Compare commits

..

22 Commits

Author SHA1 Message Date
Luca Comellini
7c38ecfb34
Add Ref and Commit outputs
Signed-off-by: Luca Comellini <luca.com@gmail.com>
2024-05-07 12:23:50 -07:00
Cory Miller
44c2b7a8a4
README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com (#1707)
* README: Set `user.email` to GitHub Actions Bot

* Update workflow to use proper bot GitHub Bot email

* Prefix `user.email` with `41898282+`

To match squash merge user, else showing as two different users, see: b0948d0da0

* Update README.md

---------

Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>
2024-04-30 11:50:54 -04:00
dependabot[bot]
8459bc0c7e
Bump actions/upload-artifact from 2 to 4 (#1695)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:39:59 -04:00
dependabot[bot]
3f603f6d5e
Bump actions/setup-node from 1 to 4 (#1696)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 1 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v1...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:34:46 -04:00
dependabot[bot]
fd084cde18
Bump github/codeql-action from 2 to 3 (#1694)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:33:41 -04:00
Cory Miller
9c1e94e0ad
Update NPM dependencies (#1703)
* Update dependencies manually
* Format files
* Update licenses
2024-04-24 12:04:10 -04:00
John Wesley Walker III
0ad4b8fada
Prep Release v4.1.4 (#1704)
* Update package.json and package-lock.json to reflect v4.1.4
* Update CHANGELOG
2024-04-24 15:29:05 +02:00
John Wesley Walker III
43045ae669
Disable extensions.worktreeConfig when disabling sparse-checkout (#1692) 2024-04-23 22:07:43 +02:00
dependabot[bot]
37b082107b
Bump the minor-actions-dependencies group with 2 updates (#1693)
Bumps the minor-actions-dependencies group with 2 updates: [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.1.0)

Updates `docker/build-push-action` from 5.1.0 to 5.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 13:14:23 -04:00
Cory Miller
9839dc14a0
Add dependabot config (#1688)
* Add dependabot config
* Group minor and patch updates for NPM and GH Actions
2024-04-23 13:02:51 -04:00
dependabot[bot]
9b4c13b0bf
Bump word-wrap from 1.2.3 to 1.2.5 (#1643)
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.5.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 12:52:06 +02:00
Cory Miller
1d96c772d1
Add SSH user parameter (#1685)
* Add a configurable SSH user

* Update docs with param

* Indentation of readme

* formatting woes

* Update src/url-helper.ts

Co-authored-by: Josh Gross <joshmgross@github.com>

* Update action.yml

Co-authored-by: Josh Gross <joshmgross@github.com>

* Update genfiles

---------

Co-authored-by: Josh Gross <joshmgross@github.com>
2024-04-18 15:29:55 -04:00
John Wesley Walker III
cd7d8d697e
Check git version before attempting to disable sparse-checkout (#1656)
* Check git version before attempting to disable `sparse-checkout`
* Bump `MinimumGitSparseCheckoutVersion` to 2.28 due to #1386
* Initial prep for release 4.1.3
2024-03-14 15:40:14 +01:00
John Wesley Walker III
8410ad0602
Update actions/checkout version in update-main-version.yml (#1650) 2024-03-12 12:39:30 +01:00
John Wesley Walker III
9bb56186c3
Prep for release of v4.1.2 (#1649)
* Add v4.1.2 and v4.1.1 to CHANGELOG.md
* Bump version in package.json to 4.1.2
* Ran `npm i` to regenerate package-lock.json
2024-03-12 12:11:01 +01:00
dependabot[bot]
8eb1f6a495
Bump @babel/traverse from 7.20.5 to 7.24.0 (#1642)
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.5 to 7.24.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-05 13:09:59 -05:00
dependabot[bot]
556e4c3cb0
Bump tough-cookie from 4.0.0 to 4.1.3 (#1406)
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.0.0 to 4.1.3.
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](https://github.com/salesforce/tough-cookie/compare/v4.0.0...v4.1.3)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-05 12:49:25 -05:00
John Wesley Walker III
b32f140b0c
Warn on attempts to publish test-ubuntu-git from non-main branch. (#1623)
* Warn on attempts to publish test-ubuntu-git from non-main branch.
* Rename build step to clarify that Push is optional.
2024-02-22 14:38:58 +01:00
John Wesley Walker III
2650dbd060
Give test-ubuntu-git its own README (#1620)
* Give `test-ubuntu-git` its own `README`
* Refined title and description in `test-ubuntu-git.Dockerfile`
* nit accepted:  Remove double space

---------

Co-authored-by: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
2024-02-22 10:59:35 +01:00
Johannes Schindelin
aadec89964
Explicitly disable sparse checkout unless asked for (#1598)
When a worktree is reused by actions/checkout and the first time sparse checkout was enabled, we need to ensure that the second time it is only a sparse checkout if explicitly asked for. Otherwise, we need to disable the sparse checkout so that a full checkout is the outcome of this Action.

## Details
* If no `sparse-checkout` parameter is specified, disable it

This should allow users to reuse existing folders when running
`actions/checkout` where a previous run asked for a sparse checkout but
the current run does not ask for a sparse checkout.

This fixes https://github.com/actions/checkout/issues/1475

There are use cases in particular with non-ephemeral (self-hosted) runners where an
existing worktree (that has been initialized as a sparse checkout) is
reused in subsequent CI runs (where `actions/checkout` is run _without_
any `sparse-checkout` parameter).

In these scenarios, we need to make sure that the sparse checkout is
disabled before checking out the files.

### Also includes:

* npm run build
* ci: verify that an existing sparse checkout can be made unsparse
* Added a clarifying comment about test branches.
* `test-proxy` now uses newly-minted `test-ubuntu-git` container image from ghcr.io

---------

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Co-authored-by: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
2024-02-21 13:56:19 +01:00
John Wesley Walker III
df0bcddf6d
Refine workflow for generating test-ubuntu-git (#1617) 2024-02-21 12:46:47 +01:00
John Wesley Walker III
473055ba18
Create test-ubuntu-git Docker Container for Proxy Tests (#1616) 2024-02-20 17:08:08 +01:00
68 changed files with 33543 additions and 22124 deletions

20
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,20 @@
---
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
groups:
minor-npm-dependencies:
# NPM: Only group minor and patch updates (we want to carefully review major updates)
update-types: [minor, patch]
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
minor-actions-dependencies:
# GitHub Actions: Only group minor and patch updates (we want to carefully review major updates)
update-types: [minor, patch]

View File

@ -25,7 +25,7 @@ jobs:
- uses: actions/checkout@v3
- name: Set Node.js 20.x
uses: actions/setup-node@v1
uses: actions/setup-node@v4
with:
node-version: 20.x
@ -44,7 +44,7 @@ jobs:
fi
# If dist/ was different than expected, upload the expected version as an artifact
- uses: actions/upload-artifact@v2
- uses: actions/upload-artifact@v4
if: ${{ failure() && steps.diff.conclusion == 'failure' }}
with:
name: dist

View File

@ -42,7 +42,7 @@ jobs:
uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@ -55,4 +55,4 @@ jobs:
- run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@v3

View File

@ -7,11 +7,16 @@ on:
- main
- releases/*
# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow,
# these refer to "test-data" branches on this actions/checkout repo.
# (For example, test-data/v2/basic -> https://github.com/actions/checkout/tree/test-data/v2/basic)
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
- uses: actions/setup-node@v4
with:
node-version: 20.x
- uses: actions/checkout@v3
@ -32,7 +37,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4.1.1
# Basic checkout
- name: Checkout basic
@ -95,6 +100,16 @@ jobs:
- name: Verify sparse checkout
run: __test__/verify-sparse-checkout.sh
# Disabled sparse checkout in existing checkout
- name: Disabled sparse checkout
uses: ./
with:
path: sparse-checkout
- name: Verify disabled sparse checkout
shell: bash
run: set -x && ls -l sparse-checkout/src/git-command-manager.ts
# Sparse checkout (non-cone mode)
- name: Sparse checkout (non-cone mode)
uses: ./
@ -175,7 +190,7 @@ jobs:
test-proxy:
runs-on: ubuntu-latest
container:
image: alpine/git:latest
image: ghcr.io/actions/test-ubuntu-git:main.20240221.114913.703z
options: --dns 127.0.0.1
services:
squid-proxy:

View File

@ -19,13 +19,16 @@ jobs:
tag:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Note this update workflow can also be used as a rollback tool.
# For that reason, it's best to pin `actions/checkout` to a known, stable version
# (typically, about two releases back).
- uses: actions/checkout@v4.1.1
with:
fetch-depth: 0
- name: Git config
run: |
git config user.name github-actions
git config user.email github-actions@github.com
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
- name: Tag new target
run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
- name: Push new tag

View File

@ -0,0 +1,59 @@
name: Publish test-ubuntu-git Container
on:
# Use an on demand workflow trigger.
# (Forked copies of actions/checkout won't have permission to update GHCR.io/actions,
# so avoid trigger events that run automatically.)
workflow_dispatch:
inputs:
publish:
description: 'Publish to ghcr.io? (main branch only)'
type: boolean
required: true
default: false
env:
REGISTRY: ghcr.io
IMAGE_NAME: actions/test-ubuntu-git
jobs:
build-and-push-image:
runs-on: ubuntu-latest
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Use `docker/login-action` to log in to GHCR.io.
# Once published, the packages are scoped to the account defined here.
- name: Log in to the ghcr.io container registry
uses: docker/login-action@v3.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Format Timestamp
id: timestamp
# Use `date` with a custom format to achieve the key=value format GITHUB_OUTPUT expects.
run: date -u "+now=%Y%m%d.%H%M%S.%3NZ" >> "$GITHUB_OUTPUT"
- name: Issue Image Publish Warning
if: ${{ inputs.publish && github.ref_name != 'main' }}
run: echo "::warning::test-ubuntu-git images can only be published from the actions/checkout 'main' branch. Workflow will continue with push/publish disabled."
# Use `docker/build-push-action` to build (and optionally publish) the image.
- name: Build Docker Image (with optional Push)
uses: docker/build-push-action@v5.3.0
with:
context: .
file: images/test-ubuntu-git.Dockerfile
# For now, attempts to push to ghcr.io must target the `main` branch.
# In the future, consider also allowing attempts from `releases/*` branches.
push: ${{ inputs.publish && github.ref_name == 'main' }}
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}.${{ steps.timestamp.outputs.now }}

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/qs.dep.yml generated

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/uuid-9.0.1.dep.yml generated Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -1,5 +1,23 @@
# Changelog
## v4.1.4
- Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1692
- Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688
- Bump the minor-actions-dependencies group with 2 updates by @dependabot in https://github.com/actions/checkout/pull/1693
- Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in https://github.com/actions/checkout/pull/1643
## v4.1.3
- Check git version before attempting to disable `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1656
- Add SSH user parameter by @cory-miller in https://github.com/actions/checkout/pull/1685
- Update `actions/checkout` version in `update-main-version.yml` by @jww3 in https://github.com/actions/checkout/pull/1650
## v4.1.2
- Fix: Disable sparse checkout whenever `sparse-checkout` option is not present @dscho in https://github.com/actions/checkout/pull/1598
## v4.1.1
- Correct link to GitHub Docs by @peterbe in https://github.com/actions/checkout/pull/1511
- Link to release page from what's new section by @cory-miller in https://github.com/actions/checkout/pull/1514
## v4.1.0
- [Add support for partial checkout filters](https://github.com/actions/checkout/pull/1396)

View File

@ -62,6 +62,11 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
# Default: true
ssh-strict: ''
# The user to use when connecting to the remote SSH host. By default 'git' is
# used.
# Default: git
ssh-user: ''
# Whether to configure the token or SSH key with the local git config
# Default: true
persist-credentials: ''
@ -274,8 +279,9 @@ jobs:
- uses: actions/checkout@v4
- run: |
date > generated.txt
git config user.name github-actions
git config user.email github-actions@github.com
# Note: the following account information will not work on GHES
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add .
git commit -m "generated"
git push

View File

@ -169,8 +169,9 @@ describe('git-auth-helper tests', () => {
// Mock fs.promises.readFile
const realReadFile = fs.promises.readFile
jest.spyOn(fs.promises, 'readFile').mockImplementation(
async (file: any, options: any): Promise<Buffer> => {
jest
.spyOn(fs.promises, 'readFile')
.mockImplementation(async (file: any, options: any): Promise<Buffer> => {
const userKnownHostsPath = path.join(
os.homedir(),
'.ssh',
@ -181,8 +182,7 @@ describe('git-auth-helper tests', () => {
}
return await realReadFile(file, options)
}
)
})
// Act
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
@ -727,6 +727,7 @@ async function setup(testName: string): Promise<void> {
branchDelete: jest.fn(),
branchExists: jest.fn(),
branchList: jest.fn(),
disableSparseCheckout: jest.fn(),
sparseCheckout: jest.fn(),
sparseCheckoutNonConeMode: jest.fn(),
checkout: jest.fn(),
@ -795,7 +796,8 @@ async function setup(testName: string): Promise<void> {
),
tryDisableAutomaticGarbageCollection: jest.fn(),
tryGetFetchUrl: jest.fn(),
tryReset: jest.fn()
tryReset: jest.fn(),
version: jest.fn()
}
settings = {
@ -819,6 +821,7 @@ async function setup(testName: string): Promise<void> {
sshKey: sshPath ? 'some ssh private key' : '',
sshKnownHosts: '',
sshStrict: true,
sshUser: '',
workflowOrganizationId: 123456,
setSafeDirectory: true,
githubServerUrl: githubServerUrl

View File

@ -462,6 +462,7 @@ async function setup(testName: string): Promise<void> {
branchList: jest.fn(async () => {
return []
}),
disableSparseCheckout: jest.fn(),
sparseCheckout: jest.fn(),
sparseCheckoutNonConeMode: jest.fn(),
checkout: jest.fn(),
@ -500,6 +501,7 @@ async function setup(testName: string): Promise<void> {
}),
tryReset: jest.fn(async () => {
return true
})
}),
version: jest.fn()
}
}

View File

@ -1,4 +1,5 @@
import {GitVersion} from '../lib/git-version'
import {GitVersion} from '../src/git-version'
import {MinimumGitSparseCheckoutVersion} from '../src/git-command-manager'
describe('git-version tests', () => {
it('basics', async () => {
@ -42,4 +43,44 @@ describe('git-version tests', () => {
expect(version.checkMinimum(new GitVersion('5.1'))).toBeFalsy()
expect(version.checkMinimum(new GitVersion('5.1.2'))).toBeFalsy()
})
it('sparse checkout', async () => {
const minSparseVer = MinimumGitSparseCheckoutVersion
expect(new GitVersion('1.0').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('1.99').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.0').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.24').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.24.0').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.24.9').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.25').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.25.0').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.25.1').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.25.9').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.26').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.26.0').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.26.1').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.26.9').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.27').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.27.0').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.27.1').checkMinimum(minSparseVer)).toBeFalsy()
expect(new GitVersion('2.27.9').checkMinimum(minSparseVer)).toBeFalsy()
// /---------------------------------------
// ^^^ before / after vvv
// --------------------------/
expect(new GitVersion('2.28').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.28.0').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.28.1').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.28.9').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.29').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.29.0').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.29.1').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.29.9').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('2.99').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('3.0').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('3.99').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('4.0').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('4.99').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('5.0').checkMinimum(minSparseVer)).toBeTruthy()
expect(new GitVersion('5.99').checkMinimum(minSparseVer)).toBeTruthy()
})
})

View File

@ -7,11 +7,11 @@ let git: IGitCommandManager
describe('ref-helper tests', () => {
beforeEach(() => {
git = ({} as unknown) as IGitCommandManager
git = {} as unknown as IGitCommandManager
})
it('getCheckoutInfo requires git', async () => {
const git = (null as unknown) as IGitCommandManager
const git = null as unknown as IGitCommandManager
try {
await refHelper.getCheckoutInfo(git, 'refs/heads/my/branch', commit)
throw new Error('Should not reach here')

View File

@ -68,7 +68,7 @@ describe('retry-helper tests', () => {
it('all attempts fail succeeds', async () => {
let attempts = 0
let error: Error = (null as unknown) as Error
let error: Error = null as unknown as Error
try {
await retryHelper.execute(() => {
throw new Error(`some error ${++attempts}`)

View File

@ -18,6 +18,20 @@ else
exit 1
fi
# Verify that sparse-checkout is disabled.
SPARSE_CHECKOUT_ENABLED=$(git -C ./basic config --local --get-all core.sparseCheckout)
if [ "$SPARSE_CHECKOUT_ENABLED" != "" ]; then
echo "Expected sparse-checkout to be disabled (discovered: $SPARSE_CHECKOUT_ENABLED)"
exit 1
fi
# Verify git configuration shows worktreeConfig is effectively disabled
WORKTREE_CONFIG_ENABLED=$(git -C ./basic config --local --get-all extensions.worktreeConfig)
if [[ "$WORKTREE_CONFIG_ENABLED" != "" ]]; then
echo "Expected extensions.worktreeConfig (boolean) to be disabled in git config. This could be an artifact of sparse checkout functionality."
exit 1
fi
# Verify auth token
cd basic
git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main

View File

@ -45,6 +45,10 @@ inputs:
and `CheckHostIP=no` to the SSH command line. Use the input `ssh-known-hosts` to
configure additional hosts.
default: true
ssh-user:
description: >
The user to use when connecting to the remote SSH host. By default 'git' is used.
default: git
persist-credentials:
description: 'Whether to configure the token or SSH key with the local git config'
default: true

39232
dist/index.js vendored

File diff suppressed because one or more lines are too long

View File

@ -0,0 +1,12 @@
# Defines the test-ubuntu-git Container Image.
# Consumed by actions/checkout CI/CD validation workflows.
FROM ubuntu:latest
RUN apt update
RUN apt install -y git
LABEL org.opencontainers.image.title="Ubuntu + git (validation image)"
LABEL org.opencontainers.image.description="Ubuntu image with git pre-installed. Intended primarily for testing `actions/checkout` during CI/CD workflows."
LABEL org.opencontainers.image.documentation="https://github.com/actions/checkout/tree/main/images/test-ubuntu-git.md"
LABEL org.opencontainers.image.licenses=MIT

15
images/test-ubuntu-git.md Normal file
View File

@ -0,0 +1,15 @@
# `test-ubuntu-git` Container Image
[![Publish test-ubuntu-git Container](https://github.com/actions/checkout/actions/workflows/update-test-ubuntu-git.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/update-test-ubuntu-git.yml)
## Purpose
`test-ubuntu-git` is a container image hosted on the GitHub Container Registry, `ghcr.io`.
It is intended primarily for testing the [`actions/checkout` repository](https://github.com/actions/checkout) as part of `actions/checkout`'s CI/CD workflows.
The composition of `test-ubuntu-git` is intentionally minimal. It is comprised of [git](https://git-scm.com/) installed on top of a [base-level ubuntu image](https://hub.docker.com/_/ubuntu/tags).
# License
`test-ubuntu-git` is released under the [MIT License](/LICENSE).

View File

@ -1,5 +1,6 @@
module.exports = {
clearMocks: true,
fakeTimers: {},
moduleFileExtensions: ['js', 'ts'],
testEnvironment: 'node',
testMatch: ['**/*.test.ts'],

16044
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
{
"name": "checkout",
"version": "4.1.0",
"version": "4.1.4",
"description": "checkout action",
"main": "lib/main.js",
"scripts": {
@ -28,28 +28,28 @@
},
"homepage": "https://github.com/actions/checkout#readme",
"dependencies": {
"@actions/core": "^1.10.0",
"@actions/exec": "^1.0.1",
"@actions/github": "^5.0.0",
"@actions/core": "^1.10.1",
"@actions/exec": "^1.1.1",
"@actions/github": "^6.0.0",
"@actions/io": "^1.1.3",
"@actions/tool-cache": "^1.1.2",
"uuid": "^3.3.3"
"@actions/tool-cache": "^2.0.1",
"uuid": "^9.0.1"
},
"devDependencies": {
"@types/jest": "^27.0.2",
"@types/node": "^20.5.3",
"@types/uuid": "^3.4.6",
"@typescript-eslint/eslint-plugin": "^5.45.0",
"@typescript-eslint/parser": "^5.45.0",
"@vercel/ncc": "^0.36.1",
"eslint": "^7.32.0",
"eslint-plugin-github": "^4.3.2",
"eslint-plugin-jest": "^25.7.0",
"jest": "^27.3.0",
"jest-circus": "^27.3.0",
"js-yaml": "^3.13.1",
"prettier": "^1.19.1",
"ts-jest": "^27.0.7",
"typescript": "^4.4.4"
"@types/jest": "^29.5.12",
"@types/node": "^20.12.7",
"@types/uuid": "^9.0.8",
"@typescript-eslint/eslint-plugin": "^7.7.1",
"@typescript-eslint/parser": "^7.7.1",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"eslint-plugin-github": "^4.10.2",
"eslint-plugin-jest": "^28.2.0",
"jest": "^29.7.0",
"jest-circus": "^29.7.0",
"js-yaml": "^4.1.0",
"prettier": "^3.2.5",
"ts-jest": "^29.1.2",
"typescript": "^5.4.5"
}
}
}

View File

@ -18,8 +18,9 @@ export function directoryExistsSync(path: string, required?: boolean): boolean {
}
throw new Error(
`Encountered an error when checking whether path '${path}' exists: ${(error as any)
?.message ?? error}`
`Encountered an error when checking whether path '${path}' exists: ${
(error as any)?.message ?? error
}`
)
}
@ -45,8 +46,9 @@ export function existsSync(path: string): boolean {
}
throw new Error(
`Encountered an error when checking whether path '${path}' exists: ${(error as any)
?.message ?? error}`
`Encountered an error when checking whether path '${path}' exists: ${
(error as any)?.message ?? error
}`
)
}
@ -67,8 +69,9 @@ export function fileExistsSync(path: string): boolean {
}
throw new Error(
`Encountered an error when checking whether path '${path}' exists: ${(error as any)
?.message ?? error}`
`Encountered an error when checking whether path '${path}' exists: ${
(error as any)?.message ?? error
}`
)
}

View File

@ -8,7 +8,7 @@ import * as path from 'path'
import * as regexpHelper from './regexp-helper'
import * as stateHelper from './state-helper'
import * as urlHelper from './url-helper'
import {default as uuid} from 'uuid/v4'
import {v4 as uuid} from 'uuid'
import {IGitCommandManager} from './git-command-manager'
import {IGitSourceSettings} from './git-source-settings'
@ -49,7 +49,7 @@ class GitAuthHelper {
gitSourceSettings: IGitSourceSettings | undefined
) {
this.git = gitCommandManager
this.settings = gitSourceSettings || (({} as unknown) as IGitSourceSettings)
this.settings = gitSourceSettings || ({} as unknown as IGitSourceSettings)
// Token auth header
const serverUrl = urlHelper.getServerUrl(this.settings.githubServerUrl)

View File

@ -11,12 +11,15 @@ import {GitVersion} from './git-version'
// Auth header not supported before 2.9
// Wire protocol v2 not supported before 2.18
// sparse-checkout not [well-]supported before 2.28 (see https://github.com/actions/checkout/issues/1386)
export const MinimumGitVersion = new GitVersion('2.18')
export const MinimumGitSparseCheckoutVersion = new GitVersion('2.28')
export interface IGitCommandManager {
branchDelete(remote: boolean, branch: string): Promise<void>
branchExists(remote: boolean, pattern: string): Promise<boolean>
branchList(remote: boolean): Promise<string[]>
disableSparseCheckout(): Promise<void>
sparseCheckout(sparseCheckout: string[]): Promise<void>
sparseCheckoutNonConeMode(sparseCheckout: string[]): Promise<void>
checkout(ref: string, startPoint: string): Promise<void>
@ -59,6 +62,7 @@ export interface IGitCommandManager {
tryDisableAutomaticGarbageCollection(): Promise<boolean>
tryGetFetchUrl(): Promise<string>
tryReset(): Promise<boolean>
version(): Promise<GitVersion>
}
export async function createCommandManager(
@ -82,6 +86,7 @@ class GitCommandManager {
private lfs = false
private doSparseCheckout = false
private workingDirectory = ''
private gitVersion: GitVersion = new GitVersion()
// Private constructor; use createCommandManager()
private constructor() {}
@ -171,6 +176,12 @@ class GitCommandManager {
return result
}
async disableSparseCheckout(): Promise<void> {
await this.execGit(['sparse-checkout', 'disable'])
// Disabling 'sparse-checkout` leaves behind an undesirable side-effect in config (even in a pristine environment).
await this.tryConfigUnset('extensions.worktreeConfig', false)
}
async sparseCheckout(sparseCheckout: string[]): Promise<void> {
await this.execGit(['sparse-checkout', 'set', ...sparseCheckout])
}
@ -475,6 +486,10 @@ class GitCommandManager {
return output.exitCode === 0
}
async version(): Promise<GitVersion> {
return this.gitVersion
}
static async createCommandManager(
workingDirectory: string,
lfs: boolean,
@ -551,23 +566,23 @@ class GitCommandManager {
// Git version
core.debug('Getting git version')
let gitVersion = new GitVersion()
this.gitVersion = new GitVersion()
let gitOutput = await this.execGit(['version'])
let stdout = gitOutput.stdout.trim()
if (!stdout.includes('\n')) {
const match = stdout.match(/\d+\.\d+(\.\d+)?/)
if (match) {
gitVersion = new GitVersion(match[0])
this.gitVersion = new GitVersion(match[0])
}
}
if (!gitVersion.isValid()) {
if (!this.gitVersion.isValid()) {
throw new Error('Unable to determine git version')
}
// Minimum git version
if (!gitVersion.checkMinimum(MinimumGitVersion)) {
if (!this.gitVersion.checkMinimum(MinimumGitVersion)) {
throw new Error(
`Minimum required git version is ${MinimumGitVersion}. Your git ('${this.gitPath}') is ${gitVersion}`
`Minimum required git version is ${MinimumGitVersion}. Your git ('${this.gitPath}') is ${this.gitVersion}`
)
}
@ -601,16 +616,14 @@ class GitCommandManager {
this.doSparseCheckout = doSparseCheckout
if (this.doSparseCheckout) {
// The `git sparse-checkout` command was introduced in Git v2.25.0
const minimumGitSparseCheckoutVersion = new GitVersion('2.25')
if (!gitVersion.checkMinimum(minimumGitSparseCheckoutVersion)) {
if (!this.gitVersion.checkMinimum(MinimumGitSparseCheckoutVersion)) {
throw new Error(
`Minimum Git version required for sparse checkout is ${minimumGitSparseCheckoutVersion}. Your git ('${this.gitPath}') is ${gitVersion}`
`Minimum Git version required for sparse checkout is ${MinimumGitSparseCheckoutVersion}. Your git ('${this.gitPath}') is ${this.gitVersion}`
)
}
}
// Set the user agent
const gitHttpUserAgent = `git/${gitVersion} (github-actions-checkout)`
const gitHttpUserAgent = `git/${this.gitVersion} (github-actions-checkout)`
core.debug(`Set git useragent to: ${gitHttpUserAgent}`)
this.gitEnv['GIT_HTTP_USER_AGENT'] = gitHttpUserAgent
}

View File

@ -9,7 +9,10 @@ import * as path from 'path'
import * as refHelper from './ref-helper'
import * as stateHelper from './state-helper'
import * as urlHelper from './url-helper'
import {IGitCommandManager} from './git-command-manager'
import {
MinimumGitSparseCheckoutVersion,
IGitCommandManager
} from './git-command-manager'
import {IGitSourceSettings} from './git-source-settings'
export async function getSource(settings: IGitSourceSettings): Promise<void> {
@ -208,7 +211,13 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
}
// Sparse checkout
if (settings.sparseCheckout) {
if (!settings.sparseCheckout) {
let gitVersion = await git.version()
// no need to disable sparse-checkout if the installed git runtime doesn't even support it.
if (gitVersion.checkMinimum(MinimumGitSparseCheckoutVersion)) {
await git.disableSparseCheckout()
}
} else {
core.startGroup('Setting up sparse checkout')
if (settings.sparseCheckoutConeMode) {
await git.sparseCheckout(settings.sparseCheckout)

View File

@ -94,6 +94,11 @@ export interface IGitSourceSettings {
*/
sshStrict: boolean
/**
* The SSH user to login as
*/
sshUser: string
/**
* Indicates whether to persist the credentials on disk to enable scripting authenticated git commands
*/

View File

@ -6,7 +6,7 @@ import * as io from '@actions/io'
import * as path from 'path'
import * as retryHelper from './retry-helper'
import * as toolCache from '@actions/tool-cache'
import {default as uuid} from 'uuid/v4'
import {v4 as uuid} from 'uuid'
import {getServerApiUrl} from './url-helper'
const IS_WINDOWS = process.platform === 'win32'

View File

@ -6,7 +6,7 @@ import * as workflowContextHelper from './workflow-context-helper'
import {IGitSourceSettings} from './git-source-settings'
export async function getInputs(): Promise<IGitSourceSettings> {
const result = ({} as unknown) as IGitSourceSettings
const result = {} as unknown as IGitSourceSettings
// GitHub workspace
let githubWorkspacePath = process.env['GITHUB_WORKSPACE']
@ -143,13 +143,15 @@ export async function getInputs(): Promise<IGitSourceSettings> {
result.sshKnownHosts = core.getInput('ssh-known-hosts')
result.sshStrict =
(core.getInput('ssh-strict') || 'true').toUpperCase() === 'TRUE'
result.sshUser = core.getInput('ssh-user')
// Persist credentials
result.persistCredentials =
(core.getInput('persist-credentials') || 'false').toUpperCase() === 'TRUE'
// Workflow organization ID
result.workflowOrganizationId = await workflowContextHelper.getOrganizationId()
result.workflowOrganizationId =
await workflowContextHelper.getOrganizationId()
// Set safe.directory in git global config.
result.setSafeDirectory =

View File

@ -20,7 +20,7 @@ function updateUsage(
}
// Load the action.yml
const actionYaml = yaml.safeLoad(fs.readFileSync(actionYamlPath).toString())
const actionYaml = yaml.load(fs.readFileSync(actionYamlPath).toString())
// Load the README
const originalReadme = fs.readFileSync(readmePath).toString()

View File

@ -23,7 +23,7 @@ export async function getCheckoutInfo(
throw new Error('Args ref and commit cannot both be empty')
}
const result = ({} as unknown) as ICheckoutInfo
const result = {} as unknown as ICheckoutInfo
const upperRef = (ref || '').toUpperCase()
// SHA only

View File

@ -12,7 +12,8 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
const encodedOwner = encodeURIComponent(settings.repositoryOwner)
const encodedName = encodeURIComponent(settings.repositoryName)
if (settings.sshKey) {
return `git@${serviceUrl.hostname}:${encodedOwner}/${encodedName}.git`
const user = settings.sshUser.length > 0 ? settings.sshUser : 'git'
return `${user}@${serviceUrl.hostname}:${encodedOwner}/${encodedName}.git`
}
// "origin" is SCHEME://HOSTNAME[:PORT]

View File

@ -23,8 +23,9 @@ export async function getOrganizationId(): Promise<number | undefined> {
return id as number
} catch (err) {
core.debug(
`Unable to load organization ID from GITHUB_EVENT_PATH: ${(err as any)
.message || err}`
`Unable to load organization ID from GITHUB_EVENT_PATH: ${
(err as any).message || err
}`
)
}
}