Enforce safe directory (#762)
* set safe directory when running checkout * Update CHANGELOG.md
This commit is contained in:
parent
add3486cc3
commit
dcd71f6466
|
@ -1,5 +1,9 @@
|
|||
# Changelog
|
||||
|
||||
## v3.0.1
|
||||
- [Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory`](https://github.com/actions/checkout/pull/762)
|
||||
- [Bumped various npm package versions](https://github.com/actions/checkout/pull/744)
|
||||
|
||||
## v3.0.0
|
||||
|
||||
- [Update to node 16](https://github.com/actions/checkout/pull/689)
|
||||
|
|
|
@ -643,10 +643,11 @@ describe('git-auth-helper tests', () => {
|
|||
expect(gitConfigContent.indexOf('http.')).toBeLessThan(0)
|
||||
})
|
||||
|
||||
const removeGlobalAuth_removesOverride = 'removeGlobalAuth removes override'
|
||||
it(removeGlobalAuth_removesOverride, async () => {
|
||||
const removeGlobalConfig_removesOverride =
|
||||
'removeGlobalConfig removes override'
|
||||
it(removeGlobalConfig_removesOverride, async () => {
|
||||
// Arrange
|
||||
await setup(removeGlobalAuth_removesOverride)
|
||||
await setup(removeGlobalConfig_removesOverride)
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureAuth()
|
||||
await authHelper.configureGlobalAuth()
|
||||
|
@ -655,7 +656,7 @@ describe('git-auth-helper tests', () => {
|
|||
await fs.promises.stat(path.join(git.env['HOME'], '.gitconfig'))
|
||||
|
||||
// Act
|
||||
await authHelper.removeGlobalAuth()
|
||||
await authHelper.removeGlobalConfig()
|
||||
|
||||
// Assert
|
||||
expect(git.env['HOME']).toBeUndefined()
|
||||
|
|
|
@ -6572,9 +6572,13 @@ class GitAuthHelper {
|
|||
yield this.configureToken();
|
||||
});
|
||||
}
|
||||
configureGlobalAuth() {
|
||||
var _a;
|
||||
configureTempGlobalConfig(repositoryPath) {
|
||||
var _a, _b;
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
// Already setup global config
|
||||
if (((_a = this.temporaryHomePath) === null || _a === void 0 ? void 0 : _a.length) > 0) {
|
||||
return path.join(this.temporaryHomePath, '.gitconfig');
|
||||
}
|
||||
// Create a temp home directory
|
||||
const runnerTemp = process.env['RUNNER_TEMP'] || '';
|
||||
assert.ok(runnerTemp, 'RUNNER_TEMP is not defined');
|
||||
|
@ -6590,7 +6594,7 @@ class GitAuthHelper {
|
|||
configExists = true;
|
||||
}
|
||||
catch (err) {
|
||||
if (((_a = err) === null || _a === void 0 ? void 0 : _a.code) !== 'ENOENT') {
|
||||
if (((_b = err) === null || _b === void 0 ? void 0 : _b.code) !== 'ENOENT') {
|
||||
throw err;
|
||||
}
|
||||
}
|
||||
|
@ -6601,10 +6605,25 @@ class GitAuthHelper {
|
|||
else {
|
||||
yield fs.promises.writeFile(newGitConfigPath, '');
|
||||
}
|
||||
// Override HOME
|
||||
core.info(`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`);
|
||||
this.git.setEnvironmentVariable('HOME', this.temporaryHomePath);
|
||||
// Setup the workspace as a safe directory, so if we pass this into a container job with a different user it doesn't fail
|
||||
// Otherwise all git commands we run in a container fail
|
||||
core.info(`Adding working directory to the temporary git global config as a safe directory`);
|
||||
yield this.git
|
||||
.config('safe.directory', repositoryPath !== null && repositoryPath !== void 0 ? repositoryPath : this.settings.repositoryPath, true, true)
|
||||
.catch(error => {
|
||||
core.info(`Failed to initialize safe directory with error: ${error}`);
|
||||
});
|
||||
return newGitConfigPath;
|
||||
});
|
||||
}
|
||||
configureGlobalAuth() {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
// 'configureTempGlobalConfig' noops if already set, just returns the path
|
||||
const newGitConfigPath = yield this.configureTempGlobalConfig();
|
||||
try {
|
||||
// Override HOME
|
||||
core.info(`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`);
|
||||
this.git.setEnvironmentVariable('HOME', this.temporaryHomePath);
|
||||
// Configure the token
|
||||
yield this.configureToken(newGitConfigPath, true);
|
||||
// Configure HTTPS instead of SSH
|
||||
|
@ -6657,11 +6676,14 @@ class GitAuthHelper {
|
|||
yield this.removeToken();
|
||||
});
|
||||
}
|
||||
removeGlobalAuth() {
|
||||
removeGlobalConfig() {
|
||||
var _a;
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
core.debug(`Unsetting HOME override`);
|
||||
this.git.removeEnvironmentVariable('HOME');
|
||||
yield io.rmRF(this.temporaryHomePath);
|
||||
if (((_a = this.temporaryHomePath) === null || _a === void 0 ? void 0 : _a.length) > 0) {
|
||||
core.debug(`Unsetting HOME override`);
|
||||
this.git.removeEnvironmentVariable('HOME');
|
||||
yield io.rmRF(this.temporaryHomePath);
|
||||
}
|
||||
});
|
||||
}
|
||||
configureSsh() {
|
||||
|
@ -7326,40 +7348,48 @@ function getSource(settings) {
|
|||
core.startGroup('Getting Git version info');
|
||||
const git = yield getGitCommandManager(settings);
|
||||
core.endGroup();
|
||||
// Prepare existing directory, otherwise recreate
|
||||
if (isExisting) {
|
||||
yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref);
|
||||
}
|
||||
if (!git) {
|
||||
// Downloading using REST API
|
||||
core.info(`The repository will be downloaded using the GitHub REST API`);
|
||||
core.info(`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`);
|
||||
if (settings.submodules) {
|
||||
throw new Error(`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`);
|
||||
}
|
||||
else if (settings.sshKey) {
|
||||
throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`);
|
||||
}
|
||||
yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath);
|
||||
return;
|
||||
}
|
||||
// Save state for POST action
|
||||
stateHelper.setRepositoryPath(settings.repositoryPath);
|
||||
// Initialize the repository
|
||||
if (!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))) {
|
||||
core.startGroup('Initializing the repository');
|
||||
yield git.init();
|
||||
yield git.remoteAdd('origin', repositoryUrl);
|
||||
core.endGroup();
|
||||
}
|
||||
// Disable automatic garbage collection
|
||||
core.startGroup('Disabling automatic garbage collection');
|
||||
if (!(yield git.tryDisableAutomaticGarbageCollection())) {
|
||||
core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`);
|
||||
}
|
||||
core.endGroup();
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings);
|
||||
let authHelper = null;
|
||||
try {
|
||||
if (git) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings);
|
||||
yield authHelper.configureTempGlobalConfig();
|
||||
}
|
||||
// Prepare existing directory, otherwise recreate
|
||||
if (isExisting) {
|
||||
yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref);
|
||||
}
|
||||
if (!git) {
|
||||
// Downloading using REST API
|
||||
core.info(`The repository will be downloaded using the GitHub REST API`);
|
||||
core.info(`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`);
|
||||
if (settings.submodules) {
|
||||
throw new Error(`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`);
|
||||
}
|
||||
else if (settings.sshKey) {
|
||||
throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`);
|
||||
}
|
||||
yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath);
|
||||
return;
|
||||
}
|
||||
// Save state for POST action
|
||||
stateHelper.setRepositoryPath(settings.repositoryPath);
|
||||
// Initialize the repository
|
||||
if (!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))) {
|
||||
core.startGroup('Initializing the repository');
|
||||
yield git.init();
|
||||
yield git.remoteAdd('origin', repositoryUrl);
|
||||
core.endGroup();
|
||||
}
|
||||
// Disable automatic garbage collection
|
||||
core.startGroup('Disabling automatic garbage collection');
|
||||
if (!(yield git.tryDisableAutomaticGarbageCollection())) {
|
||||
core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`);
|
||||
}
|
||||
core.endGroup();
|
||||
// If we didn't initialize it above, do it now
|
||||
if (!authHelper) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings);
|
||||
}
|
||||
// Configure auth
|
||||
core.startGroup('Setting up auth');
|
||||
yield authHelper.configureAuth();
|
||||
|
@ -7415,27 +7445,21 @@ function getSource(settings) {
|
|||
core.endGroup();
|
||||
// Submodules
|
||||
if (settings.submodules) {
|
||||
try {
|
||||
// Temporarily override global config
|
||||
core.startGroup('Setting up auth for fetching submodules');
|
||||
yield authHelper.configureGlobalAuth();
|
||||
// Temporarily override global config
|
||||
core.startGroup('Setting up auth for fetching submodules');
|
||||
yield authHelper.configureGlobalAuth();
|
||||
core.endGroup();
|
||||
// Checkout submodules
|
||||
core.startGroup('Fetching submodules');
|
||||
yield git.submoduleSync(settings.nestedSubmodules);
|
||||
yield git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules);
|
||||
yield git.submoduleForeach('git config --local gc.auto 0', settings.nestedSubmodules);
|
||||
core.endGroup();
|
||||
// Persist credentials
|
||||
if (settings.persistCredentials) {
|
||||
core.startGroup('Persisting credentials for submodules');
|
||||
yield authHelper.configureSubmoduleAuth();
|
||||
core.endGroup();
|
||||
// Checkout submodules
|
||||
core.startGroup('Fetching submodules');
|
||||
yield git.submoduleSync(settings.nestedSubmodules);
|
||||
yield git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules);
|
||||
yield git.submoduleForeach('git config --local gc.auto 0', settings.nestedSubmodules);
|
||||
core.endGroup();
|
||||
// Persist credentials
|
||||
if (settings.persistCredentials) {
|
||||
core.startGroup('Persisting credentials for submodules');
|
||||
yield authHelper.configureSubmoduleAuth();
|
||||
core.endGroup();
|
||||
}
|
||||
}
|
||||
finally {
|
||||
// Remove temporary global config override
|
||||
yield authHelper.removeGlobalAuth();
|
||||
}
|
||||
}
|
||||
// Get commit information
|
||||
|
@ -7447,10 +7471,13 @@ function getSource(settings) {
|
|||
}
|
||||
finally {
|
||||
// Remove auth
|
||||
if (!settings.persistCredentials) {
|
||||
core.startGroup('Removing auth');
|
||||
yield authHelper.removeAuth();
|
||||
core.endGroup();
|
||||
if (authHelper) {
|
||||
if (!settings.persistCredentials) {
|
||||
core.startGroup('Removing auth');
|
||||
yield authHelper.removeAuth();
|
||||
core.endGroup();
|
||||
}
|
||||
authHelper.removeGlobalConfig();
|
||||
}
|
||||
}
|
||||
});
|
||||
|
@ -7472,7 +7499,13 @@ function cleanup(repositoryPath) {
|
|||
}
|
||||
// Remove auth
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git);
|
||||
yield authHelper.removeAuth();
|
||||
try {
|
||||
yield authHelper.configureTempGlobalConfig(repositoryPath);
|
||||
yield authHelper.removeAuth();
|
||||
}
|
||||
finally {
|
||||
yield authHelper.removeGlobalConfig();
|
||||
}
|
||||
});
|
||||
}
|
||||
exports.cleanup = cleanup;
|
||||
|
|
|
@ -19,8 +19,9 @@ export interface IGitAuthHelper {
|
|||
configureAuth(): Promise<void>
|
||||
configureGlobalAuth(): Promise<void>
|
||||
configureSubmoduleAuth(): Promise<void>
|
||||
configureTempGlobalConfig(repositoryPath?: string): Promise<string>
|
||||
removeAuth(): Promise<void>
|
||||
removeGlobalAuth(): Promise<void>
|
||||
removeGlobalConfig(): Promise<void>
|
||||
}
|
||||
|
||||
export function createAuthHelper(
|
||||
|
@ -80,7 +81,11 @@ class GitAuthHelper {
|
|||
await this.configureToken()
|
||||
}
|
||||
|
||||
async configureGlobalAuth(): Promise<void> {
|
||||
async configureTempGlobalConfig(repositoryPath?: string): Promise<string> {
|
||||
// Already setup global config
|
||||
if (this.temporaryHomePath?.length > 0) {
|
||||
return path.join(this.temporaryHomePath, '.gitconfig')
|
||||
}
|
||||
// Create a temp home directory
|
||||
const runnerTemp = process.env['RUNNER_TEMP'] || ''
|
||||
assert.ok(runnerTemp, 'RUNNER_TEMP is not defined')
|
||||
|
@ -110,13 +115,34 @@ class GitAuthHelper {
|
|||
await fs.promises.writeFile(newGitConfigPath, '')
|
||||
}
|
||||
|
||||
try {
|
||||
// Override HOME
|
||||
core.info(
|
||||
`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`
|
||||
)
|
||||
this.git.setEnvironmentVariable('HOME', this.temporaryHomePath)
|
||||
// Override HOME
|
||||
core.info(
|
||||
`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`
|
||||
)
|
||||
this.git.setEnvironmentVariable('HOME', this.temporaryHomePath)
|
||||
|
||||
// Setup the workspace as a safe directory, so if we pass this into a container job with a different user it doesn't fail
|
||||
// Otherwise all git commands we run in a container fail
|
||||
core.info(
|
||||
`Adding working directory to the temporary git global config as a safe directory`
|
||||
)
|
||||
await this.git
|
||||
.config(
|
||||
'safe.directory',
|
||||
repositoryPath ?? this.settings.repositoryPath,
|
||||
true,
|
||||
true
|
||||
)
|
||||
.catch(error => {
|
||||
core.info(`Failed to initialize safe directory with error: ${error}`)
|
||||
})
|
||||
return newGitConfigPath
|
||||
}
|
||||
|
||||
async configureGlobalAuth(): Promise<void> {
|
||||
// 'configureTempGlobalConfig' noops if already set, just returns the path
|
||||
const newGitConfigPath = await this.configureTempGlobalConfig()
|
||||
try {
|
||||
// Configure the token
|
||||
await this.configureToken(newGitConfigPath, true)
|
||||
|
||||
|
@ -181,10 +207,12 @@ class GitAuthHelper {
|
|||
await this.removeToken()
|
||||
}
|
||||
|
||||
async removeGlobalAuth(): Promise<void> {
|
||||
core.debug(`Unsetting HOME override`)
|
||||
this.git.removeEnvironmentVariable('HOME')
|
||||
await io.rmRF(this.temporaryHomePath)
|
||||
async removeGlobalConfig(): Promise<void> {
|
||||
if (this.temporaryHomePath?.length > 0) {
|
||||
core.debug(`Unsetting HOME override`)
|
||||
this.git.removeEnvironmentVariable('HOME')
|
||||
await io.rmRF(this.temporaryHomePath)
|
||||
}
|
||||
}
|
||||
|
||||
private async configureSsh(): Promise<void> {
|
||||
|
|
|
@ -36,68 +36,77 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
const git = await getGitCommandManager(settings)
|
||||
core.endGroup()
|
||||
|
||||
// Prepare existing directory, otherwise recreate
|
||||
if (isExisting) {
|
||||
await gitDirectoryHelper.prepareExistingDirectory(
|
||||
git,
|
||||
settings.repositoryPath,
|
||||
repositoryUrl,
|
||||
settings.clean,
|
||||
settings.ref
|
||||
)
|
||||
}
|
||||
let authHelper: gitAuthHelper.IGitAuthHelper | null = null
|
||||
try {
|
||||
if (git) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
await authHelper.configureTempGlobalConfig()
|
||||
}
|
||||
|
||||
if (!git) {
|
||||
// Downloading using REST API
|
||||
core.info(`The repository will be downloaded using the GitHub REST API`)
|
||||
core.info(
|
||||
`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`
|
||||
)
|
||||
if (settings.submodules) {
|
||||
throw new Error(
|
||||
`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`
|
||||
)
|
||||
} else if (settings.sshKey) {
|
||||
throw new Error(
|
||||
`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`
|
||||
// Prepare existing directory, otherwise recreate
|
||||
if (isExisting) {
|
||||
await gitDirectoryHelper.prepareExistingDirectory(
|
||||
git,
|
||||
settings.repositoryPath,
|
||||
repositoryUrl,
|
||||
settings.clean,
|
||||
settings.ref
|
||||
)
|
||||
}
|
||||
|
||||
await githubApiHelper.downloadRepository(
|
||||
settings.authToken,
|
||||
settings.repositoryOwner,
|
||||
settings.repositoryName,
|
||||
settings.ref,
|
||||
settings.commit,
|
||||
settings.repositoryPath
|
||||
)
|
||||
return
|
||||
}
|
||||
if (!git) {
|
||||
// Downloading using REST API
|
||||
core.info(`The repository will be downloaded using the GitHub REST API`)
|
||||
core.info(
|
||||
`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`
|
||||
)
|
||||
if (settings.submodules) {
|
||||
throw new Error(
|
||||
`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`
|
||||
)
|
||||
} else if (settings.sshKey) {
|
||||
throw new Error(
|
||||
`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`
|
||||
)
|
||||
}
|
||||
|
||||
// Save state for POST action
|
||||
stateHelper.setRepositoryPath(settings.repositoryPath)
|
||||
await githubApiHelper.downloadRepository(
|
||||
settings.authToken,
|
||||
settings.repositoryOwner,
|
||||
settings.repositoryName,
|
||||
settings.ref,
|
||||
settings.commit,
|
||||
settings.repositoryPath
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Initialize the repository
|
||||
if (
|
||||
!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))
|
||||
) {
|
||||
core.startGroup('Initializing the repository')
|
||||
await git.init()
|
||||
await git.remoteAdd('origin', repositoryUrl)
|
||||
// Save state for POST action
|
||||
stateHelper.setRepositoryPath(settings.repositoryPath)
|
||||
|
||||
// Initialize the repository
|
||||
if (
|
||||
!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))
|
||||
) {
|
||||
core.startGroup('Initializing the repository')
|
||||
await git.init()
|
||||
await git.remoteAdd('origin', repositoryUrl)
|
||||
core.endGroup()
|
||||
}
|
||||
|
||||
// Disable automatic garbage collection
|
||||
core.startGroup('Disabling automatic garbage collection')
|
||||
if (!(await git.tryDisableAutomaticGarbageCollection())) {
|
||||
core.warning(
|
||||
`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`
|
||||
)
|
||||
}
|
||||
core.endGroup()
|
||||
}
|
||||
|
||||
// Disable automatic garbage collection
|
||||
core.startGroup('Disabling automatic garbage collection')
|
||||
if (!(await git.tryDisableAutomaticGarbageCollection())) {
|
||||
core.warning(
|
||||
`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`
|
||||
)
|
||||
}
|
||||
core.endGroup()
|
||||
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
try {
|
||||
// If we didn't initialize it above, do it now
|
||||
if (!authHelper) {
|
||||
authHelper = gitAuthHelper.createAuthHelper(git, settings)
|
||||
}
|
||||
// Configure auth
|
||||
core.startGroup('Setting up auth')
|
||||
await authHelper.configureAuth()
|
||||
|
@ -170,34 +179,26 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
|
||||
// Submodules
|
||||
if (settings.submodules) {
|
||||
try {
|
||||
// Temporarily override global config
|
||||
core.startGroup('Setting up auth for fetching submodules')
|
||||
await authHelper.configureGlobalAuth()
|
||||
core.endGroup()
|
||||
// Temporarily override global config
|
||||
core.startGroup('Setting up auth for fetching submodules')
|
||||
await authHelper.configureGlobalAuth()
|
||||
core.endGroup()
|
||||
|
||||
// Checkout submodules
|
||||
core.startGroup('Fetching submodules')
|
||||
await git.submoduleSync(settings.nestedSubmodules)
|
||||
await git.submoduleUpdate(
|
||||
settings.fetchDepth,
|
||||
settings.nestedSubmodules
|
||||
)
|
||||
await git.submoduleForeach(
|
||||
'git config --local gc.auto 0',
|
||||
settings.nestedSubmodules
|
||||
)
|
||||
core.endGroup()
|
||||
// Checkout submodules
|
||||
core.startGroup('Fetching submodules')
|
||||
await git.submoduleSync(settings.nestedSubmodules)
|
||||
await git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules)
|
||||
await git.submoduleForeach(
|
||||
'git config --local gc.auto 0',
|
||||
settings.nestedSubmodules
|
||||
)
|
||||
core.endGroup()
|
||||
|
||||
// Persist credentials
|
||||
if (settings.persistCredentials) {
|
||||
core.startGroup('Persisting credentials for submodules')
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
core.endGroup()
|
||||
}
|
||||
} finally {
|
||||
// Remove temporary global config override
|
||||
await authHelper.removeGlobalAuth()
|
||||
// Persist credentials
|
||||
if (settings.persistCredentials) {
|
||||
core.startGroup('Persisting credentials for submodules')
|
||||
await authHelper.configureSubmoduleAuth()
|
||||
core.endGroup()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -218,10 +219,13 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
|
|||
)
|
||||
} finally {
|
||||
// Remove auth
|
||||
if (!settings.persistCredentials) {
|
||||
core.startGroup('Removing auth')
|
||||
await authHelper.removeAuth()
|
||||
core.endGroup()
|
||||
if (authHelper) {
|
||||
if (!settings.persistCredentials) {
|
||||
core.startGroup('Removing auth')
|
||||
await authHelper.removeAuth()
|
||||
core.endGroup()
|
||||
}
|
||||
authHelper.removeGlobalConfig()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -244,7 +248,12 @@ export async function cleanup(repositoryPath: string): Promise<void> {
|
|||
|
||||
// Remove auth
|
||||
const authHelper = gitAuthHelper.createAuthHelper(git)
|
||||
await authHelper.removeAuth()
|
||||
try {
|
||||
await authHelper.configureTempGlobalConfig(repositoryPath)
|
||||
await authHelper.removeAuth()
|
||||
} finally {
|
||||
await authHelper.removeGlobalConfig()
|
||||
}
|
||||
}
|
||||
|
||||
async function getGitCommandManager(
|
||||
|
|
Loading…
Reference in New Issue