mirror of
https://github.com/actions/checkout.git
synced 2026-06-29 18:13:51 +08:00
Compare commits
15 Commits
v4.2.0
...
165e4fbb74
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
165e4fbb74 | ||
|
|
09d2acae67 | ||
|
|
ab5d862ce8 | ||
|
|
5fba9eb899 | ||
|
|
85e6279cec | ||
|
|
009b9ae9e4 | ||
|
|
f3b199b7ed | ||
|
|
cbb722410c | ||
|
|
3b9b8c884f | ||
|
|
11bd71901b | ||
|
|
e3d2460bbb | ||
|
|
163217dfcd | ||
|
|
eef61447b9 | ||
|
|
6b42224f41 | ||
|
|
de5a000abf |
20
.github/workflows/publish-immutable-actions.yml
vendored
Normal file
20
.github/workflows/publish-immutable-actions.yml
vendored
Normal file
@@ -0,0 +1,20 @@
|
||||
name: 'Publish Immutable Action Version'
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
packages: write
|
||||
|
||||
steps:
|
||||
- name: Checking out
|
||||
uses: actions/checkout@v4
|
||||
- name: Publish
|
||||
id: publish
|
||||
uses: actions/publish-immutable-action@0.0.3
|
||||
@@ -1,5 +1,12 @@
|
||||
# Changelog
|
||||
|
||||
## v4.2.2
|
||||
* `url-helper.ts` now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
|
||||
* Expand unit test coverage for `isGhes` by @jww3 in https://github.com/actions/checkout/pull/1946
|
||||
|
||||
## v4.2.1
|
||||
* Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924
|
||||
|
||||
## v4.2.0
|
||||
|
||||
* Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
|
||||
|
||||
63
README.md
63
README.md
@@ -10,6 +10,24 @@ The auth token is persisted in the local git config. This enables your scripts t
|
||||
|
||||
When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
|
||||
|
||||
### Note
|
||||
|
||||
Thank you for your interest in this GitHub action, however, right now we are not taking contributions.
|
||||
|
||||
We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
|
||||
|
||||
We are taking the following steps to better direct requests related to GitHub Actions, including:
|
||||
|
||||
1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
|
||||
|
||||
2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
|
||||
|
||||
3. Security Issues should be handled as per our [security.md](security.md)
|
||||
|
||||
We will still provide security updates for this project and fix major breaking changes during this time.
|
||||
|
||||
You are welcome to still raise bugs in this repo.
|
||||
|
||||
# What's new
|
||||
|
||||
Please refer to the [release page](https://github.com/actions/checkout/releases/latest) for the latest release notes.
|
||||
@@ -41,6 +59,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
# Default: ${{ github.token }}
|
||||
token: ''
|
||||
|
||||
# Github slug used to configure local user.name and user.email for git. This is
|
||||
# required to push a commit from a Github Action Workflow. Set to '' to disable
|
||||
# this configuration.
|
||||
# Default: github-action[bot]
|
||||
git-user: ''
|
||||
|
||||
# SSH key used to fetch the repository. The SSH key is configured with the local
|
||||
# git config, which enables your scripts to run authenticated git commands. The
|
||||
# post-job step removes the SSH key.
|
||||
@@ -143,6 +167,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
- [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
|
||||
- [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
|
||||
- [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
|
||||
- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token)
|
||||
|
||||
## Fetch only the root files
|
||||
|
||||
@@ -211,7 +236,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
repository: my-org/my-tools
|
||||
path: my-tools
|
||||
```
|
||||
> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
|
||||
## Checkout multiple repos (nested)
|
||||
|
||||
@@ -225,7 +250,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
repository: my-org/my-tools
|
||||
path: my-tools
|
||||
```
|
||||
> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
|
||||
## Checkout multiple repos (private)
|
||||
|
||||
@@ -280,14 +305,44 @@ jobs:
|
||||
- run: |
|
||||
date > generated.txt
|
||||
# Note: the following account information will not work on GHES
|
||||
git config user.name "github-actions[bot]"
|
||||
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
git add .
|
||||
git commit -m "generated"
|
||||
git push
|
||||
```
|
||||
*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
|
||||
|
||||
## Push a commit to a PR using the built-in token
|
||||
|
||||
In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
|
||||
|
||||
```yaml
|
||||
on: pull_request
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
- run: |
|
||||
date > generated.txt
|
||||
# Note: the following account information will not work on GHES
|
||||
git add .
|
||||
git commit -m "generated"
|
||||
git push
|
||||
```
|
||||
|
||||
*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
|
||||
|
||||
# Recommended permissions
|
||||
|
||||
When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
|
||||
|
||||
```yaml
|
||||
permissions:
|
||||
contents: read
|
||||
```
|
||||
|
||||
# License
|
||||
|
||||
The scripts and documentation in this project are released under the [MIT License](LICENSE)
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
import * as core from '@actions/core'
|
||||
import * as fs from 'fs'
|
||||
import * as gitAuthHelper from '../lib/git-auth-helper'
|
||||
import * as gitAuthHelper from '../src/git-auth-helper'
|
||||
import * as io from '@actions/io'
|
||||
import * as os from 'os'
|
||||
import * as path from 'path'
|
||||
import * as stateHelper from '../lib/state-helper'
|
||||
import {IGitCommandManager} from '../lib/git-command-manager'
|
||||
import {IGitSourceSettings} from '../lib/git-source-settings'
|
||||
import * as stateHelper from '../src/state-helper'
|
||||
import {IGitCommandManager} from '../src/git-command-manager'
|
||||
import {IGitSourceSettings} from '../src/git-source-settings'
|
||||
|
||||
const isWindows = process.platform === 'win32'
|
||||
const testWorkspace = path.join(__dirname, '_temp', 'git-auth-helper')
|
||||
@@ -824,7 +824,8 @@ async function setup(testName: string): Promise<void> {
|
||||
sshUser: '',
|
||||
workflowOrganizationId: 123456,
|
||||
setSafeDirectory: true,
|
||||
githubServerUrl: githubServerUrl
|
||||
githubServerUrl: githubServerUrl,
|
||||
gitUser: 'github-action[bot]'
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import * as exec from '@actions/exec'
|
||||
import * as fshelper from '../lib/fs-helper'
|
||||
import * as commandManager from '../lib/git-command-manager'
|
||||
import * as fshelper from '../src/fs-helper'
|
||||
import * as commandManager from '../src/git-command-manager'
|
||||
|
||||
let git: commandManager.IGitCommandManager
|
||||
let mockExec = jest.fn()
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
import * as core from '@actions/core'
|
||||
import * as fs from 'fs'
|
||||
import * as gitDirectoryHelper from '../lib/git-directory-helper'
|
||||
import * as gitDirectoryHelper from '../src/git-directory-helper'
|
||||
import * as io from '@actions/io'
|
||||
import * as path from 'path'
|
||||
import {IGitCommandManager} from '../lib/git-command-manager'
|
||||
import {IGitCommandManager} from '../src/git-command-manager'
|
||||
|
||||
const testWorkspace = path.join(__dirname, '_temp', 'git-directory-helper')
|
||||
let repositoryPath: string
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
import * as core from '@actions/core'
|
||||
import * as fsHelper from '../lib/fs-helper'
|
||||
import * as fsHelper from '../src/fs-helper'
|
||||
import * as github from '@actions/github'
|
||||
import * as inputHelper from '../lib/input-helper'
|
||||
import * as inputHelper from '../src/input-helper'
|
||||
import * as path from 'path'
|
||||
import * as workflowContextHelper from '../lib/workflow-context-helper'
|
||||
import {IGitSourceSettings} from '../lib/git-source-settings'
|
||||
import * as workflowContextHelper from '../src/workflow-context-helper'
|
||||
import {IGitSourceSettings} from '../src/git-source-settings'
|
||||
|
||||
const originalGitHubWorkspace = process.env['GITHUB_WORKSPACE']
|
||||
const gitHubWorkspace = path.resolve('/checkout-tests/workspace')
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import * as assert from 'assert'
|
||||
import * as refHelper from '../lib/ref-helper'
|
||||
import {IGitCommandManager} from '../lib/git-command-manager'
|
||||
import * as refHelper from '../src/ref-helper'
|
||||
import {IGitCommandManager} from '../src/git-command-manager'
|
||||
|
||||
const commit = '1234567890123456789012345678901234567890'
|
||||
let git: IGitCommandManager
|
||||
@@ -77,6 +77,16 @@ describe('ref-helper tests', () => {
|
||||
expect(checkoutInfo.startPoint).toBeFalsy()
|
||||
})
|
||||
|
||||
it('getCheckoutInfo refs/ without commit', async () => {
|
||||
const checkoutInfo = await refHelper.getCheckoutInfo(
|
||||
git,
|
||||
'refs/non-standard-ref',
|
||||
''
|
||||
)
|
||||
expect(checkoutInfo.ref).toBe('refs/non-standard-ref')
|
||||
expect(checkoutInfo.startPoint).toBeFalsy()
|
||||
})
|
||||
|
||||
it('getCheckoutInfo unqualified branch only', async () => {
|
||||
git.branchExists = jest.fn(async (remote: boolean, pattern: string) => {
|
||||
return true
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import * as core from '@actions/core'
|
||||
import {RetryHelper} from '../lib/retry-helper'
|
||||
import {RetryHelper} from '../src/retry-helper'
|
||||
|
||||
let info: string[]
|
||||
let retryHelper: any
|
||||
|
||||
92
__test__/url-helper.test.ts
Normal file
92
__test__/url-helper.test.ts
Normal file
@@ -0,0 +1,92 @@
|
||||
import * as urlHelper from '../src/url-helper'
|
||||
|
||||
describe('getServerUrl tests', () => {
|
||||
it('basics', async () => {
|
||||
// Note that URL::toString will append a trailing / when passed just a domain name ...
|
||||
expect(urlHelper.getServerUrl().toString()).toBe('https://github.com/')
|
||||
expect(urlHelper.getServerUrl(' ').toString()).toBe('https://github.com/')
|
||||
expect(urlHelper.getServerUrl(' ').toString()).toBe('https://github.com/')
|
||||
expect(urlHelper.getServerUrl('http://contoso.com').toString()).toBe(
|
||||
'http://contoso.com/'
|
||||
)
|
||||
expect(urlHelper.getServerUrl('https://contoso.com').toString()).toBe(
|
||||
'https://contoso.com/'
|
||||
)
|
||||
expect(urlHelper.getServerUrl('https://contoso.com/').toString()).toBe(
|
||||
'https://contoso.com/'
|
||||
)
|
||||
|
||||
// ... but can't make that same assumption when passed an URL that includes some deeper path.
|
||||
expect(urlHelper.getServerUrl('https://contoso.com/a/b').toString()).toBe(
|
||||
'https://contoso.com/a/b'
|
||||
)
|
||||
})
|
||||
})
|
||||
|
||||
describe('isGhes tests', () => {
|
||||
const pristineEnv = process.env
|
||||
|
||||
beforeEach(() => {
|
||||
jest.resetModules()
|
||||
process.env = {...pristineEnv}
|
||||
})
|
||||
|
||||
afterAll(() => {
|
||||
process.env = pristineEnv
|
||||
})
|
||||
|
||||
it('basics', async () => {
|
||||
delete process.env['GITHUB_SERVER_URL']
|
||||
expect(urlHelper.isGhes()).toBeFalsy()
|
||||
expect(urlHelper.isGhes('https://github.com')).toBeFalsy()
|
||||
expect(urlHelper.isGhes('https://contoso.ghe.com')).toBeFalsy()
|
||||
expect(urlHelper.isGhes('https://test.github.localhost')).toBeFalsy()
|
||||
expect(urlHelper.isGhes('https://src.onpremise.fabrikam.com')).toBeTruthy()
|
||||
})
|
||||
|
||||
it('returns false when the GITHUB_SERVER_URL environment variable is not defined', async () => {
|
||||
delete process.env['GITHUB_SERVER_URL']
|
||||
expect(urlHelper.isGhes()).toBeFalsy()
|
||||
})
|
||||
|
||||
it('returns false when the GITHUB_SERVER_URL environment variable is set to github.com', async () => {
|
||||
process.env['GITHUB_SERVER_URL'] = 'https://github.com'
|
||||
expect(urlHelper.isGhes()).toBeFalsy()
|
||||
})
|
||||
|
||||
it('returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL', async () => {
|
||||
process.env['GITHUB_SERVER_URL'] = 'https://contoso.ghe.com'
|
||||
expect(urlHelper.isGhes()).toBeFalsy()
|
||||
})
|
||||
|
||||
it('returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix', async () => {
|
||||
process.env['GITHUB_SERVER_URL'] = 'https://mock-github.localhost'
|
||||
expect(urlHelper.isGhes()).toBeFalsy()
|
||||
})
|
||||
|
||||
it('returns true when the GITHUB_SERVER_URL environment variable is set to some other URL', async () => {
|
||||
process.env['GITHUB_SERVER_URL'] = 'https://src.onpremise.fabrikam.com'
|
||||
expect(urlHelper.isGhes()).toBeTruthy()
|
||||
})
|
||||
})
|
||||
|
||||
describe('getServerApiUrl tests', () => {
|
||||
it('basics', async () => {
|
||||
expect(urlHelper.getServerApiUrl()).toBe('https://api.github.com')
|
||||
expect(urlHelper.getServerApiUrl('https://github.com')).toBe(
|
||||
'https://api.github.com'
|
||||
)
|
||||
expect(urlHelper.getServerApiUrl('https://GitHub.com')).toBe(
|
||||
'https://api.github.com'
|
||||
)
|
||||
expect(urlHelper.getServerApiUrl('https://contoso.ghe.com')).toBe(
|
||||
'https://api.contoso.ghe.com'
|
||||
)
|
||||
expect(urlHelper.getServerApiUrl('https://fabrikam.GHE.COM')).toBe(
|
||||
'https://api.fabrikam.ghe.com'
|
||||
)
|
||||
expect(
|
||||
urlHelper.getServerApiUrl('https://src.onpremise.fabrikam.com')
|
||||
).toBe('https://src.onpremise.fabrikam.com/api/v3')
|
||||
})
|
||||
})
|
||||
@@ -22,6 +22,12 @@ inputs:
|
||||
|
||||
[Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
|
||||
default: ${{ github.token }}
|
||||
git-user:
|
||||
description: >
|
||||
Github slug used to configure local user.name and user.email for git.
|
||||
This is required to push a commit from a Github Action Workflow.
|
||||
Set to '' to disable this configuration.
|
||||
default: "github-action[bot]"
|
||||
ssh-key:
|
||||
description: >
|
||||
SSH key used to fetch the repository. The SSH key is configured with the local
|
||||
|
||||
75
dist/index.js
vendored
75
dist/index.js
vendored
@@ -1357,6 +1357,15 @@ function getSource(settings) {
|
||||
core.setOutput('commit', commitSHA.trim());
|
||||
// Check for incorrect pull request merge commit
|
||||
yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.githubServerUrl);
|
||||
if (settings.gitUser) {
|
||||
if (!(yield git.configExists('user.name', true))) {
|
||||
yield git.config('user.name', settings.gitUser, true);
|
||||
}
|
||||
if (!(yield git.configExists('user.email', true))) {
|
||||
const userId = yield githubApiHelper.getUserId(settings.gitUser, settings.authToken, settings.githubServerUrl);
|
||||
yield git.config('user.email', `${userId}+${settings.gitUser}@users.noreply.github.com`, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
finally {
|
||||
// Remove auth
|
||||
@@ -1546,6 +1555,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
||||
Object.defineProperty(exports, "__esModule", ({ value: true }));
|
||||
exports.downloadRepository = downloadRepository;
|
||||
exports.getDefaultBranch = getDefaultBranch;
|
||||
exports.getUserId = getUserId;
|
||||
const assert = __importStar(__nccwpck_require__(9491));
|
||||
const core = __importStar(__nccwpck_require__(2186));
|
||||
const fs = __importStar(__nccwpck_require__(7147));
|
||||
@@ -1663,6 +1673,15 @@ function downloadArchive(authToken, owner, repo, ref, commit, baseUrl) {
|
||||
return Buffer.from(response.data); // response.data is ArrayBuffer
|
||||
});
|
||||
}
|
||||
function getUserId(username, authToken, baseUrl) {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
const octokit = github.getOctokit(authToken, {
|
||||
baseUrl: (0, url_helper_1.getServerApiUrl)(baseUrl)
|
||||
});
|
||||
const user = yield octokit.rest.users.getByUsername({ username, });
|
||||
return user.data.id;
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
/***/ }),
|
||||
@@ -1813,6 +1832,8 @@ function getInputs() {
|
||||
core.debug(`recursive submodules = ${result.nestedSubmodules}`);
|
||||
// Auth token
|
||||
result.authToken = core.getInput('token', { required: true });
|
||||
// Git user
|
||||
result.gitUser = core.getInput('git-user') || 'github-action[bot]';
|
||||
// SSH
|
||||
result.sshKey = core.getInput('ssh-key');
|
||||
result.sshKnownHosts = core.getInput('ssh-known-hosts');
|
||||
@@ -2005,8 +2026,8 @@ function getCheckoutInfo(git, ref, commit) {
|
||||
result.ref = ref;
|
||||
}
|
||||
// refs/
|
||||
else if (upperRef.startsWith('REFS/') && commit) {
|
||||
result.ref = commit;
|
||||
else if (upperRef.startsWith('REFS/')) {
|
||||
result.ref = commit ? commit : ref;
|
||||
}
|
||||
// Unqualified ref, check for a matching branch or tag
|
||||
else {
|
||||
@@ -2454,22 +2475,50 @@ function getFetchUrl(settings) {
|
||||
return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`;
|
||||
}
|
||||
function getServerUrl(url) {
|
||||
let urlValue = url && url.trim().length > 0
|
||||
? url
|
||||
: process.env['GITHUB_SERVER_URL'] || 'https://github.com';
|
||||
return new url_1.URL(urlValue);
|
||||
let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com';
|
||||
if (hasContent(url, WhitespaceMode.Trim)) {
|
||||
resolvedUrl = url;
|
||||
}
|
||||
return new url_1.URL(resolvedUrl);
|
||||
}
|
||||
function getServerApiUrl(url) {
|
||||
let apiUrl = 'https://api.github.com';
|
||||
if (isGhes(url)) {
|
||||
const serverUrl = getServerUrl(url);
|
||||
apiUrl = new url_1.URL(`${serverUrl.origin}/api/v3`).toString();
|
||||
if (hasContent(url, WhitespaceMode.Trim)) {
|
||||
let serverUrl = getServerUrl(url);
|
||||
if (isGhes(url)) {
|
||||
serverUrl.pathname = 'api/v3';
|
||||
}
|
||||
else {
|
||||
serverUrl.hostname = 'api.' + serverUrl.hostname;
|
||||
}
|
||||
return pruneSuffix(serverUrl.toString(), '/');
|
||||
}
|
||||
return apiUrl;
|
||||
return process.env['GITHUB_API_URL'] || 'https://api.github.com';
|
||||
}
|
||||
function isGhes(url) {
|
||||
const ghUrl = getServerUrl(url);
|
||||
return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM';
|
||||
const ghUrl = new url_1.URL(url || process.env['GITHUB_SERVER_URL'] || 'https://github.com');
|
||||
const hostname = ghUrl.hostname.trimEnd().toUpperCase();
|
||||
const isGitHubHost = hostname === 'GITHUB.COM';
|
||||
const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM');
|
||||
const isLocalHost = hostname.endsWith('.LOCALHOST');
|
||||
return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
|
||||
}
|
||||
function pruneSuffix(text, suffix) {
|
||||
if (hasContent(suffix, WhitespaceMode.Preserve) && (text === null || text === void 0 ? void 0 : text.endsWith(suffix))) {
|
||||
return text.substring(0, text.length - suffix.length);
|
||||
}
|
||||
return text;
|
||||
}
|
||||
var WhitespaceMode;
|
||||
(function (WhitespaceMode) {
|
||||
WhitespaceMode[WhitespaceMode["Trim"] = 0] = "Trim";
|
||||
WhitespaceMode[WhitespaceMode["Preserve"] = 1] = "Preserve";
|
||||
})(WhitespaceMode || (WhitespaceMode = {}));
|
||||
function hasContent(text, whitespaceMode) {
|
||||
let refinedText = text !== null && text !== void 0 ? text : '';
|
||||
if (whitespaceMode == WhitespaceMode.Trim) {
|
||||
refinedText = refinedText.trim();
|
||||
}
|
||||
return refinedText.length > 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
20
package-lock.json
generated
20
package-lock.json
generated
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "checkout",
|
||||
"version": "4.2.0",
|
||||
"version": "4.2.2",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "checkout",
|
||||
"version": "4.2.0",
|
||||
"version": "4.2.2",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.1",
|
||||
@@ -2502,10 +2502,11 @@
|
||||
}
|
||||
},
|
||||
"node_modules/cross-spawn": {
|
||||
"version": "7.0.3",
|
||||
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
|
||||
"integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
|
||||
"version": "7.0.6",
|
||||
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
||||
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"path-key": "^3.1.0",
|
||||
"shebang-command": "^2.0.0",
|
||||
@@ -5528,12 +5529,13 @@
|
||||
}
|
||||
},
|
||||
"node_modules/micromatch": {
|
||||
"version": "4.0.5",
|
||||
"resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz",
|
||||
"integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==",
|
||||
"version": "4.0.8",
|
||||
"resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz",
|
||||
"integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"braces": "^3.0.2",
|
||||
"braces": "^3.0.3",
|
||||
"picomatch": "^2.3.1"
|
||||
},
|
||||
"engines": {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "checkout",
|
||||
"version": "4.2.0",
|
||||
"version": "4.2.2",
|
||||
"description": "checkout action",
|
||||
"main": "lib/main.js",
|
||||
"scripts": {
|
||||
|
||||
@@ -274,6 +274,23 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
||||
settings.commit,
|
||||
settings.githubServerUrl
|
||||
)
|
||||
if (settings.gitUser) {
|
||||
if (!(await git.configExists('user.name', true))) {
|
||||
await git.config('user.name', settings.gitUser, true)
|
||||
}
|
||||
if (!(await git.configExists('user.email', true))) {
|
||||
const userId = await githubApiHelper.getUserId(
|
||||
settings.gitUser,
|
||||
settings.authToken,
|
||||
settings.githubServerUrl
|
||||
)
|
||||
await git.config(
|
||||
'user.email',
|
||||
`${userId}+${settings.gitUser}@users.noreply.github.com`,
|
||||
true
|
||||
)
|
||||
}
|
||||
}
|
||||
} finally {
|
||||
// Remove auth
|
||||
if (authHelper) {
|
||||
|
||||
@@ -79,6 +79,11 @@ export interface IGitSourceSettings {
|
||||
*/
|
||||
authToken: string
|
||||
|
||||
/**
|
||||
* A github user slug to set a default user name and email in the local git config
|
||||
*/
|
||||
gitUser: string
|
||||
|
||||
/**
|
||||
* The SSH key to configure
|
||||
*/
|
||||
|
||||
@@ -143,3 +143,15 @@ async function downloadArchive(
|
||||
})
|
||||
return Buffer.from(response.data as ArrayBuffer) // response.data is ArrayBuffer
|
||||
}
|
||||
|
||||
export async function getUserId(
|
||||
username: string,
|
||||
authToken: string,
|
||||
baseUrl?: string
|
||||
): Promise<number> {
|
||||
const octokit = github.getOctokit(authToken, {
|
||||
baseUrl: getServerApiUrl(baseUrl)
|
||||
})
|
||||
const user = await octokit.rest.users.getByUsername({username})
|
||||
return user.data.id
|
||||
}
|
||||
|
||||
@@ -138,6 +138,9 @@ export async function getInputs(): Promise<IGitSourceSettings> {
|
||||
// Auth token
|
||||
result.authToken = core.getInput('token', {required: true})
|
||||
|
||||
// Git user
|
||||
result.gitUser = core.getInput('git-user') || 'github-action[bot]'
|
||||
|
||||
// SSH
|
||||
result.sshKey = core.getInput('ssh-key')
|
||||
result.sshKnownHosts = core.getInput('ssh-known-hosts')
|
||||
|
||||
@@ -46,8 +46,8 @@ export async function getCheckoutInfo(
|
||||
result.ref = ref
|
||||
}
|
||||
// refs/
|
||||
else if (upperRef.startsWith('REFS/') && commit) {
|
||||
result.ref = commit
|
||||
else if (upperRef.startsWith('REFS/')) {
|
||||
result.ref = commit ? commit : ref
|
||||
}
|
||||
// Unqualified ref, check for a matching branch or tag
|
||||
else {
|
||||
|
||||
@@ -21,26 +21,61 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
|
||||
}
|
||||
|
||||
export function getServerUrl(url?: string): URL {
|
||||
let urlValue =
|
||||
url && url.trim().length > 0
|
||||
? url
|
||||
: process.env['GITHUB_SERVER_URL'] || 'https://github.com'
|
||||
return new URL(urlValue)
|
||||
let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com'
|
||||
if (hasContent(url, WhitespaceMode.Trim)) {
|
||||
resolvedUrl = url!
|
||||
}
|
||||
|
||||
return new URL(resolvedUrl)
|
||||
}
|
||||
|
||||
export function getServerApiUrl(url?: string): string {
|
||||
let apiUrl = 'https://api.github.com'
|
||||
if (hasContent(url, WhitespaceMode.Trim)) {
|
||||
let serverUrl = getServerUrl(url)
|
||||
if (isGhes(url)) {
|
||||
serverUrl.pathname = 'api/v3'
|
||||
} else {
|
||||
serverUrl.hostname = 'api.' + serverUrl.hostname
|
||||
}
|
||||
|
||||
if (isGhes(url)) {
|
||||
const serverUrl = getServerUrl(url)
|
||||
apiUrl = new URL(`${serverUrl.origin}/api/v3`).toString()
|
||||
return pruneSuffix(serverUrl.toString(), '/')
|
||||
}
|
||||
|
||||
return apiUrl
|
||||
return process.env['GITHUB_API_URL'] || 'https://api.github.com'
|
||||
}
|
||||
|
||||
export function isGhes(url?: string): boolean {
|
||||
const ghUrl = getServerUrl(url)
|
||||
const ghUrl = new URL(
|
||||
url || process.env['GITHUB_SERVER_URL'] || 'https://github.com'
|
||||
)
|
||||
|
||||
return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM'
|
||||
const hostname = ghUrl.hostname.trimEnd().toUpperCase()
|
||||
const isGitHubHost = hostname === 'GITHUB.COM'
|
||||
const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM')
|
||||
const isLocalHost = hostname.endsWith('.LOCALHOST')
|
||||
|
||||
return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost
|
||||
}
|
||||
|
||||
function pruneSuffix(text: string, suffix: string) {
|
||||
if (hasContent(suffix, WhitespaceMode.Preserve) && text?.endsWith(suffix)) {
|
||||
return text.substring(0, text.length - suffix.length)
|
||||
}
|
||||
return text
|
||||
}
|
||||
|
||||
enum WhitespaceMode {
|
||||
Trim,
|
||||
Preserve
|
||||
}
|
||||
|
||||
function hasContent(
|
||||
text: string | undefined,
|
||||
whitespaceMode: WhitespaceMode
|
||||
): boolean {
|
||||
let refinedText = text ?? ''
|
||||
if (whitespaceMode == WhitespaceMode.Trim) {
|
||||
refinedText = refinedText.trim()
|
||||
}
|
||||
return refinedText.length > 0
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user