Add set-safe-directory input to allow customers to take control. (#770)

* Add set-safe-directory input to allow customers to take control.
2026-06-14 08:23:11 +07:00 · 2022-04-20 21:37:43 -04:00 · 2022-04-20 21:37:43 -04:00 · 0ffe6f9c55
commit 0ffe6f9c55
parent dcd71f6466
11 changed files with 144 additions and 32 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -205,3 +205,41 @@ jobs:
          path: basic
      - name: Verify basic
        run: __test__/verify-basic.sh --archive
+    
+  test-git-container:
+    runs-on: ubuntu-latest
+    container: bitnami/git:latest
+    steps:
+      # Clone this repo
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          path: v3
+
+      # Basic checkout using git
+      - name: Checkout basic
+        uses: ./v3
+        with:
+          ref: test-data/v2/basic
+      - name: Verify basic
+        run: |
+          if [ ! -f "./basic-file.txt" ]; then
+              echo "Expected basic file does not exist"
+              exit 1
+          fi
+
+          # Verify .git folder
+          if [ ! -d "./.git" ]; then
+            echo "Expected ./.git folder to exist"
+            exit 1
+          fi
+
+          # Verify auth token
+          git config --global --add safe.directory "*"
+          git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
+
+      # needed to make checkout post cleanup succeed
+      - name: Fix Checkout v3
+        uses: actions/checkout@v3
+        with:
+          path: v3
--- a/README.md
+++ b/README.md
@ -92,6 +92,11 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
    #
    # Default: false
    submodules: ''
+
+    # Add repository path as safe.directory for Git global config by running `git
+    # config --global --add safe.directory <path>`
+    # Default: true
+    set-safe-directory: ''
 ```
 <!-- end usage -->

--- a/test/git-auth-helper.test.ts
+++ b/test/git-auth-helper.test.ts
@ -777,7 +777,8 @@ async function setup(testName: string): Promise<void> {
    sshKey: sshPath ? 'some ssh private key' : '',
    sshKnownHosts: '',
    sshStrict: true,
-    workflowOrganizationId: 123456
+    workflowOrganizationId: 123456,
+    setSafeDirectory: true
  }
 }

--- a/test/input-helper.test.ts
+++ b/test/input-helper.test.ts
@ -85,6 +85,7 @@ describe('input-helper tests', () => {
    expect(settings.repositoryName).toBe('some-repo')
    expect(settings.repositoryOwner).toBe('some-owner')
    expect(settings.repositoryPath).toBe(gitHubWorkspace)
+    expect(settings.setSafeDirectory).toBe(true)
  })

  it('qualifies ref', async () => {
--- a/action.yml
+++ b/action.yml
@ -68,6 +68,9 @@ inputs:
      When the `ssh-key` input is not provided, SSH URLs beginning with `git@github.com:` are
      converted to HTTPS.
    default: false
+  set-safe-directory:
+    description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>`
+    default: true
 runs:
  using: node16
  main: dist/index.js