diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 4f6427b..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -version: 2 - -updates: -- package-ecosystem: "npm" - directory: "/" - schedule: - interval: "weekly" - groups: - minor-npm-dependencies: - # NPM: Only group minor and patch updates (we want to carefully review major updates) - update-types: [minor, patch] -- package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "weekly" - groups: - minor-actions-dependencies: - # GitHub Actions: Only group minor and patch updates (we want to carefully review major updates) - update-types: [minor, patch] diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml deleted file mode 100644 index c7d4962..0000000 --- a/.github/workflows/check-dist.yml +++ /dev/null @@ -1,51 +0,0 @@ -# `dist/index.js` is a special file in Actions. -# When you reference an action with `uses:` in a workflow, -# `index.js` is the code that will run. -# For our project, we generate this file through a build process -# from other source files. -# We need to make sure the checked-in `index.js` actually matches what we expect it to be. -name: Check dist - -on: - push: - branches: - - main - paths-ignore: - - '**.md' - pull_request: - paths-ignore: - - '**.md' - workflow_dispatch: - -jobs: - check-dist: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v6 - - - name: Set Node.js 24.x - uses: actions/setup-node@v4 - with: - node-version: 24.x - - - name: Install dependencies - run: npm ci - - - name: Rebuild the index.js file - run: npm run build - - - name: Compare the expected and actual dist/ directories - run: | - if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then - echo "Detected uncommitted changes after build. See status below:" - git diff - exit 1 - fi - - # If dist/ was different than expected, upload the expected version as an artifact - - uses: actions/upload-artifact@v4 - if: ${{ failure() && steps.diff.conclusion == 'failure' }} - with: - name: dist - path: dist/ diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 377fae9..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,58 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ main ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ main ] - schedule: - - cron: '28 9 * * 0' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'javascript' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] - # Learn more: - # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed - - steps: - - name: Checkout repository - uses: actions/checkout@v6 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - - run: npm ci - - run: npm run build - - run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files) - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml deleted file mode 100644 index 36e70e2..0000000 --- a/.github/workflows/licensed.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Licensed - -on: - push: {branches: main} - pull_request: {branches: main} - -jobs: - test: - runs-on: ubuntu-latest - name: Check licenses - steps: - - uses: actions/checkout@v6 - - run: npm ci - - run: npm run licensed-check \ No newline at end of file diff --git a/.github/workflows/publish-immutable-actions.yml b/.github/workflows/publish-immutable-actions.yml deleted file mode 100644 index 44d571b..0000000 --- a/.github/workflows/publish-immutable-actions.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: 'Publish Immutable Action Version' - -on: - release: - types: [published] - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - packages: write - - steps: - - name: Checking out - uses: actions/checkout@v6 - - name: Publish - id: publish - uses: actions/publish-immutable-action@0.0.3 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 0383c88..0000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,357 +0,0 @@ -name: Build and Test - -on: - pull_request: - push: - branches: - - main - - releases/* - - -# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow, -# these refer to "test-data" branches on this actions/checkout repo. -# (For example, test-data/v2/basic -> https://github.com/actions/checkout/tree/test-data/v2/basic) - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/setup-node@v4 - with: - node-version: 24.x - - uses: actions/checkout@v6 - - run: npm ci - - run: npm run build - - run: npm run format-check - - run: npm run lint - - run: npm test - - name: Verify no unstaged changes - run: __test__/verify-no-unstaged-changes.sh - - test: - strategy: - matrix: - runs-on: [ubuntu-latest, macos-latest, windows-latest] - runs-on: ${{ matrix.runs-on }} - - steps: - # Clone this repo - - name: Checkout - uses: actions/checkout@v6 - - # Basic checkout - - name: Checkout basic - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify basic - shell: bash - run: __test__/verify-basic.sh - - # Clean - - name: Modify work tree - shell: bash - run: __test__/modify-work-tree.sh - - name: Checkout clean - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify clean - shell: bash - run: __test__/verify-clean.sh - - # Side by side - - name: Checkout side by side 1 - uses: ./ - with: - ref: test-data/v2/side-by-side-1 - path: side-by-side-1 - - name: Checkout side by side 2 - uses: ./ - with: - ref: test-data/v2/side-by-side-2 - path: side-by-side-2 - - name: Verify side by side - shell: bash - run: __test__/verify-side-by-side.sh - - # Filter - - name: Fetch filter - uses: ./ - with: - filter: 'blob:none' - path: fetch-filter - - - name: Verify fetch filter - run: __test__/verify-fetch-filter.sh - - # Fetch tags - - name: Checkout with fetch-tags - uses: ./ - with: - ref: test-data/v2/basic - path: fetch-tags-test - fetch-tags: true - - name: Verify fetch-tags - shell: bash - run: __test__/verify-fetch-tags.sh - - # Sparse checkout - - name: Sparse checkout - uses: ./ - with: - sparse-checkout: | - __test__ - .github - dist - path: sparse-checkout - - - name: Verify sparse checkout - run: __test__/verify-sparse-checkout.sh - - # Disabled sparse checkout in existing checkout - - name: Disabled sparse checkout - uses: ./ - with: - path: sparse-checkout - - - name: Verify disabled sparse checkout - shell: bash - run: set -x && ls -l sparse-checkout/src/git-command-manager.ts - - # Sparse checkout (non-cone mode) - - name: Sparse checkout (non-cone mode) - uses: ./ - with: - sparse-checkout: | - /__test__/ - /.github/ - /dist/ - sparse-checkout-cone-mode: false - path: sparse-checkout-non-cone-mode - - - name: Verify sparse checkout (non-cone mode) - run: __test__/verify-sparse-checkout-non-cone-mode.sh - - # LFS - - name: Checkout LFS - uses: ./ - with: - repository: actions/checkout # hardcoded, otherwise doesn't work from a fork - ref: test-data/v2/lfs - path: lfs - lfs: true - - name: Verify LFS - shell: bash - run: __test__/verify-lfs.sh - - # Submodules false - - name: Checkout submodules false - uses: ./ - with: - ref: test-data/v2/submodule-ssh-url - path: submodules-false - - name: Verify submodules false - run: __test__/verify-submodules-false.sh - - # Submodules one level - - name: Checkout submodules true - uses: ./ - with: - ref: test-data/v2/submodule-ssh-url - path: submodules-true - submodules: true - - name: Verify submodules true - run: __test__/verify-submodules-true.sh - - # Submodules recursive - - name: Checkout submodules recursive - uses: ./ - with: - ref: test-data/v2/submodule-ssh-url - path: submodules-recursive - submodules: recursive - - name: Verify submodules recursive - run: __test__/verify-submodules-recursive.sh - - # Worktree credentials - - name: Checkout for worktree test - uses: ./ - with: - path: worktree-test - - name: Verify worktree credentials - shell: bash - run: __test__/verify-worktree.sh worktree-test worktree-branch - - # Worktree credentials in container step - - name: Verify worktree credentials in container step - if: runner.os == 'Linux' - uses: docker://bitnami/git:latest - with: - args: bash __test__/verify-worktree.sh worktree-test container-worktree-branch - - # Basic checkout using REST API - - name: Remove basic - if: runner.os != 'windows' - run: rm -rf basic - - name: Remove basic (Windows) - if: runner.os == 'windows' - shell: cmd - run: rmdir /s /q basic - - name: Override git version - if: runner.os != 'windows' - run: __test__/override-git-version.sh - - name: Override git version (Windows) - if: runner.os == 'windows' - run: __test__\\override-git-version.cmd - - name: Checkout basic using REST API - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify basic - run: __test__/verify-basic.sh --archive - - test-proxy: - runs-on: ubuntu-latest - container: - image: ghcr.io/actions/test-ubuntu-git:main.20240221.114913.703z - options: --dns 127.0.0.1 - services: - squid-proxy: - image: ubuntu/squid:latest - ports: - - 3128:3128 - env: - https_proxy: http://squid-proxy:3128 - steps: - # Clone this repo - - name: Checkout - uses: actions/checkout@v6 - - # Basic checkout using git - - name: Checkout basic - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify basic - run: __test__/verify-basic.sh - - # Basic checkout using REST API - - name: Remove basic - run: rm -rf basic - - name: Override git version - run: __test__/override-git-version.sh - - name: Basic checkout using REST API - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify basic - run: __test__/verify-basic.sh --archive - - test-bypass-proxy: - runs-on: ubuntu-latest - env: - https_proxy: http://no-such-proxy:3128 - no_proxy: api.github.com,github.com - steps: - # Clone this repo - - name: Checkout - uses: actions/checkout@v6 - - # Basic checkout using git - - name: Checkout basic - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify basic - run: __test__/verify-basic.sh - - name: Remove basic - run: rm -rf basic - - # Basic checkout using REST API - - name: Override git version - run: __test__/override-git-version.sh - - name: Checkout basic using REST API - uses: ./ - with: - ref: test-data/v2/basic - path: basic - - name: Verify basic - run: __test__/verify-basic.sh --archive - - test-git-container: - runs-on: ubuntu-latest - container: bitnami/git:latest - steps: - # Clone this repo - - name: Checkout - uses: actions/checkout@v6 - with: - path: localClone - - # Basic checkout using git - - name: Checkout basic - uses: ./localClone - with: - ref: test-data/v2/basic - - name: Verify basic - run: | - if [ ! -f "./basic-file.txt" ]; then - echo "Expected basic file does not exist" - exit 1 - fi - - # Verify .git folder - if [ ! -d "./.git" ]; then - echo "Expected ./.git folder to exist" - exit 1 - fi - - # Verify auth token - git config --global --add safe.directory "*" - git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main - - # needed to make checkout post cleanup succeed - - name: Fix Checkout v6 - uses: actions/checkout@v6 - with: - path: localClone - - test-output: - runs-on: ubuntu-latest - steps: - # Clone this repo - - name: Checkout - uses: actions/checkout@v6 - with: - path: actions-checkout - - # Basic checkout using git - - name: Checkout basic - id: checkout - uses: ./actions-checkout - with: - path: cloned-using-local-action - ref: test-data/v2/basic - - # Verify output - - name: Verify output - run: | - echo "Commit: ${{ steps.checkout.outputs.commit }}" - echo "Ref: ${{ steps.checkout.outputs.ref }}" - - if [ "${{ steps.checkout.outputs.ref }}" != "test-data/v2/basic" ]; then - echo "Expected ref to be test-data/v2/basic" - exit 1 - fi - - if [ "${{ steps.checkout.outputs.commit }}" != "82f71901cf8c021332310dcc8cdba84c4193ff5d" ]; then - echo "Expected commit to be 82f71901cf8c021332310dcc8cdba84c4193ff5d" - exit 1 - fi diff --git a/.github/workflows/update-main-version.yml b/.github/workflows/update-main-version.yml deleted file mode 100644 index b3b23fe..0000000 --- a/.github/workflows/update-main-version.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Update Main Version -run-name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} - -on: - workflow_dispatch: - inputs: - target: - description: The tag or reference to use - required: true - major_version: - type: choice - description: The major version to update - options: - - v5 - - v4 - - v3 - - v2 - -jobs: - tag: - runs-on: ubuntu-latest - steps: - # Note this update workflow can also be used as a rollback tool. - # For that reason, it's best to pin `actions/checkout` to a known, stable version - # (typically, about two releases back). - - uses: actions/checkout@v6 - with: - fetch-depth: 0 - - name: Git config - run: | - git config user.name "github-actions[bot]" - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - - name: Tag new target - run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }} - - name: Push new tag - run: git push origin ${{ github.event.inputs.major_version }} --force diff --git a/.github/workflows/update-test-ubuntu-git.yml b/.github/workflows/update-test-ubuntu-git.yml deleted file mode 100644 index 10e4dac..0000000 --- a/.github/workflows/update-test-ubuntu-git.yml +++ /dev/null @@ -1,59 +0,0 @@ -name: Publish test-ubuntu-git Container - -on: - # Use an on demand workflow trigger. - # (Forked copies of actions/checkout won't have permission to update GHCR.io/actions, - # so avoid trigger events that run automatically.) - workflow_dispatch: - inputs: - publish: - description: 'Publish to ghcr.io? (main branch only)' - type: boolean - required: true - default: false - -env: - REGISTRY: ghcr.io - IMAGE_NAME: actions/test-ubuntu-git - -jobs: - build-and-push-image: - runs-on: ubuntu-latest - # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. - permissions: - contents: read - packages: write - - steps: - - name: Checkout repository - uses: actions/checkout@v6 - - # Use `docker/login-action` to log in to GHCR.io. - # Once published, the packages are scoped to the account defined here. - - name: Log in to the ghcr.io container registry - uses: docker/login-action@v3.3.0 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Format Timestamp - id: timestamp - # Use `date` with a custom format to achieve the key=value format GITHUB_OUTPUT expects. - run: date -u "+now=%Y%m%d.%H%M%S.%3NZ" >> "$GITHUB_OUTPUT" - - - name: Issue Image Publish Warning - if: ${{ inputs.publish && github.ref_name != 'main' }} - run: echo "::warning::test-ubuntu-git images can only be published from the actions/checkout 'main' branch. Workflow will continue with push/publish disabled." - - # Use `docker/build-push-action` to build (and optionally publish) the image. - - name: Build Docker Image (with optional Push) - uses: docker/build-push-action@v6.5.0 - with: - context: . - file: images/test-ubuntu-git.Dockerfile - # For now, attempts to push to ghcr.io must target the `main` branch. - # In the future, consider also allowing attempts from `releases/*` branches. - push: ${{ inputs.publish && github.ref_name == 'main' }} - tags: | - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}.${{ steps.timestamp.outputs.now }}