Compare commits
10 Commits
230611dbd0
...
438eb4a8db
Author | SHA1 | Date | |
---|---|---|---|
438eb4a8db | |||
|
2541b1294d | ||
|
0ffe6f9c55 | ||
|
dcd71f6466 | ||
|
add3486cc3 | ||
|
5126516654 | ||
|
d50f8ea767 | ||
|
2d1c1198e7 | ||
|
a12a3943b4 | ||
|
8f9e05e482 |
6
.github/workflows/check-dist.yml
vendored
6
.github/workflows/check-dist.yml
vendored
|
@ -22,12 +22,12 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Set Node.js 12.x
|
||||
- name: Set Node.js 16.x
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: 12.x
|
||||
node-version: 16.x
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
|
2
.github/workflows/codeql-analysis.yml
vendored
2
.github/workflows/codeql-analysis.yml
vendored
|
@ -39,7 +39,7 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v1
|
||||
|
|
2
.github/workflows/licensed.yml
vendored
2
.github/workflows/licensed.yml
vendored
|
@ -9,6 +9,6 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
name: Check licenses
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
- run: npm ci
|
||||
- run: npm run licensed-check
|
48
.github/workflows/test.yml
vendored
48
.github/workflows/test.yml
vendored
|
@ -13,8 +13,8 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: 12.x
|
||||
- uses: actions/checkout@v2
|
||||
node-version: 16.x
|
||||
- uses: actions/checkout@v3
|
||||
- run: npm ci
|
||||
- run: npm run build
|
||||
- run: npm run format-check
|
||||
|
@ -32,7 +32,7 @@ jobs:
|
|||
steps:
|
||||
# Clone this repo
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Basic checkout
|
||||
- name: Checkout basic
|
||||
|
@ -150,7 +150,7 @@ jobs:
|
|||
steps:
|
||||
# Clone this repo
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Basic checkout using git
|
||||
- name: Checkout basic
|
||||
|
@ -182,7 +182,7 @@ jobs:
|
|||
steps:
|
||||
# Clone this repo
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# Basic checkout using git
|
||||
- name: Checkout basic
|
||||
|
@ -205,3 +205,41 @@ jobs:
|
|||
path: basic
|
||||
- name: Verify basic
|
||||
run: __test__/verify-basic.sh --archive
|
||||
|
||||
test-git-container:
|
||||
runs-on: ubuntu-latest
|
||||
container: bitnami/git:latest
|
||||
steps:
|
||||
# Clone this repo
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: v3
|
||||
|
||||
# Basic checkout using git
|
||||
- name: Checkout basic
|
||||
uses: ./v3
|
||||
with:
|
||||
ref: test-data/v2/basic
|
||||
- name: Verify basic
|
||||
run: |
|
||||
if [ ! -f "./basic-file.txt" ]; then
|
||||
echo "Expected basic file does not exist"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Verify .git folder
|
||||
if [ ! -d "./.git" ]; then
|
||||
echo "Expected ./.git folder to exist"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Verify auth token
|
||||
git config --global --add safe.directory "*"
|
||||
git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
|
||||
|
||||
# needed to make checkout post cleanup succeed
|
||||
- name: Fix Checkout v3
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: v3
|
BIN
.licenses/npm/node-fetch.dep.yml
generated
BIN
.licenses/npm/node-fetch.dep.yml
generated
Binary file not shown.
12
CHANGELOG.md
12
CHANGELOG.md
|
@ -1,10 +1,20 @@
|
|||
# Changelog
|
||||
|
||||
## v3.0.2
|
||||
- [Add input `set-safe-directory`](https://github.com/actions/checkout/pull/770)
|
||||
|
||||
## v3.0.1
|
||||
- [Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory`](https://github.com/actions/checkout/pull/762)
|
||||
- [Bumped various npm package versions](https://github.com/actions/checkout/pull/744)
|
||||
|
||||
## v3.0.0
|
||||
|
||||
- [Update to node 16](https://github.com/actions/checkout/pull/689)
|
||||
|
||||
## v2.3.1
|
||||
|
||||
- [Fix default branch resolution for .wiki and when using SSH](https://github.com/actions/checkout/pull/284)
|
||||
|
||||
|
||||
## v2.3.0
|
||||
|
||||
- [Fallback to the default branch](https://github.com/actions/checkout/pull/278)
|
||||
|
|
50
README.md
50
README.md
|
@ -2,7 +2,7 @@
|
|||
<a href="https://github.com/actions/checkout"><img alt="GitHub Actions status" src="https://github.com/actions/checkout/workflows/test-local/badge.svg"></a>
|
||||
</p>
|
||||
|
||||
# Checkout V2
|
||||
# Checkout V3
|
||||
|
||||
This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
|
||||
|
||||
|
@ -14,27 +14,14 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
|
|||
|
||||
# What's new
|
||||
|
||||
- Improved performance
|
||||
- Fetches only a single commit by default
|
||||
- Script authenticated git commands
|
||||
- Auth token persisted in the local git config
|
||||
- Supports SSH
|
||||
- Creates a local branch
|
||||
- No longer detached HEAD when checking out a branch
|
||||
- Improved layout
|
||||
- The input `path` is always relative to $GITHUB_WORKSPACE
|
||||
- Aligns better with container actions, where $GITHUB_WORKSPACE gets mapped in
|
||||
- Fallback to REST API download
|
||||
- When Git 2.18 or higher is not in the PATH, the REST API will be used to download the files
|
||||
- When using a job container, the container's PATH is used
|
||||
|
||||
Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous versions.
|
||||
- Updated to the node16 runtime by default
|
||||
- This requires a minimum [Actions Runner](https://github.com/actions/runner/releases/tag/v2.285.0) version of v2.285.0 to run, which is by default available in GHES 3.4 or later.
|
||||
|
||||
# Usage
|
||||
|
||||
<!-- start usage -->
|
||||
```yaml
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
# Repository name with owner. For example, actions/checkout
|
||||
# Default: ${{ github.repository }}
|
||||
|
@ -105,6 +92,11 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
#
|
||||
# Default: false
|
||||
submodules: ''
|
||||
|
||||
# Add repository path as safe.directory for Git global config by running `git
|
||||
# config --global --add safe.directory <path>`
|
||||
# Default: true
|
||||
set-safe-directory: ''
|
||||
```
|
||||
<!-- end usage -->
|
||||
|
||||
|
@ -123,7 +115,7 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
## Fetch all history for all tags and branches
|
||||
|
||||
```yaml
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
```
|
||||
|
@ -131,7 +123,7 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
## Checkout a different branch
|
||||
|
||||
```yaml
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
ref: my-branch
|
||||
```
|
||||
|
@ -139,7 +131,7 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
## Checkout HEAD^
|
||||
|
||||
```yaml
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 2
|
||||
- run: git checkout HEAD^
|
||||
|
@ -149,12 +141,12 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
|
||||
```yaml
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: main
|
||||
|
||||
- name: Checkout tools repo
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
repository: my-org/my-tools
|
||||
path: my-tools
|
||||
|
@ -164,10 +156,10 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
|
||||
```yaml
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Checkout tools repo
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
repository: my-org/my-tools
|
||||
path: my-tools
|
||||
|
@ -177,12 +169,12 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
|
||||
```yaml
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: main
|
||||
|
||||
- name: Checkout private tools
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
repository: my-org/my-private-tools
|
||||
token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
|
||||
|
@ -195,7 +187,7 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous
|
|||
## Checkout pull request HEAD commit instead of merge commit
|
||||
|
||||
```yaml
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
```
|
||||
|
@ -211,7 +203,7 @@ jobs:
|
|||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
```
|
||||
|
||||
## Push a commit using the built-in token
|
||||
|
@ -222,7 +214,7 @@ jobs:
|
|||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
- run: |
|
||||
date > generated.txt
|
||||
git config user.name github-actions
|
||||
|
|
|
@ -643,10 +643,11 @@ describe('git-auth-helper tests', () => {
|
|||
expect(gitConfigContent.indexOf('http.')).toBeLessThan(0)
|
||||
})
|
||||
|
||||
const removeGlobalAuth_removesOverride = 'removeGlobalAuth removes override'
|
||||
it(removeGlobalAuth_removesOverride, async () => {
|
||||
const removeGlobalConfig_removesOverride =
|
||||
'removeGlobalConfig removes override'
|
||||
it(removeGlobalConfig_removesOverride, async () => {
|
||||
// Arrange
|
||||
await setup(removeGlobalAuth_removesOverride)
|
||||
await setup(removeGlobalConfig_removesOverride)
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
await authHelper.configureGlobalAuth()
|
||||
|
@ -655,7 +656,7 @@ describe('git-auth-helper tests', () => {
|
|||
await fs.promises.stat(path.join(git.env['HOME'], '.gitconfig'))
|
||||
|
||||
// Act
|
||||
await authHelper.removeGlobalAuth()
|
||||
await authHelper.removeGlobalConfig()
|
||||
|
||||
// Assert
|
||||
expect(git.env['HOME']).toBeUndefined()
|
||||
|
@ -776,7 +777,8 @@ async function setup(testName: string): Promise<void> {
|
|||
sshKey: sshPath ? 'some ssh private key' : '',
|
||||
sshKnownHosts: '',
|
||||
sshStrict: true,
|
||||
workflowOrganizationId: 123456
|
||||
workflowOrganizationId: 123456,
|
||||
setSafeDirectory: true
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -85,6 +85,7 @@ describe('input-helper tests', () => {
|
|||
expect(settings.repositoryName).toBe('some-repo')
|
||||
expect(settings.repositoryOwner).toBe('some-owner')
|
||||
expect(settings.repositoryPath).toBe(gitHubWorkspace)
|
||||
expect(settings.setSafeDirectory).toBe(true)
|
||||
})
|
||||
|
||||
it('qualifies ref', async () => {
|
||||
|
|
|
@ -68,7 +68,10 @@ inputs:
|
|||
When the `ssh-key` input is not provided, SSH URLs beginning with `git@github.com:` are
|
||||
converted to HTTPS.
|
||||
default: false
|
||||
set-safe-directory:
|
||||
description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>`
|
||||
default: true
|
||||
runs:
|
||||
using: node12
|
||||
using: node16
|
||||
main: dist/index.js
|
||||
post: dist/index.js
|
||||
|
|
122
dist/index.js
vendored
122
dist/index.js
vendored
|
@ -3592,7 +3592,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|||
return result;
|
||||
};
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
exports.setSshKnownHostsPath = exports.setSshKeyPath = exports.setRepositoryPath = exports.SshKnownHostsPath = exports.SshKeyPath = exports.RepositoryPath = exports.IsPost = void 0;
|
||||
exports.setSafeDirectory = exports.setSshKnownHostsPath = exports.setSshKeyPath = exports.setRepositoryPath = exports.SshKnownHostsPath = exports.SshKeyPath = exports.PostSetSafeDirectory = exports.RepositoryPath = exports.IsPost = void 0;
|
||||
const coreCommand = __importStar(__webpack_require__(431));
|
||||
/**
|
||||
* Indicates whether the POST action is running
|
||||
|
@ -3602,6 +3602,10 @@ exports.IsPost = !!process.env['STATE_isPost'];
|
|||
* The repository path for the POST action. The value is empty during the MAIN action.
|
||||
*/
|
||||
exports.RepositoryPath = process.env['STATE_repositoryPath'] || '';
|
||||
/**
|
||||
* The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action.
|
||||
*/
|
||||
exports.PostSetSafeDirectory = process.env['STATE_setSafeDirectory'] === 'true';
|
||||
/**
|
||||
* The SSH key path for the POST action. The value is empty during the MAIN action.
|
||||
*/
|
||||
|
@ -3631,6 +3635,13 @@ function setSshKnownHostsPath(sshKnownHostsPath) {
|
|||
coreCommand.issueCommand('save-state', { name: 'sshKnownHostsPath' }, sshKnownHostsPath);
|
||||
}
|
||||
exports.setSshKnownHostsPath = setSshKnownHostsPath;
|
||||
/**
|
||||
* Save the sef-safe-directory input so the POST action can retrieve the value.
|
||||
*/
|
||||
function setSafeDirectory() {
|
||||
coreCommand.issueCommand('save-state', { name: 'setSafeDirectory' }, 'true');
|
||||
}
|
||||
exports.setSafeDirectory = setSafeDirectory;
|
||||
// Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic.
|
||||
// This is necessary since we don't have a separate entry point.
|
||||
if (!exports.IsPost) {
|
||||
|
@ -4229,7 +4240,7 @@ module.exports = require("punycode");
|
|||
/***/ 215:
|
||||
/***/ (function(module) {
|
||||
|
||||
module.exports = {"name":"@octokit/rest","version":"16.43.1","publishConfig":{"access":"public"},"description":"GitHub REST API client for Node.js","keywords":["octokit","github","rest","api-client"],"author":"Gregor Martynus (https://github.com/gr2m)","contributors":[{"name":"Mike de Boer","email":"info@mikedeboer.nl"},{"name":"Fabian Jakobs","email":"fabian@c9.io"},{"name":"Joe Gallo","email":"joe@brassafrax.com"},{"name":"Gregor Martynus","url":"https://github.com/gr2m"}],"repository":"https://github.com/octokit/rest.js","dependencies":{"@octokit/auth-token":"^2.4.0","@octokit/plugin-paginate-rest":"^1.1.1","@octokit/plugin-request-log":"^1.0.0","@octokit/plugin-rest-endpoint-methods":"2.4.0","@octokit/request":"^5.2.0","@octokit/request-error":"^1.0.2","atob-lite":"^2.0.0","before-after-hook":"^2.0.0","btoa-lite":"^1.0.0","deprecation":"^2.0.0","lodash.get":"^4.4.2","lodash.set":"^4.3.2","lodash.uniq":"^4.5.0","octokit-pagination-methods":"^1.1.0","once":"^1.4.0","universal-user-agent":"^4.0.0"},"devDependencies":{"@gimenete/type-writer":"^0.1.3","@octokit/auth":"^1.1.1","@octokit/fixtures-server":"^5.0.6","@octokit/graphql":"^4.2.0","@types/node":"^13.1.0","bundlesize":"^0.18.0","chai":"^4.1.2","compression-webpack-plugin":"^3.1.0","cypress":"^3.0.0","glob":"^7.1.2","http-proxy-agent":"^4.0.0","lodash.camelcase":"^4.3.0","lodash.merge":"^4.6.1","lodash.upperfirst":"^4.3.1","lolex":"^5.1.2","mkdirp":"^1.0.0","mocha":"^7.0.1","mustache":"^4.0.0","nock":"^11.3.3","npm-run-all":"^4.1.2","nyc":"^15.0.0","prettier":"^1.14.2","proxy":"^1.0.0","semantic-release":"^17.0.0","sinon":"^8.0.0","sinon-chai":"^3.0.0","sort-keys":"^4.0.0","string-to-arraybuffer":"^1.0.0","string-to-jsdoc-comment":"^1.0.0","typescript":"^3.3.1","webpack":"^4.0.0","webpack-bundle-analyzer":"^3.0.0","webpack-cli":"^3.0.0"},"types":"index.d.ts","scripts":{"coverage":"nyc report --reporter=html && open coverage/index.html","lint":"prettier --check '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","lint:fix":"prettier --write '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","pretest":"npm run -s lint","test":"nyc mocha test/mocha-node-setup.js \"test/*/**/*-test.js\"","test:browser":"cypress run --browser chrome","build":"npm-run-all build:*","build:ts":"npm run -s update-endpoints:typescript","prebuild:browser":"mkdirp dist/","build:browser":"npm-run-all build:browser:*","build:browser:development":"webpack --mode development --entry . --output-library=Octokit --output=./dist/octokit-rest.js --profile --json > dist/bundle-stats.json","build:browser:production":"webpack --mode production --entry . --plugin=compression-webpack-plugin --output-library=Octokit --output-path=./dist --output-filename=octokit-rest.min.js --devtool source-map","generate-bundle-report":"webpack-bundle-analyzer dist/bundle-stats.json --mode=static --no-open --report dist/bundle-report.html","update-endpoints":"npm-run-all update-endpoints:*","update-endpoints:fetch-json":"node scripts/update-endpoints/fetch-json","update-endpoints:typescript":"node scripts/update-endpoints/typescript","prevalidate:ts":"npm run -s build:ts","validate:ts":"tsc --target es6 --noImplicitAny index.d.ts","postvalidate:ts":"tsc --noEmit --target es6 test/typescript-validate.ts","start-fixtures-server":"octokit-fixtures-server"},"license":"MIT","files":["index.js","index.d.ts","lib","plugins"],"nyc":{"ignore":["test"]},"release":{"publish":["@semantic-release/npm",{"path":"@semantic-release/github","assets":["dist/*","!dist/*.map.gz"]}]},"bundlesize":[{"path":"./dist/octokit-rest.min.js.gz","maxSize":"33 kB"}],"_resolved":"https://registry.npmjs.org/@octokit/rest/-/rest-16.43.1.tgz","_integrity":"sha512-gfFKwRT/wFxq5qlNjnW2dh+qh74XgTQ2B179UX5K1HYCluioWj8Ndbgqw2PVqa1NnVJkGHp2ovMpVn/DImlmkw==","_from":"@octokit/rest@16.43.1"};
|
||||
module.exports = {"name":"@octokit/rest","version":"16.43.1","publishConfig":{"access":"public"},"description":"GitHub REST API client for Node.js","keywords":["octokit","github","rest","api-client"],"author":"Gregor Martynus (https://github.com/gr2m)","contributors":[{"name":"Mike de Boer","email":"info@mikedeboer.nl"},{"name":"Fabian Jakobs","email":"fabian@c9.io"},{"name":"Joe Gallo","email":"joe@brassafrax.com"},{"name":"Gregor Martynus","url":"https://github.com/gr2m"}],"repository":"https://github.com/octokit/rest.js","dependencies":{"@octokit/auth-token":"^2.4.0","@octokit/plugin-paginate-rest":"^1.1.1","@octokit/plugin-request-log":"^1.0.0","@octokit/plugin-rest-endpoint-methods":"2.4.0","@octokit/request":"^5.2.0","@octokit/request-error":"^1.0.2","atob-lite":"^2.0.0","before-after-hook":"^2.0.0","btoa-lite":"^1.0.0","deprecation":"^2.0.0","lodash.get":"^4.4.2","lodash.set":"^4.3.2","lodash.uniq":"^4.5.0","octokit-pagination-methods":"^1.1.0","once":"^1.4.0","universal-user-agent":"^4.0.0"},"devDependencies":{"@gimenete/type-writer":"^0.1.3","@octokit/auth":"^1.1.1","@octokit/fixtures-server":"^5.0.6","@octokit/graphql":"^4.2.0","@types/node":"^13.1.0","bundlesize":"^0.18.0","chai":"^4.1.2","compression-webpack-plugin":"^3.1.0","cypress":"^3.0.0","glob":"^7.1.2","http-proxy-agent":"^4.0.0","lodash.camelcase":"^4.3.0","lodash.merge":"^4.6.1","lodash.upperfirst":"^4.3.1","lolex":"^5.1.2","mkdirp":"^1.0.0","mocha":"^7.0.1","mustache":"^4.0.0","nock":"^11.3.3","npm-run-all":"^4.1.2","nyc":"^15.0.0","prettier":"^1.14.2","proxy":"^1.0.0","semantic-release":"^17.0.0","sinon":"^8.0.0","sinon-chai":"^3.0.0","sort-keys":"^4.0.0","string-to-arraybuffer":"^1.0.0","string-to-jsdoc-comment":"^1.0.0","typescript":"^3.3.1","webpack":"^4.0.0","webpack-bundle-analyzer":"^3.0.0","webpack-cli":"^3.0.0"},"types":"index.d.ts","scripts":{"coverage":"nyc report --reporter=html && open coverage/index.html","lint":"prettier --check '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","lint:fix":"prettier --write '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","pretest":"npm run -s lint","test":"nyc mocha test/mocha-node-setup.js \"test/*/**/*-test.js\"","test:browser":"cypress run --browser chrome","build":"npm-run-all build:*","build:ts":"npm run -s update-endpoints:typescript","prebuild:browser":"mkdirp dist/","build:browser":"npm-run-all build:browser:*","build:browser:development":"webpack --mode development --entry . --output-library=Octokit --output=./dist/octokit-rest.js --profile --json > dist/bundle-stats.json","build:browser:production":"webpack --mode production --entry . --plugin=compression-webpack-plugin --output-library=Octokit --output-path=./dist --output-filename=octokit-rest.min.js --devtool source-map","generate-bundle-report":"webpack-bundle-analyzer dist/bundle-stats.json --mode=static --no-open --report dist/bundle-report.html","update-endpoints":"npm-run-all update-endpoints:*","update-endpoints:fetch-json":"node scripts/update-endpoints/fetch-json","update-endpoints:typescript":"node scripts/update-endpoints/typescript","prevalidate:ts":"npm run -s build:ts","validate:ts":"tsc --target es6 --noImplicitAny index.d.ts","postvalidate:ts":"tsc --noEmit --target es6 test/typescript-validate.ts","start-fixtures-server":"octokit-fixtures-server"},"license":"MIT","files":["index.js","index.d.ts","lib","plugins"],"nyc":{"ignore":["test"]},"release":{"publish":["@semantic-release/npm",{"path":"@semantic-release/github","assets":["dist/*","!dist/*.map.gz"]}]},"bundlesize":[{"path":"./dist/octokit-rest.min.js.gz","maxSize":"33 kB"}]};
|
||||
|
||||
/***/ }),
|
||||
|
||||
|
@ -6572,9 +6583,13 @@ class GitAuthHelper {
|
|||
yield this.configureToken();
|
||||
});
|
||||
}
|
||||
configureGlobalAuth() {
|
||||
var _a;
|
||||
configureTempGlobalConfig() {
|
||||
var _a, _b;
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
// Already setup global config
|
||||
if (((_a = this.temporaryHomePath) === null || _a === void 0 ? void 0 : _a.length) > 0) {
|
||||
return path.join(this.temporaryHomePath, '.gitconfig');
|
||||
}
|
||||
// Create a temp home directory
|
||||
const runnerTemp = process.env['RUNNER_TEMP'] || '';
|
||||
assert.ok(runnerTemp, 'RUNNER_TEMP is not defined');
|
||||
|
@ -6590,7 +6605,7 @@ class GitAuthHelper {
|
|||
configExists = true;
|
||||
}
|
||||
catch (err) {
|
||||
if (((_a = err) === null || _a === void 0 ? void 0 : _a.code) !== 'ENOENT') {
|
||||
if (((_b = err) === null || _b === void 0 ? void 0 : _b.code) !== 'ENOENT') {
|
||||
throw err;
|
||||
}
|
||||
}
|
||||
|
@ -6601,10 +6616,17 @@ class GitAuthHelper {
|
|||
else {
|
||||
yield fs.promises.writeFile(newGitConfigPath, '');
|
||||
}
|
||||
try {
|
||||
// Override HOME
|
||||
core.info(`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`);
|
||||
this.git.setEnvironmentVariable('HOME', this.temporaryHomePath);
|
||||
return newGitConfigPath;
|
||||
});
|
||||
}
|
||||
configureGlobalAuth() {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
// 'configureTempGlobalConfig' noops if already set, just returns the path
|
||||
const newGitConfigPath = yield this.configureTempGlobalConfig();
|
||||
try {
|
||||
// Configure the token
|
||||
yield this.configureToken(newGitConfigPath, true);
|
||||
// Configure HTTPS instead of SSH
|
||||
|
@ -6657,11 +6679,14 @@ class GitAuthHelper {
|
|||
yield this.removeToken();
|
||||
});
|
||||
}
|
||||
removeGlobalAuth() {
|
||||
removeGlobalConfig() {
|
||||
var _a;
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
if (((_a = this.temporaryHomePath) === null || _a === void 0 ? void 0 : _a.length) > 0) {
|
||||
core.debug(`Unsetting HOME override`);
|
||||
this.git.removeEnvironmentVariable('HOME');
|
||||
yield io.rmRF(this.temporaryHomePath);
|
||||
}
|
||||
});
|
||||
}
|
||||
configureSsh() {
|
||||
|
@ -7326,6 +7351,23 @@ function getSource(settings) {
|
|||
core.startGroup('Getting Git version info');
|
||||
const git = yield getGitCommandManager(settings);
|
||||
core.endGroup();
|
||||
let authHelper = null;
|
||||
try {
|
||||
if (git) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings);
|
||||
if (settings.setSafeDirectory) {
|
||||
// Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail
|
||||
// Otherwise all git commands we run in a container fail
|
||||
yield authHelper.configureTempGlobalConfig();
|
||||
core.info(`Adding repository directory to the temporary git global config as a safe directory`);
|
||||
yield git
|
||||
.config('safe.directory', settings.repositoryPath, true, true)
|
||||
.catch(error => {
|
||||
core.info(`Failed to initialize safe directory with error: ${error}`);
|
||||
});
|
||||
stateHelper.setSafeDirectory();
|
||||
}
|
||||
}
|
||||
// Prepare existing directory, otherwise recreate
|
||||
if (isExisting) {
|
||||
yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref);
|
||||
|
@ -7358,8 +7400,10 @@ function getSource(settings) {
|
|||
core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`);
|
||||
}
|
||||
core.endGroup();
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings);
|
||||
try {
|
||||
// If we didn't initialize it above, do it now
|
||||
if (!authHelper) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings);
|
||||
}
|
||||
// Configure auth
|
||||
core.startGroup('Setting up auth');
|
||||
yield authHelper.configureAuth();
|
||||
|
@ -7415,7 +7459,6 @@ function getSource(settings) {
|
|||
core.endGroup();
|
||||
// Submodules
|
||||
if (settings.submodules) {
|
||||
try {
|
||||
// Temporarily override global config
|
||||
core.startGroup('Setting up auth for fetching submodules');
|
||||
yield authHelper.configureGlobalAuth();
|
||||
|
@ -7433,11 +7476,6 @@ function getSource(settings) {
|
|||
core.endGroup();
|
||||
}
|
||||
}
|
||||
finally {
|
||||
// Remove temporary global config override
|
||||
yield authHelper.removeGlobalAuth();
|
||||
}
|
||||
}
|
||||
// Get commit information
|
||||
const commitInfo = yield git.log1();
|
||||
// Log commit sha
|
||||
|
@ -7447,11 +7485,14 @@ function getSource(settings) {
|
|||
}
|
||||
finally {
|
||||
// Remove auth
|
||||
if (authHelper) {
|
||||
if (!settings.persistCredentials) {
|
||||
core.startGroup('Removing auth');
|
||||
yield authHelper.removeAuth();
|
||||
core.endGroup();
|
||||
}
|
||||
authHelper.removeGlobalConfig();
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
@ -7472,7 +7513,23 @@ function cleanup(repositoryPath) {
|
|||
}
|
||||
// Remove auth
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git);
|
||||
try {
|
||||
if (stateHelper.PostSetSafeDirectory) {
|
||||
// Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail
|
||||
// Otherwise all git commands we run in a container fail
|
||||
yield authHelper.configureTempGlobalConfig();
|
||||
core.info(`Adding repository directory to the temporary git global config as a safe directory`);
|
||||
yield git
|
||||
.config('safe.directory', repositoryPath, true, true)
|
||||
.catch(error => {
|
||||
core.info(`Failed to initialize safe directory with error: ${error}`);
|
||||
});
|
||||
}
|
||||
yield authHelper.removeAuth();
|
||||
}
|
||||
finally {
|
||||
yield authHelper.removeGlobalConfig();
|
||||
}
|
||||
});
|
||||
}
|
||||
exports.cleanup = cleanup;
|
||||
|
@ -10195,7 +10252,7 @@ Object.defineProperty(Response.prototype, Symbol.toStringTag, {
|
|||
});
|
||||
|
||||
const INTERNALS$2 = Symbol('Request internals');
|
||||
const URL = whatwgUrl.URL;
|
||||
const URL = Url.URL || whatwgUrl.URL;
|
||||
|
||||
// fix an issue where "format", "parse" aren't a named export for node <10
|
||||
const parse_url = Url.parse;
|
||||
|
@ -10458,9 +10515,17 @@ AbortError.prototype = Object.create(Error.prototype);
|
|||
AbortError.prototype.constructor = AbortError;
|
||||
AbortError.prototype.name = 'AbortError';
|
||||
|
||||
const URL$1 = Url.URL || whatwgUrl.URL;
|
||||
|
||||
// fix an issue where "PassThrough", "resolve" aren't a named export for node <10
|
||||
const PassThrough$1 = Stream.PassThrough;
|
||||
const resolve_url = Url.resolve;
|
||||
|
||||
const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) {
|
||||
const orig = new URL$1(original).hostname;
|
||||
const dest = new URL$1(destination).hostname;
|
||||
|
||||
return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest);
|
||||
};
|
||||
|
||||
/**
|
||||
* Fetch function
|
||||
|
@ -10548,7 +10613,19 @@ function fetch(url, opts) {
|
|||
const location = headers.get('Location');
|
||||
|
||||
// HTTP fetch step 5.3
|
||||
const locationURL = location === null ? null : resolve_url(request.url, location);
|
||||
let locationURL = null;
|
||||
try {
|
||||
locationURL = location === null ? null : new URL$1(location, request.url).toString();
|
||||
} catch (err) {
|
||||
// error here can only be invalid URL in Location: header
|
||||
// do not throw when options.redirect == manual
|
||||
// let the user extract the errorneous redirect URL
|
||||
if (request.redirect !== 'manual') {
|
||||
reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect'));
|
||||
finalize();
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// HTTP fetch step 5.5
|
||||
switch (request.redirect) {
|
||||
|
@ -10596,6 +10673,12 @@ function fetch(url, opts) {
|
|||
size: request.size
|
||||
};
|
||||
|
||||
if (!isDomainOrSubdomain(request.url, locationURL)) {
|
||||
for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) {
|
||||
requestOpts.headers.delete(name);
|
||||
}
|
||||
}
|
||||
|
||||
// HTTP-redirect fetch step 9
|
||||
if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) {
|
||||
reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect'));
|
||||
|
@ -17244,6 +17327,9 @@ function getInputs() {
|
|||
(core.getInput('persist-credentials') || 'false').toUpperCase() === 'TRUE';
|
||||
// Workflow organization ID
|
||||
result.workflowOrganizationId = yield workflowContextHelper.getOrganizationId();
|
||||
// Set safe.directory in git global config.
|
||||
result.setSafeDirectory =
|
||||
(core.getInput('set-safe-directory') || 'true').toUpperCase() === 'TRUE';
|
||||
return result;
|
||||
});
|
||||
}
|
||||
|
|
74
package-lock.json
generated
74
package-lock.json
generated
|
@ -1929,12 +1929,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -3325,12 +3319,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -5389,12 +5377,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -7714,12 +7696,6 @@
|
|||
"minimist": "^1.2.5"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"semver": {
|
||||
"version": "6.3.0",
|
||||
"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
|
||||
|
@ -9368,12 +9344,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -11389,12 +11359,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -12940,12 +12904,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -13700,12 +13658,6 @@
|
|||
"picomatch": "^2.2.3"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -14633,12 +14585,6 @@
|
|||
"integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==",
|
||||
"dev": true
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
},
|
||||
"normalize-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
|
||||
|
@ -15730,14 +15676,6 @@
|
|||
"dev": true,
|
||||
"requires": {
|
||||
"minimist": "^1.2.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"dev": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"kleur": {
|
||||
|
@ -15934,9 +15872,9 @@
|
|||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
|
||||
"version": "1.2.6",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
|
||||
"integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==",
|
||||
"dev": true
|
||||
},
|
||||
"ms": {
|
||||
|
@ -15957,9 +15895,9 @@
|
|||
"integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ=="
|
||||
},
|
||||
"node-fetch": {
|
||||
"version": "2.6.5",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.5.tgz",
|
||||
"integrity": "sha512-mmlIVHJEu5rnIxgEgez6b9GgWXbkZj5YZ7fx+2r94a2E+Uirsp6HsPTPlomfdHtpt/B0cdKviwkoaM6pyvUOpQ==",
|
||||
"version": "2.6.7",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
|
||||
"integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
|
||||
"requires": {
|
||||
"whatwg-url": "^5.0.0"
|
||||
},
|
||||
|
|
|
@ -19,8 +19,9 @@ export interface IGitAuthHelper {
|
|||
configureAuth(): Promise<void>
|
||||
configureGlobalAuth(): Promise<void>
|
||||
configureSubmoduleAuth(): Promise<void>
|
||||
configureTempGlobalConfig(): Promise<string>
|
||||
removeAuth(): Promise<void>
|
||||
removeGlobalAuth(): Promise<void>
|
||||
removeGlobalConfig(): Promise<void>
|
||||
}
|
||||
|
||||
export function createAuthHelper(
|
||||
|
@ -80,7 +81,11 @@ class GitAuthHelper {
|
|||
await this.configureToken()
|
||||
}
|
||||
|
||||
async configureGlobalAuth(): Promise<void> {
|
||||
async configureTempGlobalConfig(): Promise<string> {
|
||||
// Already setup global config
|
||||
if (this.temporaryHomePath?.length > 0) {
|
||||
return path.join(this.temporaryHomePath, '.gitconfig')
|
||||
}
|
||||
// Create a temp home directory
|
||||
const runnerTemp = process.env['RUNNER_TEMP'] || ''
|
||||
assert.ok(runnerTemp, 'RUNNER_TEMP is not defined')
|
||||
|
@ -110,13 +115,19 @@ class GitAuthHelper {
|
|||
await fs.promises.writeFile(newGitConfigPath, '')
|
||||
}
|
||||
|
||||
try {
|
||||
// Override HOME
|
||||
core.info(
|
||||
`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`
|
||||
)
|
||||
this.git.setEnvironmentVariable('HOME', this.temporaryHomePath)
|
||||
|
||||
return newGitConfigPath
|
||||
}
|
||||
|
||||
async configureGlobalAuth(): Promise<void> {
|
||||
// 'configureTempGlobalConfig' noops if already set, just returns the path
|
||||
const newGitConfigPath = await this.configureTempGlobalConfig()
|
||||
try {
|
||||
// Configure the token
|
||||
await this.configureToken(newGitConfigPath, true)
|
||||
|
||||
|
@ -181,11 +192,13 @@ class GitAuthHelper {
|
|||
await this.removeToken()
|
||||
}
|
||||
|
||||
async removeGlobalAuth(): Promise<void> {
|
||||
async removeGlobalConfig(): Promise<void> {
|
||||
if (this.temporaryHomePath?.length > 0) {
|
||||
core.debug(`Unsetting HOME override`)
|
||||
this.git.removeEnvironmentVariable('HOME')
|
||||
await io.rmRF(this.temporaryHomePath)
|
||||
}
|
||||
}
|
||||
|
||||
private async configureSsh(): Promise<void> {
|
||||
if (!this.settings.sshKey) {
|
||||
|
|
|
@ -18,7 +18,9 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
`Syncing repository: ${settings.repositoryOwner}/${settings.repositoryName}`
|
||||
)
|
||||
const repositoryUrl = urlHelper.getFetchUrl(settings)
|
||||
|
||||
core.info(
|
||||
`repositoryUrl: ${repositoryUrl}`
|
||||
)
|
||||
// Remove conflicting file path
|
||||
if (fsHelper.fileExistsSync(settings.repositoryPath)) {
|
||||
await io.rmRF(settings.repositoryPath)
|
||||
|
@ -36,6 +38,30 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
const git = await getGitCommandManager(settings)
|
||||
core.endGroup()
|
||||
|
||||
let authHelper: gitAuthHelper.IGitAuthHelper | null = null
|
||||
try {
|
||||
if (git) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
if (settings.setSafeDirectory) {
|
||||
// Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail
|
||||
// Otherwise all git commands we run in a container fail
|
||||
await authHelper.configureTempGlobalConfig()
|
||||
core.info(
|
||||
`Adding repository directory to the temporary git global config as a safe directory`
|
||||
)
|
||||
|
||||
await git
|
||||
.config('safe.directory', settings.repositoryPath, true, true)
|
||||
.catch(error => {
|
||||
core.info(
|
||||
`Failed to initialize safe directory with error: ${error}`
|
||||
)
|
||||
})
|
||||
|
||||
stateHelper.setSafeDirectory()
|
||||
}
|
||||
}
|
||||
|
||||
// Prepare existing directory, otherwise recreate
|
||||
if (isExisting) {
|
||||
await gitDirectoryHelper.prepareExistingDirectory(
|
||||
|
@ -96,8 +122,10 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
}
|
||||
core.endGroup()
|
||||
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
try {
|
||||
// If we didn't initialize it above, do it now
|
||||
if (!authHelper) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
}
|
||||
// Configure auth
|
||||
core.startGroup('Setting up auth')
|
||||
await authHelper.configureAuth()
|
||||
|
@ -170,7 +198,6 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
|
||||
// Submodules
|
||||
if (settings.submodules) {
|
||||
try {
|
||||
// Temporarily override global config
|
||||
core.startGroup('Setting up auth for fetching submodules')
|
||||
await authHelper.configureGlobalAuth()
|
||||
|
@ -179,10 +206,7 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
// Checkout submodules
|
||||
core.startGroup('Fetching submodules')
|
||||
await git.submoduleSync(settings.nestedSubmodules)
|
||||
await git.submoduleUpdate(
|
||||
settings.fetchDepth,
|
||||
settings.nestedSubmodules
|
||||
)
|
||||
await git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules)
|
||||
await git.submoduleForeach(
|
||||
'git config --local gc.auto 0',
|
||||
settings.nestedSubmodules
|
||||
|
@ -195,10 +219,6 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
await authHelper.configureSubmoduleAuth()
|
||||
core.endGroup()
|
||||
}
|
||||
} finally {
|
||||
// Remove temporary global config override
|
||||
await authHelper.removeGlobalAuth()
|
||||
}
|
||||
}
|
||||
|
||||
// Get commit information
|
||||
|
@ -218,11 +238,14 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
)
|
||||
} finally {
|
||||
// Remove auth
|
||||
if (authHelper) {
|
||||
if (!settings.persistCredentials) {
|
||||
core.startGroup('Removing auth')
|
||||
await authHelper.removeAuth()
|
||||
core.endGroup()
|
||||
}
|
||||
authHelper.removeGlobalConfig()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -244,7 +267,26 @@ export async function cleanup(repositoryPath: string): Promise<void> {
|
|||
|
||||
// Remove auth
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git)
|
||||
try {
|
||||
if (stateHelper.PostSetSafeDirectory) {
|
||||
// Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail
|
||||
// Otherwise all git commands we run in a container fail
|
||||
await authHelper.configureTempGlobalConfig()
|
||||
core.info(
|
||||
`Adding repository directory to the temporary git global config as a safe directory`
|
||||
)
|
||||
|
||||
await git
|
||||
.config('safe.directory', repositoryPath, true, true)
|
||||
.catch(error => {
|
||||
core.info(`Failed to initialize safe directory with error: ${error}`)
|
||||
})
|
||||
}
|
||||
|
||||
await authHelper.removeAuth()
|
||||
} finally {
|
||||
await authHelper.removeGlobalConfig()
|
||||
}
|
||||
}
|
||||
|
||||
async function getGitCommandManager(
|
||||
|
|
|
@ -78,4 +78,9 @@ export interface IGitSourceSettings {
|
|||
* Organization ID for the currently running workflow (used for auth settings)
|
||||
*/
|
||||
workflowOrganizationId: number | undefined
|
||||
|
||||
/**
|
||||
* Indicates whether to add repositoryPath as safe.directory in git global config
|
||||
*/
|
||||
setSafeDirectory: boolean
|
||||
}
|
||||
|
|
|
@ -122,5 +122,8 @@ export async function getInputs(): Promise<IGitSourceSettings> {
|
|||
// Workflow organization ID
|
||||
result.workflowOrganizationId = await workflowContextHelper.getOrganizationId()
|
||||
|
||||
// Set safe.directory in git global config.
|
||||
result.setSafeDirectory =
|
||||
(core.getInput('set-safe-directory') || 'true').toUpperCase() === 'TRUE'
|
||||
return result
|
||||
}
|
||||
|
|
|
@ -120,7 +120,7 @@ function updateUsage(
|
|||
}
|
||||
|
||||
updateUsage(
|
||||
'actions/checkout@v2',
|
||||
'actions/checkout@v3',
|
||||
path.join(__dirname, '..', '..', 'action.yml'),
|
||||
path.join(__dirname, '..', '..', 'README.md')
|
||||
)
|
||||
|
|
|
@ -5,4 +5,4 @@ set -e
|
|||
src/misc/licensed-download.sh
|
||||
|
||||
echo 'Running: licensed cached'
|
||||
_temp/licensed-3.3.1/licensed status
|
||||
_temp/licensed-3.6.0/licensed status
|
|
@ -2,23 +2,23 @@
|
|||
|
||||
set -e
|
||||
|
||||
if [ ! -f _temp/licensed-3.3.1.done ]; then
|
||||
if [ ! -f _temp/licensed-3.6.0.done ]; then
|
||||
echo 'Clearing temp'
|
||||
rm -rf _temp/licensed-3.3.1 || true
|
||||
rm -rf _temp/licensed-3.6.0 || true
|
||||
|
||||
echo 'Downloading licensed'
|
||||
mkdir -p _temp/licensed-3.3.1
|
||||
pushd _temp/licensed-3.3.1
|
||||
mkdir -p _temp/licensed-3.6.0
|
||||
pushd _temp/licensed-3.6.0
|
||||
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||||
curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-darwin-x64.tar.gz
|
||||
curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.6.0/licensed-3.6.0-darwin-x64.tar.gz
|
||||
else
|
||||
curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-linux-x64.tar.gz
|
||||
curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.6.0/licensed-3.6.0-linux-x64.tar.gz
|
||||
fi
|
||||
|
||||
echo 'Extracting licenesed'
|
||||
tar -xzf licensed.tar.gz
|
||||
popd
|
||||
touch _temp/licensed-3.3.1.done
|
||||
touch _temp/licensed-3.6.0.done
|
||||
else
|
||||
echo 'Licensed already downloaded'
|
||||
fi
|
||||
|
|
|
@ -5,4 +5,4 @@ set -e
|
|||
src/misc/licensed-download.sh
|
||||
|
||||
echo 'Running: licensed cached'
|
||||
_temp/licensed-3.3.1/licensed cache
|
||||
_temp/licensed-3.6.0/licensed cache
|
|
@ -11,6 +11,12 @@ export const IsPost = !!process.env['STATE_isPost']
|
|||
export const RepositoryPath =
|
||||
(process.env['STATE_repositoryPath'] as string) || ''
|
||||
|
||||
/**
|
||||
* The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action.
|
||||
*/
|
||||
export const PostSetSafeDirectory =
|
||||
(process.env['STATE_setSafeDirectory'] as string) === 'true'
|
||||
|
||||
/**
|
||||
* The SSH key path for the POST action. The value is empty during the MAIN action.
|
||||
*/
|
||||
|
@ -51,6 +57,13 @@ export function setSshKnownHostsPath(sshKnownHostsPath: string) {
|
|||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Save the sef-safe-directory input so the POST action can retrieve the value.
|
||||
*/
|
||||
export function setSafeDirectory() {
|
||||
coreCommand.issueCommand('save-state', {name: 'setSafeDirectory'}, 'true')
|
||||
}
|
||||
|
||||
// Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic.
|
||||
// This is necessary since we don't have a separate entry point.
|
||||
if (!IsPost) {
|
||||
|
|
Loading…
Reference in New Issue
Block a user