feat: use go sdk
This commit is contained in:
parent
a849295b46
commit
b4b7a00f37
8 changed files with 213 additions and 162 deletions
21
Dockerfile
Normal file
21
Dockerfile
Normal file
|
@ -0,0 +1,21 @@
|
|||
FROM docker.io/golang:1.23-alpine3.20 AS compile
|
||||
|
||||
ENV CGO_ENABLED=0
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
COPY go.mod go.sum /app/
|
||||
RUN go mod download
|
||||
|
||||
COPY *.go /app/
|
||||
RUN go build -o app .
|
||||
|
||||
FROM docker.io/alpine:3.20
|
||||
|
||||
WORKDIR /
|
||||
|
||||
RUN apk add git
|
||||
|
||||
COPY --from=compile /app/app /
|
||||
|
||||
ENTRYPOINT ["/app"]
|
19
README.md
19
README.md
|
@ -1,20 +1 @@
|
|||
# checkout
|
||||
|
||||
This action checks-out your repository under $GITHUB_WORKSPACE, so your workflow can access it.
|
||||
|
||||
Only a single commit is fetched by default, for the ref/sha that triggered the workflow. The auth token
|
||||
is persisted in the local git config. This enables your scripts to run authenticated git commands.
|
||||
|
||||
This action is only written in shell (bash).
|
||||
|
||||
## Usage
|
||||
|
||||
```yaml
|
||||
uses: actions/checkout:1.0.0
|
||||
with:
|
||||
repository: ${{ github.server_url }}/${{ github.repository }}.git
|
||||
token: ${{ github.token }}
|
||||
path: .
|
||||
ref: ${{ github.ref || github.sha }}
|
||||
```
|
||||
|
||||
|
|
28
action.yml
28
action.yml
|
@ -1,21 +1,17 @@
|
|||
# SPDX-License-Identifier: EUPL-1.2
|
||||
name: "Checkout"
|
||||
description: "Checkout a Git repository at a particular version"
|
||||
author: "Louis Seubert"
|
||||
inputs:
|
||||
repository:
|
||||
description: >
|
||||
Repository name with owner. For example, actions/checkout
|
||||
default: ${{ github.server_url }}/${{ github.repository }}.git
|
||||
token:
|
||||
description: >
|
||||
Personal access token (PAT) used to fetch the repository. The PAT is configured
|
||||
with the local git config, which enables your scripts to run authenticated git
|
||||
commands.
|
||||
default: ${{ github.token }}
|
||||
The path to the repository to checkout. Must be accessible with the
|
||||
pipeline token on publiclly
|
||||
default: "${{ github.server_url }}/${{ github.repository }}.git"
|
||||
path:
|
||||
description: >
|
||||
Relative path under $GITHUB_WORKSPACE to place the repository
|
||||
default: .
|
||||
default: "."
|
||||
ref:
|
||||
description: >
|
||||
The branch, tag or SHA to checkout. When checking out the repository that
|
||||
|
@ -23,15 +19,5 @@ inputs:
|
|||
event. Otherwise, uses the default branch.
|
||||
default: ${{ github.ref || github.sha }}
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- name: Checkout
|
||||
shell: bash
|
||||
run: |
|
||||
export PATH=${{ github.action_path }}/scripts:$PATH
|
||||
checkout.sh
|
||||
env:
|
||||
ACTION_INPUT_TOKEN: ${{ inputs.token }}
|
||||
ACTION_INPUT_REPOSITORY: ${{ inputs.repository }}
|
||||
ACTION_INPUT_PATH: ${{ inputs.path }}
|
||||
ACTION_INPUT_REF: ${{ inputs.ref }}
|
||||
using: 'docker'
|
||||
image: 'Dockerfile'
|
||||
|
|
5
go.mod
Normal file
5
go.mod
Normal file
|
@ -0,0 +1,5 @@
|
|||
module git.geekeey.de/actions/checkout
|
||||
|
||||
go 1.23.2
|
||||
|
||||
require git.geekeey.de/actions/sdk v1.0.1
|
6
go.sum
Normal file
6
go.sum
Normal file
|
@ -0,0 +1,6 @@
|
|||
git.geekeey.de/actions/sdk v0.0.0-20241020125724-76a93c0d8cec h1:auq6X3d0N25UPSyjuvRDh55W4sgAsSaeDGdWOS6AG6g=
|
||||
git.geekeey.de/actions/sdk v0.0.0-20241020125724-76a93c0d8cec/go.mod h1:pBcHd6afsvseZF9hSc2A0b6+MldC/Ch6CSDaVlWMAmA=
|
||||
git.geekeey.de/actions/sdk v1.0.0 h1:vVEPz6ndFJt4iqtJhhFuf7XA3bf2gasZJ3f8gb94o5g=
|
||||
git.geekeey.de/actions/sdk v1.0.0/go.mod h1:pBcHd6afsvseZF9hSc2A0b6+MldC/Ch6CSDaVlWMAmA=
|
||||
git.geekeey.de/actions/sdk v1.0.1 h1:fecr+IILPgKFoMaQDtSvkBbaFfudOlf+2KdMVKcFA1M=
|
||||
git.geekeey.de/actions/sdk v1.0.1/go.mod h1:pBcHd6afsvseZF9hSc2A0b6+MldC/Ch6CSDaVlWMAmA=
|
173
main.go
Normal file
173
main.go
Normal file
|
@ -0,0 +1,173 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/exec"
|
||||
"os/signal"
|
||||
"strings"
|
||||
|
||||
"git.geekeey.de/actions/sdk"
|
||||
)
|
||||
|
||||
func main() {
|
||||
action := &CheckoutAction{Action: sdk.New()}
|
||||
ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt)
|
||||
defer cancel()
|
||||
if err := action.run(ctx); err != nil {
|
||||
action.Errorf("%s", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
type CheckoutAction struct {
|
||||
*sdk.Action
|
||||
repository string
|
||||
path string
|
||||
reference string
|
||||
}
|
||||
|
||||
func (action *CheckoutAction) setup() error {
|
||||
var err error
|
||||
action.repository = action.GetInput("repository")
|
||||
action.path = action.GetInput("path")
|
||||
action.reference = action.GetInput("ref")
|
||||
return err
|
||||
}
|
||||
|
||||
func (action *CheckoutAction) run(ctx context.Context) error {
|
||||
if err := action.setup(); err != nil {
|
||||
return err
|
||||
}
|
||||
env := action.Context()
|
||||
|
||||
var sh *Shell
|
||||
|
||||
sh = &Shell{}
|
||||
sh.Add("git", "config", "--global", "--add", "protocol.version", "2")
|
||||
sh.Add("git", "init", "-q", action.path)
|
||||
sh.Add("git", "-C", action.path, "config", "--local", "gc.auto", "0")
|
||||
if err := sh.Run(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
action.Noticef("Configuring git repository credentials")
|
||||
server, err := url.Parse(env.ServerURL)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
sh = &Shell{}
|
||||
sh.Add("git", "-C", action.path, "config", "--local", "--add", fmt.Sprintf("url.%s.insteadof", env.ServerURL), fmt.Sprintf("git@%s", server.Host))
|
||||
sh.Add("git", "-C", action.path, "config", "--local", "--add", fmt.Sprintf("url.%s.insteadof", env.ServerURL), fmt.Sprintf("ssh://git@%s", server.Host))
|
||||
sh.Add("git", "-C", action.path, "config", "--local", "--add", fmt.Sprintf("url.%s.insteadof", env.ServerURL), fmt.Sprintf("git://%s", server.Host))
|
||||
if err := sh.Run(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
enc := base64.StdEncoding
|
||||
header := fmt.Sprintf("Authorization: Basic %s", enc.EncodeToString([]byte(fmt.Sprintf("x-access-token:%s", env.Token))))
|
||||
|
||||
sh = &Shell{}
|
||||
sh.Add("git", "-C", action.path, "config", "--local", "--add", fmt.Sprintf("http.%s.extraheader", env.ServerURL), header)
|
||||
if err := sh.Run(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
origin := "origin"
|
||||
|
||||
sh = &Shell{}
|
||||
sh.Add("git", "-C", action.path, "remote", "add", origin, action.repository)
|
||||
if err := sh.Run(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
stdout, _, err := execx(ctx, "git", "-C", action.path, "ls-remote", origin, action.reference)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
lines := strings.Split(stdout, "\t")
|
||||
if len(lines) < 2 {
|
||||
return fmt.Errorf("git ls-remore resolved nothing")
|
||||
}
|
||||
sha := strings.TrimSpace(lines[0])
|
||||
ref := strings.TrimSpace(lines[1])
|
||||
|
||||
sh = &Shell{}
|
||||
|
||||
if strings.HasPrefix(ref, "refs/heads/") {
|
||||
name := strings.TrimPrefix(ref, "refs/heads/")
|
||||
remote := fmt.Sprintf("refs/remotes/%s/%s", origin, name)
|
||||
branch := name
|
||||
|
||||
action.Debugf("Checking out branch %s@%s", name, sha)
|
||||
|
||||
sh.Add("git", "-C", action.path, "fetch", "--no-tags", "--prune", "--no-recurse-submodules", "--depth=1",
|
||||
origin, fmt.Sprintf("+%s:%s", sha, remote))
|
||||
sh.Add("git", "-C", action.path, "checkout", "--force", "-B", branch, remote)
|
||||
} else if strings.HasPrefix(ref, "refs/pull/") {
|
||||
name := strings.TrimPrefix(ref, "refs/pull/")
|
||||
remote := fmt.Sprintf("refs/remotes/pull/%s", name)
|
||||
|
||||
action.Debugf("Checking out pull-request %s@%s", name, sha)
|
||||
|
||||
var branch string
|
||||
if len(env.BaseRef) != 0 {
|
||||
branch = env.BaseRef
|
||||
} else if len(env.HeadRef) != 0 {
|
||||
branch = env.HeadRef
|
||||
} else {
|
||||
return fmt.Errorf("pull request can not find base ref for branch")
|
||||
}
|
||||
|
||||
sh.Add("git", "-C", action.path, "fetch", "--no-tags", "--prune", "--no-recurse-submodules", "--depth=1",
|
||||
origin, fmt.Sprintf("+%s:%s", sha, remote))
|
||||
sh.Add("git", "-C", action.path, "checkout", "--force", "-B", branch, remote)
|
||||
} else if strings.HasPrefix(ref, "refs/tags/") {
|
||||
name := strings.TrimPrefix(ref, "refs/tags/")
|
||||
remote := fmt.Sprintf("refs/tags/%s", name)
|
||||
|
||||
action.Debugf("Checking out ptag %s@%s", name, sha)
|
||||
|
||||
sh.Add("git", "-C", action.path, "fetch", "--no-tags", "--prune", "--no-recurse-submodules", "--depth=1",
|
||||
origin, fmt.Sprintf("+%s:%s", sha, remote))
|
||||
sh.Add("git", "-C", action.path, "checkout", "--force", remote)
|
||||
} else {
|
||||
action.Debugf("Checking out detached head %s", ref)
|
||||
|
||||
sh.Add("git", "-C", action.path, "fetch", "--no-tags", "--prune", "--no-recurse-submodules", "--depth=1",
|
||||
origin, ref)
|
||||
sh.Add("git", "-C", action.path, "checkout", "--force", ref)
|
||||
}
|
||||
|
||||
if err := sh.Run(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
type Shell [][]string
|
||||
|
||||
func (sh *Shell) Add(line ...string) { *sh = append([][]string(*sh), line) }
|
||||
|
||||
func (sh *Shell) Run(ctx context.Context) error {
|
||||
for _, line := range [][]string(*sh) {
|
||||
if _, _, err := execx(ctx, line...); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func execx(ctx context.Context, args ...string) (string, string, error) {
|
||||
cmd := exec.CommandContext(ctx, args[0], args[1:]...)
|
||||
var outbuf, errbuf strings.Builder
|
||||
cmd.Stdout = &outbuf
|
||||
cmd.Stderr = &errbuf
|
||||
err := cmd.Run()
|
||||
return outbuf.String(), errbuf.String(), err
|
||||
}
|
|
@ -1,121 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
shopt -s extglob
|
||||
|
||||
ACTION_INPUT_TOKEN="${ACTION_INPUT_TOKEN:?}"
|
||||
ACTION_INPUT_REPOSITORY="${ACTION_INPUT_REPOSITORY:?}"
|
||||
ACTION_INPUT_PATH="${ACTION_INPUT_PATH:?}"
|
||||
ACTION_INPUT_REF="${ACTION_INPUT_REF:?}"
|
||||
|
||||
error() {
|
||||
echo "$*" 1>&2 ; exit 1;
|
||||
}
|
||||
|
||||
# ensure we are in the right place
|
||||
[[ -z "${GITHUB_WORKSPACE:-}" ]] || { cd "${GITHUB_WORKSPACE}" || error ; }
|
||||
|
||||
git config --global --add protocol.version 2
|
||||
|
||||
git init -q "${ACTION_INPUT_PATH}" && { cd "${ACTION_INPUT_PATH}" || error ; }
|
||||
|
||||
git config --local gc.auto 0
|
||||
|
||||
# the server url and uri are important for determining the default checkout url
|
||||
GITHUB_SERVER_URL="${GITHUB_SERVER_URL:?}"
|
||||
GITHUB_SERVER_URI="${GITHUB_SERVER_URL//http?(s):\/\//}"
|
||||
|
||||
# use https instead of everything else
|
||||
git config --add url."${GITHUB_SERVER_URL}/".insteadOf "git@${GITHUB_SERVER_URI}:"
|
||||
git config --add url."${GITHUB_SERVER_URL}/".insteadOf "ssh://git@${GITHUB_SERVER_URI}/"
|
||||
git config --add url."${GITHUB_SERVER_URL}/".insteadOf "git://${GITHUB_SERVER_URI}/"
|
||||
|
||||
# prepare git config extra header for https auth
|
||||
BASE64="base64 --wrap 0"
|
||||
echo "" | ${BASE64} >/dev/null 2>&1 || BASE64="base64"
|
||||
echo "" | ${BASE64} >/dev/null 2>&1 || BASE64="openssl base64 -A"
|
||||
echo "" | ${BASE64} >/dev/null 2>&1
|
||||
|
||||
GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${ACTION_INPUT_TOKEN}" | ${BASE64})"
|
||||
git config --local --add http."${GITHUB_SERVER_URL}".extraheader "${GIT_HTTP_EXTRAHEADER}"
|
||||
|
||||
# add the repository as remote
|
||||
git remote add origin "${ACTION_INPUT_REPOSITORY}"
|
||||
|
||||
git_default_refspec() {
|
||||
git ls-remote --symref origin HEAD | { read -r _ ref name ; echo "${ref}" ; }
|
||||
}
|
||||
|
||||
git_resolve_refspec() {
|
||||
# shellcheck disable=SC2068
|
||||
git ls-remote origin $@ | { read -r sha ref _ ; echo "${sha} ${ref}" ; }
|
||||
}
|
||||
|
||||
fetch() {
|
||||
# shellcheck disable=SC2068
|
||||
git fetch --no-tags --prune --no-recurse-submodules --depth=1 origin $@
|
||||
}
|
||||
|
||||
checkout() {
|
||||
# shellcheck disable=SC2068
|
||||
git checkout --force $@
|
||||
}
|
||||
|
||||
# the checkout is based on a commit hash
|
||||
if [[ ${ACTION_INPUT_REF:-} =~ ^[0-9a-f]{5,40}$ ]]
|
||||
then
|
||||
fetch "${ACTION_INPUT_REF}" && checkout "${ACTION_INPUT_REF}"
|
||||
exit
|
||||
fi
|
||||
|
||||
# update selected ref when no input is given to remote default branch
|
||||
: "${ACTION_INPUT_REF:=$( git_default_refspec )}"
|
||||
|
||||
# TODO: check if repo is workflow repo, if so, use commit sha from env
|
||||
# like GITHUB_REF and GITHUB_SHA
|
||||
|
||||
read -r GIT_SHA GIT_REF _ <<< "$( git_resolve_refspec "${ACTION_INPUT_REF}" )"
|
||||
: "${GIT_SHA:?}" "${GIT_REF:?}"
|
||||
|
||||
# we always use the refspec with the commit sha as source to prevent
|
||||
# race conditions when running on a frequently used branch
|
||||
|
||||
checkout_head() {
|
||||
local name="${GIT_REF#refs\/heads\/}"
|
||||
local remote="refs/remotes/origin/${name}"
|
||||
|
||||
fetch "+${GIT_SHA}:${remote}"
|
||||
|
||||
checkout -B "${name}" "${remote}"
|
||||
}
|
||||
|
||||
checkout_pull() {
|
||||
local name="${GIT_REF#refs\/pull\/}"
|
||||
local remote="refs/remotes/pull/${name}"
|
||||
|
||||
fetch "+${GIT_SHA}:${remote}"
|
||||
|
||||
# pull requests have a special treatment for the branch name. The name
|
||||
# is determined by the branch the pull request is targeting.
|
||||
|
||||
local branch="${GITHUB_BASE_REF:-$( git_default_refspec )}"
|
||||
checkout -B "${branch#refs\/heads\/}" "${remote}"
|
||||
}
|
||||
|
||||
checkout_tag() {
|
||||
local name="${GIT_REF#refs\/tags\/}"
|
||||
local remote="refs/tags/${name}"
|
||||
|
||||
fetch "+${GIT_SHA}:${remote}"
|
||||
|
||||
checkout "${remote}"
|
||||
}
|
||||
|
||||
case "${GIT_REF}" in
|
||||
# heads and pull are a branch based checkout
|
||||
refs/heads/*) checkout_head ;;
|
||||
refs/pull/* ) checkout_pull ;;
|
||||
|
||||
# tags are a detached head checkout
|
||||
refs/tags/* ) checkout_tag ;;
|
||||
|
||||
*) error "ref type '${GIT_REF}' is unknown" ;;
|
||||
esac
|
Loading…
Reference in a new issue