actions/checkout
1
0
Fork 0
mirror of https://github.com/actions/checkout.git synced 2025-04-17 13:46:00 +02:00
Code Activity

.

Browse source
This commit is contained in:
eric sciple 2020-01-24 14:50:09 -05:00
parent 2285ac189f
commit adfd38e27a
3 changed files with 98 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
.github/workflows/test.yml vendored
View file

@ -83,16 +83,12 @@ jobs:
shell: bash
run: __test__/verify-lfs.sh
test-rest-api:
runs-on: ubuntu-latest
container: alpine:latest
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v2
# Basic checkout
- name: Basic checkout
# Basic checkout using REST API
- name: Remove basic
run: rm -rf basic
- name: Override git version
run: __test__/override-git-version.sh
- name: Basic checkout using REST API
uses: ./
with:
ref: test-data/v2/basic
@ -117,6 +113,39 @@ jobs:
- name: Checkout
uses: actions/checkout@users/ericsciple/m165proxy # todo: switch to v2
# Basic checkout using git
- name: Basic checkout
uses: ./
with:
ref: test-data/v2/basic
path: basic
- name: Verify basic
run: __test__/verify-basic.sh
# Basic checkout using REST API
- name: Remove basic
run: rm -rf basic
- name: Override git version
run: __test__/override-git-version.sh
- name: Basic checkout using REST API
uses: ./
with:
ref: test-data/v2/basic
path: basic
- name: Verify basic
run: __test__/verify-basic.sh --archive
test-bypass-proxy:
runs-on: ubuntu-latest
container: alpine/git:latest
env:
https_proxy: http://no-such-proxy:3128
no_proxy: api.github.com,github.com
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v2
# Basic checkout using git
- name: Basic checkout
uses: ./

61
dist/index.js vendored
View file

@ -5424,15 +5424,12 @@ const fs = __importStar(__webpack_require__(747));
const fsHelper = __importStar(__webpack_require__(618));
const gitCommandManager = __importStar(__webpack_require__(289));
const githubApiHelper = __importStar(__webpack_require__(464));
const httpClient = __importStar(__webpack_require__(539));
const io = __importStar(__webpack_require__(1));
const path = __importStar(__webpack_require__(622));
const refHelper = __importStar(__webpack_require__(227));
const stateHelper = __importStar(__webpack_require__(153));
const url = __importStar(__webpack_require__(835));
const serverUrl = 'https://github.com/';
const authConfigKey = `http.${serverUrl}.extraheader`;
const proxyConfigKey = `http.${serverUrl}.proxy`;
function getSource(settings) {
return __awaiter(this, void 0, void 0, function* () {
// Repository URL
@ -5473,11 +5470,11 @@ function getSource(settings) {
core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`);
}
// Remove possible previous proxy and extraheader
yield removeGitConfig(git, proxyConfigKey);
// await removeGitConfig(git, proxyConfigKey)
yield removeGitConfig(git, authConfigKey);
try {
// Config proxy and extraheader
yield configureProxy(git);
// await configureProxy(git)
yield configureAuthToken(git, settings.authToken);
// LFS install
if (settings.lfs) {
@ -5501,7 +5498,7 @@ function getSource(settings) {
}
finally {
if (!settings.persistCredentials) {
yield removeGitConfig(git, proxyConfigKey);
// await removeGitConfig(git, proxyConfigKey)
yield removeGitConfig(git, authConfigKey);
}
}
@ -5524,7 +5521,7 @@ function cleanup(repositoryPath) {
catch (_a) {
return;
}
yield removeGitConfig(git, proxyConfigKey);
// await removeGitConfig(git, proxyConfigKey)
yield removeGitConfig(git, authConfigKey);
});
}
@ -5616,31 +5613,31 @@ function prepareExistingDirectory(git, repositoryPath, repositoryUrl, clean) {
}
});
}
function configureProxy(git) {
return __awaiter(this, void 0, void 0, function* () {
const proxyUrl = httpClient.getProxyUrl(serverUrl);
const parsedUrl = url.parse(proxyUrl);
const placeholder = parsedUrl.auth
? proxyUrl.replace(parsedUrl.auth, '***')
: '';
// Configure a placeholder value. This approach avoids the credential being captured
// by process creation audit events, which are commonly logged. For more information,
// refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
yield git.config(proxyConfigKey, placeholder || proxyUrl);
if (placeholder) {
// Replace the value in the config file
const configPath = path.join(git.getWorkingDirectory(), '.git', 'config');
let content = (yield fs.promises.readFile(configPath)).toString();
const placeholderIndex = content.indexOf(placeholder);
if (placeholderIndex < 0 ||
placeholderIndex != content.lastIndexOf(placeholder)) {
throw new Error('Unable to replace auth placeholder in .git/config');
}
content = content.replace(placeholder, proxyUrl);
yield fs.promises.writeFile(configPath, content);
}
});
}
// async function configureProxy(git: IGitCommandManager): Promise<void> {
// const proxyUrl = httpClient.getProxyUrl(serverUrl)
// const parsedUrl = url.parse(proxyUrl)
// const placeholder = parsedUrl.auth
// ? proxyUrl.replace(parsedUrl.auth, '***')
// : ''
// // Configure a placeholder value. This approach avoids the credential being captured
// // by process creation audit events, which are commonly logged. For more information,
// // refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
// await git.config(proxyConfigKey, placeholder || proxyUrl)
// if (placeholder) {
// // Replace the value in the config file
// const configPath = path.join(git.getWorkingDirectory(), '.git', 'config')
// let content = (await fs.promises.readFile(configPath)).toString()
// const placeholderIndex = content.indexOf(placeholder)
// if (
// placeholderIndex < 0 ||
// placeholderIndex != content.lastIndexOf(placeholder)
// ) {
// throw new Error('Unable to replace auth placeholder in .git/config')
// }
// content = content.replace(placeholder, proxyUrl)
// await fs.promises.writeFile(configPath, content)
// }
// }
function configureAuthToken(git, authToken) {
return __awaiter(this, void 0, void 0, function* () {
// Configure a placeholder value. This approach avoids the credential being captured

60
src/git-source-provider.ts
View file

@ -13,7 +13,7 @@ import {IGitCommandManager} from './git-command-manager'
const serverUrl = 'https://github.com/'
const authConfigKey = `http.${serverUrl}.extraheader`
const proxyConfigKey = `http.${serverUrl}.proxy`
// const proxyConfigKey = `http.${serverUrl}.proxy`
export interface ISourceSettings {
repositoryPath: string
@ -96,12 +96,12 @@ export async function getSource(settings: ISourceSettings): Promise<void> {
}
// Remove possible previous proxy and extraheader
await removeGitConfig(git, proxyConfigKey)
// await removeGitConfig(git, proxyConfigKey)
await removeGitConfig(git, authConfigKey)
try {
// Config proxy and extraheader
await configureProxy(git)
// await configureProxy(git)
await configureAuthToken(git, settings.authToken)
// LFS install
@ -134,7 +134,7 @@ export async function getSource(settings: ISourceSettings): Promise<void> {
await git.log1()
} finally {
if (!settings.persistCredentials) {
await removeGitConfig(git, proxyConfigKey)
// await removeGitConfig(git, proxyConfigKey)
await removeGitConfig(git, authConfigKey)
}
}
@ -158,7 +158,7 @@ export async function cleanup(repositoryPath: string): Promise<void> {
return
}
await removeGitConfig(git, proxyConfigKey)
// await removeGitConfig(git, proxyConfigKey)
await removeGitConfig(git, authConfigKey)
}
@ -268,33 +268,33 @@ async function prepareExistingDirectory(
}
}
async function configureProxy(git: IGitCommandManager): Promise<void> {
const proxyUrl = httpClient.getProxyUrl(serverUrl)
const parsedUrl = url.parse(proxyUrl)
const placeholder = parsedUrl.auth
? proxyUrl.replace(parsedUrl.auth, '***')
: ''
// async function configureProxy(git: IGitCommandManager): Promise<void> {
// const proxyUrl = httpClient.getProxyUrl(serverUrl)
// const parsedUrl = url.parse(proxyUrl)
// const placeholder = parsedUrl.auth
// ? proxyUrl.replace(parsedUrl.auth, '***')
// : ''
// Configure a placeholder value. This approach avoids the credential being captured
// by process creation audit events, which are commonly logged. For more information,
// refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
await git.config(proxyConfigKey, placeholder || proxyUrl)
// // Configure a placeholder value. This approach avoids the credential being captured
// // by process creation audit events, which are commonly logged. For more information,
// // refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
// await git.config(proxyConfigKey, placeholder || proxyUrl)
if (placeholder) {
// Replace the value in the config file
const configPath = path.join(git.getWorkingDirectory(), '.git', 'config')
let content = (await fs.promises.readFile(configPath)).toString()
const placeholderIndex = content.indexOf(placeholder)
if (
placeholderIndex < 0 ||
placeholderIndex != content.lastIndexOf(placeholder)
) {
throw new Error('Unable to replace auth placeholder in .git/config')
}
content = content.replace(placeholder, proxyUrl)
await fs.promises.writeFile(configPath, content)
}
}
// if (placeholder) {
// // Replace the value in the config file
// const configPath = path.join(git.getWorkingDirectory(), '.git', 'config')
// let content = (await fs.promises.readFile(configPath)).toString()
// const placeholderIndex = content.indexOf(placeholder)
// if (
// placeholderIndex < 0 ||
// placeholderIndex != content.lastIndexOf(placeholder)
// ) {
// throw new Error('Unable to replace auth placeholder in .git/config')
// }
// content = content.replace(placeholder, proxyUrl)
// await fs.promises.writeFile(configPath, content)
// }
// }
async function configureAuthToken(
git: IGitCommandManager,