mirror of
https://github.com/actions/checkout.git
synced 2026-06-23 17:43:52 +08:00
Compare commits
15 Commits
v4.2.2
...
744be95084
| Author | SHA1 | Date | |
|---|---|---|---|
|
744be95084 | ||
|
09d2acae67 | ||
|
85e6279cec | ||
|
009b9ae9e4 | ||
|
cbb722410c | ||
|
3b9b8c884f | ||
|
0865c4bfce | ||
|
|
1be0f9404c | ||
|
|
a52fa92dc9 | ||
|
|
491fae084d | ||
|
|
3a6c8fb5e6 | ||
|
|
267ca9cee1 | ||
|
|
8a241b5b4d | ||
|
|
67b5caa109 | ||
|
|
650ceb06a8 |
62
README.md
62
README.md
@@ -10,6 +10,24 @@ The auth token is persisted in the local git config. This enables your scripts t
|
||||
|
||||
When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
|
||||
|
||||
### Note
|
||||
|
||||
Thank you for your interest in this GitHub action, however, right now we are not taking contributions.
|
||||
|
||||
We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
|
||||
|
||||
We are taking the following steps to better direct requests related to GitHub Actions, including:
|
||||
|
||||
1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
|
||||
|
||||
2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
|
||||
|
||||
3. Security Issues should be handled as per our [security.md](security.md)
|
||||
|
||||
We will still provide security updates for this project and fix major breaking changes during this time.
|
||||
|
||||
You are welcome to still raise bugs in this repo.
|
||||
|
||||
# What's new
|
||||
|
||||
Please refer to the [release page](https://github.com/actions/checkout/releases/latest) for the latest release notes.
|
||||
@@ -29,6 +47,11 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
# Otherwise, uses the default branch.
|
||||
ref: ''
|
||||
|
||||
# The commit SHA to checkout. Used when ref is not specified or is ambiguous. This
|
||||
# can be used as a replacement for ref, or alongside it to checkout a specific
|
||||
# commit of the ref.
|
||||
commit: ''
|
||||
|
||||
# Personal access token (PAT) used to fetch the repository. The PAT is configured
|
||||
# with the local git config, which enables your scripts to run authenticated git
|
||||
# commands. The post-job step removes the PAT.
|
||||
@@ -143,6 +166,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
- [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
|
||||
- [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
|
||||
- [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
|
||||
- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token)
|
||||
|
||||
## Fetch only the root files
|
||||
|
||||
@@ -211,7 +235,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
repository: my-org/my-tools
|
||||
path: my-tools
|
||||
```
|
||||
> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
|
||||
## Checkout multiple repos (nested)
|
||||
|
||||
@@ -225,7 +249,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
|
||||
repository: my-org/my-tools
|
||||
path: my-tools
|
||||
```
|
||||
> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
|
||||
|
||||
## Checkout multiple repos (private)
|
||||
|
||||
@@ -288,6 +312,40 @@ jobs:
|
||||
```
|
||||
*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
|
||||
|
||||
## Push a commit to a PR using the built-in token
|
||||
|
||||
In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
|
||||
|
||||
```yaml
|
||||
on: pull_request
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
- run: |
|
||||
date > generated.txt
|
||||
# Note: the following account information will not work on GHES
|
||||
git config user.name "github-actions[bot]"
|
||||
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
git add .
|
||||
git commit -m "generated"
|
||||
git push
|
||||
```
|
||||
|
||||
*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
|
||||
|
||||
# Recommended permissions
|
||||
|
||||
When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
|
||||
|
||||
```yaml
|
||||
permissions:
|
||||
contents: read
|
||||
```
|
||||
|
||||
# License
|
||||
|
||||
The scripts and documentation in this project are released under the [MIT License](LICENSE)
|
||||
|
||||
@@ -144,4 +144,30 @@ describe('input-helper tests', () => {
|
||||
const settings: IGitSourceSettings = await inputHelper.getInputs()
|
||||
expect(settings.workflowOrganizationId).toBe(123456)
|
||||
})
|
||||
|
||||
it('accepts ref and commit', async () => {
|
||||
inputs.ref = 'refs/pull/123/merge'
|
||||
inputs.commit = '0123456789012345678901234567890123456789'
|
||||
const settings: IGitSourceSettings = await inputHelper.getInputs()
|
||||
expect(settings).toBeTruthy()
|
||||
expect(settings.ref).toBeTruthy()
|
||||
expect(settings.ref).toStrictEqual('refs/pull/123/merge')
|
||||
expect(settings.commit).toBeTruthy()
|
||||
expect(settings.commit).toStrictEqual(
|
||||
'0123456789012345678901234567890123456789'
|
||||
)
|
||||
})
|
||||
|
||||
it('ref fallbacks to commit if ref is empty but commit is specified', async () => {
|
||||
inputs.ref = ''
|
||||
inputs.commit = '0123456789012345678901234567890123456789'
|
||||
const settings: IGitSourceSettings = await inputHelper.getInputs()
|
||||
expect(settings).toBeTruthy()
|
||||
expect(settings.ref).toBeFalsy()
|
||||
expect(settings.ref).toStrictEqual('')
|
||||
expect(settings.commit).toBeTruthy()
|
||||
expect(settings.commit).toStrictEqual(
|
||||
'0123456789012345678901234567890123456789'
|
||||
)
|
||||
})
|
||||
})
|
||||
|
||||
@@ -9,6 +9,11 @@ inputs:
|
||||
The branch, tag or SHA to checkout. When checking out the repository that
|
||||
triggered a workflow, this defaults to the reference or SHA for that
|
||||
event. Otherwise, uses the default branch.
|
||||
commit:
|
||||
description: >
|
||||
The commit SHA to checkout. Used when ref is not specified or is ambiguous.
|
||||
This can be used as a replacement for ref, or alongside it to checkout a
|
||||
specific commit of the ref.
|
||||
token:
|
||||
description: >
|
||||
Personal access token (PAT) used to fetch the repository. The PAT is configured
|
||||
|
||||
6
dist/index.js
vendored
6
dist/index.js
vendored
@@ -1744,7 +1744,11 @@ function getInputs() {
|
||||
const isWorkflowRepository = qualifiedRepository.toUpperCase() ===
|
||||
`${github.context.repo.owner}/${github.context.repo.repo}`.toUpperCase();
|
||||
// Source branch, source version
|
||||
result.ref = core.getInput('ref');
|
||||
result.commit = core.getInput('commit');
|
||||
if (result.commit && !result.commit.match(/^[0-9a-fA-F]{40}$/)) {
|
||||
throw new Error(`The commit SHA '${result.commit}' is not a valid SHA.`);
|
||||
}
|
||||
result.ref = core.getInput('ref') || result.commit;
|
||||
if (!result.ref) {
|
||||
if (isWorkflowRepository) {
|
||||
result.ref = github.context.ref;
|
||||
|
||||
@@ -57,7 +57,12 @@ export async function getInputs(): Promise<IGitSourceSettings> {
|
||||
`${github.context.repo.owner}/${github.context.repo.repo}`.toUpperCase()
|
||||
|
||||
// Source branch, source version
|
||||
result.ref = core.getInput('ref')
|
||||
result.commit = core.getInput('commit')
|
||||
if (result.commit && !result.commit.match(/^[0-9a-fA-F]{40}$/)) {
|
||||
throw new Error(`The commit SHA '${result.commit}' is not a valid SHA.`)
|
||||
}
|
||||
|
||||
result.ref = core.getInput('ref') || result.commit
|
||||
if (!result.ref) {
|
||||
if (isWorkflowRepository) {
|
||||
result.ref = github.context.ref
|
||||
|
||||
Reference in New Issue
Block a user