # Basic checkout
       - name: Checkout basic
@@ -202,7 +202,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
 
       # Basic checkout using git
       - name: Checkout basic
@@ -234,7 +234,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
 
       # Basic checkout using git
       - name: Checkout basic
@@ -264,7 +264,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
         with:
           path: localClone
 
@@ -291,8 +291,8 @@ jobs:
           git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
 
       # needed to make checkout post cleanup succeed
-      - name: Fix Checkout v4
+      - name: Fix Checkout v6
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
         with:
           path: localClone
 
@@ -301,7 +301,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
         with:
           path: actions-checkout
 

.github/workflows/update-main-version.yml

@@ -23,7 +23,7 @@ jobs:
     # Note this update workflow can also be used as a rollback tool.
     # For that reason, it's best to pin `actions/checkout` to a known, stable version
     # (typically, about two releases back).
-    - uses: actions/checkout@v4.1.6
+    - uses: actions/checkout@v6
       with:
         fetch-depth: 0
     - name: Git config

.github/workflows/update-test-ubuntu-git.yml

@@ -26,7 +26,7 @@ jobs:
  
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       # Use `docker/login-action` to log in to GHCR.io. 
       # Once published, the packages are scoped to the account defined here.

README.md

@@ -51,7 +51,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 
 <!-- start usage -->
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     # Repository name with owner. For example, actions/checkout
     # Default: ${{ github.repository }}
@@ -74,6 +74,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     # Default: ${{ github.token }}
     token: ''
 
+    # Github slug used to configure local user.name and user.email for git. This is
+    # required to push a commit from a Github Action Workflow. Set to '' to disable
+    # this configuration.
+    # Default: github-action[bot]
+    git-user: ''
+
     # SSH key used to fetch the repository. The SSH key is configured with the local
     # git config, which enables your scripts to run authenticated git commands. The
     # post-job step removes the SSH key.
@@ -190,7 +196,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only the root files
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     sparse-checkout: .
 ```
@@ -198,7 +204,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only the root files and `.github` and `src` folder
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     sparse-checkout: |
       .github
@@ -208,7 +214,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only a single file
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     sparse-checkout: |
       README.md
@@ -218,7 +224,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch all history for all tags and branches
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     fetch-depth: 0
 ```
@@ -226,7 +232,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout a different branch
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     ref: my-branch
 ```
@@ -234,7 +240,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout HEAD^
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     fetch-depth: 2
 - run: git checkout HEAD^
@@ -244,12 +250,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
   with:
     path: main
 
 - name: Checkout tools repo
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
   with:
     repository: my-org/my-tools
     path: my-tools
@@ -260,10 +266,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
 
 - name: Checkout tools repo
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
   with:
     repository: my-org/my-tools
     path: my-tools
@@ -274,12 +280,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
   with:
     path: main
 
 - name: Checkout private tools
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
   with:
     repository: my-org/my-private-tools
     token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
@@ -292,7 +298,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout pull request HEAD commit instead of merge commit
 
 ```yaml
-- uses: actions/checkout@v5
+- uses: actions/checkout@v6
   with:
     ref: ${{ github.event.pull_request.head.sha }}
 ```
@@ -308,7 +314,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 ```
 
 ## Push a commit using the built-in token
@@ -319,12 +325,10 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - run: |
           date > generated.txt
           # Note: the following account information will not work on GHES
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git add .
           git commit -m "generated"
           git push
@@ -341,14 +345,12 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           ref: ${{ github.head_ref }}
       - run: |
           date > generated.txt
           # Note: the following account information will not work on GHES
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git add .
           git commit -m "generated"
           git push

__test__/git-auth-helper.test.ts

@@ -1,12 +1,12 @@
 import * as core from '@actions/core'
 import * as fs from 'fs'
-import * as gitAuthHelper from '../lib/git-auth-helper'
+import * as gitAuthHelper from '../src/git-auth-helper'
 import * as io from '@actions/io'
 import * as os from 'os'
 import * as path from 'path'
-import * as stateHelper from '../lib/state-helper'
+import * as stateHelper from '../src/state-helper'
-import {IGitCommandManager} from '../lib/git-command-manager'
+import {IGitCommandManager} from '../src/git-command-manager'
-import {IGitSourceSettings} from '../lib/git-source-settings'
+import {IGitSourceSettings} from '../src/git-source-settings'
 
 const isWindows = process.platform === 'win32'
 const testWorkspace = path.join(__dirname, '_temp', 'git-auth-helper')
@@ -1173,7 +1173,8 @@ async function setup(testName: string): Promise<void> {
     sshUser: '',
     workflowOrganizationId: 123456,
     setSafeDirectory: true,
-    githubServerUrl: githubServerUrl
+    githubServerUrl: githubServerUrl,
+    gitUser: 'github-action[bot]'
   }
 }
 

__test__/git-command-manager.test.ts

@@ -1,6 +1,6 @@
 import * as exec from '@actions/exec'
-import * as fshelper from '../lib/fs-helper'
+import * as fshelper from '../src/fs-helper'
-import * as commandManager from '../lib/git-command-manager'
+import * as commandManager from '../src/git-command-manager'
 
 let git: commandManager.IGitCommandManager
 let mockExec = jest.fn()

__test__/git-directory-helper.test.ts

@@ -1,9 +1,9 @@
 import * as core from '@actions/core'
 import * as fs from 'fs'
-import * as gitDirectoryHelper from '../lib/git-directory-helper'
+import * as gitDirectoryHelper from '../src/git-directory-helper'
 import * as io from '@actions/io'
 import * as path from 'path'
-import {IGitCommandManager} from '../lib/git-command-manager'
+import {IGitCommandManager} from '../src/git-command-manager'
 
 const testWorkspace = path.join(__dirname, '_temp', 'git-directory-helper')
 let repositoryPath: string

__test__/input-helper.test.ts

@@ -1,10 +1,10 @@
 import * as core from '@actions/core'
-import * as fsHelper from '../lib/fs-helper'
+import * as fsHelper from '../src/fs-helper'
 import * as github from '@actions/github'
-import * as inputHelper from '../lib/input-helper'
+import * as inputHelper from '../src/input-helper'
 import * as path from 'path'
-import * as workflowContextHelper from '../lib/workflow-context-helper'
+import * as workflowContextHelper from '../src/workflow-context-helper'
-import {IGitSourceSettings} from '../lib/git-source-settings'
+import {IGitSourceSettings} from '../src/git-source-settings'
 
 const originalGitHubWorkspace = process.env['GITHUB_WORKSPACE']
 const gitHubWorkspace = path.resolve('/checkout-tests/workspace')

__test__/ref-helper.test.ts

@@ -1,6 +1,6 @@
 import * as assert from 'assert'
-import * as refHelper from '../lib/ref-helper'
+import * as refHelper from '../src/ref-helper'
-import {IGitCommandManager} from '../lib/git-command-manager'
+import {IGitCommandManager} from '../src/git-command-manager'
 
 const commit = '1234567890123456789012345678901234567890'
 let git: IGitCommandManager

__test__/retry-helper.test.ts

@@ -1,5 +1,5 @@
 import * as core from '@actions/core'
-import {RetryHelper} from '../lib/retry-helper'
+import {RetryHelper} from '../src/retry-helper'
 
 let info: string[]
 let retryHelper: any

action.yml

@@ -22,6 +22,12 @@ inputs:
 
       [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
     default: ${{ github.token }}
+  git-user:
+    description: >
+      Github slug used to configure local user.name and user.email for git.
+      This is required to push a commit from a Github Action Workflow.
+      Set to '' to disable this configuration.
+    default: "github-action[bot]"
   ssh-key:
     description: >
       SSH key used to fetch the repository. The SSH key is configured with the local

dist/index.js

@@ -1593,6 +1593,15 @@ function getSource(settings) {
             core.setOutput('commit', commitSHA.trim());
             // Check for incorrect pull request merge commit
             yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.githubServerUrl);
+            if (settings.gitUser) {
+                if (!(yield git.configExists('user.name', true))) {
+                    yield git.config('user.name', settings.gitUser, true);
+                }
+                if (!(yield git.configExists('user.email', true))) {
+                    const userId = yield githubApiHelper.getUserId(settings.gitUser, settings.authToken, settings.githubServerUrl);
+                    yield git.config('user.email', `${userId}+${settings.gitUser}@users.noreply.github.com`, true);
+                }
+            }
         }
         finally {
             // Remove auth
@@ -1782,6 +1791,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", ({ value: true }));
 exports.downloadRepository = downloadRepository;
 exports.getDefaultBranch = getDefaultBranch;
+exports.getUserId = getUserId;
 const assert = __importStar(__nccwpck_require__(9491));
 const core = __importStar(__nccwpck_require__(2186));
 const fs = __importStar(__nccwpck_require__(7147));
@@ -1899,6 +1909,15 @@ function downloadArchive(authToken, owner, repo, ref, commit, baseUrl) {
         return Buffer.from(response.data); // response.data is ArrayBuffer
     });
 }
+function getUserId(username, authToken, baseUrl) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const octokit = github.getOctokit(authToken, {
+            baseUrl: (0, url_helper_1.getServerApiUrl)(baseUrl)
+        });
+        const user = yield octokit.rest.users.getByUsername({ username, });
+        return user.data.id;
+    });
+}
 
 
 /***/ }),
@@ -2049,6 +2068,8 @@ function getInputs() {
         core.debug(`recursive submodules = ${result.nestedSubmodules}`);
         // Auth token
         result.authToken = core.getInput('token', { required: true });
+        // Git user
+        result.gitUser = core.getInput('git-user') || 'github-action[bot]';
         // SSH
         result.sshKey = core.getInput('ssh-key');
         result.sshKnownHosts = core.getInput('ssh-known-hosts');

src/git-source-provider.ts

@@ -274,6 +274,23 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
       settings.commit,
       settings.githubServerUrl
     )
+    if (settings.gitUser) {
+      if (!(await git.configExists('user.name', true))) {
+        await git.config('user.name', settings.gitUser, true)
+      }
+      if (!(await git.configExists('user.email', true))) {
+        const userId = await githubApiHelper.getUserId(
+          settings.gitUser,
+          settings.authToken,
+          settings.githubServerUrl
+        )
+        await git.config(
+          'user.email',
+          `${userId}+${settings.gitUser}@users.noreply.github.com`,
+          true
+        )
+      }
+    }
   } finally {
     // Remove auth
     if (authHelper) {

src/git-source-settings.ts

@@ -79,6 +79,11 @@ export interface IGitSourceSettings {
    */
   authToken: string
 
+  /**
+   * A github user slug to set a default user name and email in the local git config
+   */
+  gitUser: string
+
   /**
    * The SSH key to configure
    */

src/github-api-helper.ts

@@ -143,3 +143,15 @@ async function downloadArchive(
   })
   return Buffer.from(response.data as ArrayBuffer) // response.data is ArrayBuffer
 }
+
+export async function getUserId(
+  username: string,
+  authToken: string,
+  baseUrl?: string
+): Promise<number> {
+  const octokit = github.getOctokit(authToken, {
+    baseUrl: getServerApiUrl(baseUrl)
+  })
+  const user = await octokit.rest.users.getByUsername({username})
+  return user.data.id
+}

src/input-helper.ts

@@ -138,6 +138,9 @@ export async function getInputs(): Promise<IGitSourceSettings> {
   // Auth token
   result.authToken = core.getInput('token', {required: true})
 
+  // Git user
+  result.gitUser = core.getInput('git-user') || 'github-action[bot]'
+
   // SSH
   result.sshKey = core.getInput('ssh-key')
   result.sshKnownHosts = core.getInput('ssh-known-hosts')

src/misc/generate-docs.ts

@@ -120,7 +120,7 @@ function updateUsage(
 }
 
 updateUsage(
-  'actions/checkout@v5',
+  'actions/checkout@v6',
   path.join(__dirname, '..', '..', 'action.yml'),
   path.join(__dirname, '..', '..', 'README.md')
 )