Currently, a check is done after fetch to ensure that the repo state has
not changed since the workflow was triggered. This check will reset the
checkout to the commit that triggered the workflow, even if the branch
or tag has moved since.
The issue is that the check currently sees what "object" the ref points
to. For an annotated tag, that is the annotation, not the commit. This
means the check always fails for annotated tags, and they are reset to
the commit, losing the annotation. Losing the annotation can be fatal,
as `git describe` will only match annotated tags.
The fix is simple: check if the tag points at the right commit, ignoring
any other type of object. This is done with the <rev>^{commit} syntax.
From the git-rev-parse docs:
> <rev>^{<type>}, e.g. v0.99.8^{commit}
> A suffix ^ followed by an object type name enclosed in brace pair
> means dereference the object at <rev> recursively until an object of
> type <type> is found or the object cannot be dereferenced anymore (in
> which case, barf). For example, if <rev> is a commit-ish,
> <rev>^{commit} describes the corresponding commit object. Similarly,
> if <rev> is a tree-ish, <rev>^{tree} describes the corresponding tree
> object. <rev>^0 is a short-hand for <rev>^{commit}.
If the check still fails, we will still reset the tag to the commit,
losing the annotation. However, there is no way to truly recover in this
situtation, as GitHub does not capture the annotation on workflow start,
and since the history has changed, we can not trust the new tag to
contain the same data as it did before.
Fixes#290Closes#697
* Improve checkout performance on Windows runners by upgrading @actions/github dependency
Re: https://github.com/actions/checkout/issues/1186
@dscho discovered that the checkout action could stall for a
considerable amount of time on Windows runners waiting for PowerShell
invocations made from 'windows-release' npm package to complete.
Then I studied the dependency chain to figure out where
'windows-release' was imported:
'@actions/checkout'@main
<- '@actions/github'@2.2.0
<- '@octokit/endpoint'@6.0.1
<- '@octokit/graphql'@4.3.1
<- '@octokit/request'@5.4.2
<- '@octokit/rest'@16.43.1
<- 'universal-user-agent'@4.0.1
<- 'os-name'@3.1.0
<- 'windows-release'@3.1.0
'universal-user-agent' package dropped its dependency on 'os-name' in
https://github.com/gr2m/universal-user-agent/releases/tag/v6.0.0 .
'@actions/github' v3 removed dependency on '@octokit/rest'@16.43.1 and
allows users to move away from the old 'universal-user-agent' v4.
(https://github.com/actions/toolkit/pull/453)
This pull request attempts to update the version of '@actions/github'
used in the checkout action to avoid importing 'windows-release'.
Based on testing in my own repositories, I can see an improvement in
reduced wait time between entering the checkout action and git actually
starts to do useful work.
* Update .licenses
* Rebuild index.js
* Adding the ability to specify the GitHub Server URL and allowing for it to differ from the Actions workflow host
* Adding tests for injecting the GitHub URL
* Addressing code review comments for PR #922
