diff --git a/dist/index.js b/dist/index.js index 75ae3c2..5d16484 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1103,6 +1103,7 @@ class GitConfigHelper { this.extraheaderConfigPlaceholderValue = 'AUTHORIZATION: basic ***'; this.extraheaderConfigValueRegex = '^AUTHORIZATION:'; this.persistedExtraheaderConfigValue = ''; + this.backedUpCredentialFiles = []; this.git = git; this.workingDirectory = this.git.getWorkingDirectory(); } @@ -1182,12 +1183,16 @@ class GitConfigHelper { return __awaiter(this, void 0, void 0, function* () { const serverUrl = new url_1.URL(`https://${this.getGitRemote().hostname}`); this.extraheaderConfigKey = `http.${serverUrl.origin}/.extraheader`; + // Backup checkout@v6 credential files if they exist + yield this.hideCredentialFiles(); // Save and unset persisted extraheader credential in git config if it exists this.persistedExtraheaderConfigValue = yield this.getAndUnset(); }); } restorePersistedAuth() { return __awaiter(this, void 0, void 0, function* () { + // Restore checkout@v6 credential files if they were backed up + yield this.unhideCredentialFiles(); if (this.persistedExtraheaderConfigValue) { try { yield this.setExtraheaderConfig(this.persistedExtraheaderConfigValue); @@ -1224,6 +1229,48 @@ class GitConfigHelper { yield this.gitConfigStringReplace(this.extraheaderConfigPlaceholderValue, extraheaderConfigValue); }); } + hideCredentialFiles() { + return __awaiter(this, void 0, void 0, function* () { + // Temporarily hide checkout@v6 credential files to avoid duplicate auth headers + const runnerTemp = process.env['RUNNER_TEMP']; + if (!runnerTemp) { + return; + } + try { + const files = yield fs.promises.readdir(runnerTemp); + for (const file of files) { + if (file.startsWith('git-credentials-') && file.endsWith('.config')) { + const sourcePath = path.join(runnerTemp, file); + const backupPath = `${sourcePath}.bak`; + yield fs.promises.rename(sourcePath, backupPath); + this.backedUpCredentialFiles.push(backupPath); + core.info(`Temporarily hiding checkout credential file: ${file} (will be restored after)`); + } + } + } + catch (e) { + // If directory doesn't exist or we can't read it, just continue + core.debug(`Could not backup credential files: ${utils.getErrorMessage(e)}`); + } + }); + } + unhideCredentialFiles() { + return __awaiter(this, void 0, void 0, function* () { + // Restore checkout@v6 credential files that were backed up + for (const backupPath of this.backedUpCredentialFiles) { + try { + const originalPath = backupPath.replace(/\.bak$/, ''); + yield fs.promises.rename(backupPath, originalPath); + const fileName = path.basename(originalPath); + core.info(`Restored checkout credential file: ${fileName}`); + } + catch (e) { + core.warning(`Failed to restore credential file ${backupPath}: ${utils.getErrorMessage(e)}`); + } + } + this.backedUpCredentialFiles = []; + }); + } getAndUnset() { return __awaiter(this, void 0, void 0, function* () { let configValue = ''; diff --git a/src/git-config-helper.ts b/src/git-config-helper.ts index f5f484b..e929934 100644 --- a/src/git-config-helper.ts +++ b/src/git-config-helper.ts @@ -22,6 +22,7 @@ export class GitConfigHelper { private extraheaderConfigPlaceholderValue = 'AUTHORIZATION: basic ***' private extraheaderConfigValueRegex = '^AUTHORIZATION:' private persistedExtraheaderConfigValue = '' + private backedUpCredentialFiles: string[] = [] private constructor(git: GitCommandManager) { this.git = git @@ -121,11 +122,15 @@ export class GitConfigHelper { async savePersistedAuth(): Promise { const serverUrl = new URL(`https://${this.getGitRemote().hostname}`) this.extraheaderConfigKey = `http.${serverUrl.origin}/.extraheader` + // Backup checkout@v6 credential files if they exist + await this.hideCredentialFiles() // Save and unset persisted extraheader credential in git config if it exists this.persistedExtraheaderConfigValue = await this.getAndUnset() } async restorePersistedAuth(): Promise { + // Restore checkout@v6 credential files if they were backed up + await this.unhideCredentialFiles() if (this.persistedExtraheaderConfigValue) { try { await this.setExtraheaderConfig(this.persistedExtraheaderConfigValue) @@ -169,6 +174,51 @@ export class GitConfigHelper { ) } + private async hideCredentialFiles(): Promise { + // Temporarily hide checkout@v6 credential files to avoid duplicate auth headers + const runnerTemp = process.env['RUNNER_TEMP'] + if (!runnerTemp) { + return + } + + try { + const files = await fs.promises.readdir(runnerTemp) + for (const file of files) { + if (file.startsWith('git-credentials-') && file.endsWith('.config')) { + const sourcePath = path.join(runnerTemp, file) + const backupPath = `${sourcePath}.bak` + await fs.promises.rename(sourcePath, backupPath) + this.backedUpCredentialFiles.push(backupPath) + core.info( + `Temporarily hiding checkout credential file: ${file} (will be restored after)` + ) + } + } + } catch (e) { + // If directory doesn't exist or we can't read it, just continue + core.debug( + `Could not backup credential files: ${utils.getErrorMessage(e)}` + ) + } + } + + private async unhideCredentialFiles(): Promise { + // Restore checkout@v6 credential files that were backed up + for (const backupPath of this.backedUpCredentialFiles) { + try { + const originalPath = backupPath.replace(/\.bak$/, '') + await fs.promises.rename(backupPath, originalPath) + const fileName = path.basename(originalPath) + core.info(`Restored checkout credential file: ${fileName}`) + } catch (e) { + core.warning( + `Failed to restore credential file ${backupPath}: ${utils.getErrorMessage(e)}` + ) + } + } + this.backedUpCredentialFiles = [] + } + private async getAndUnset(): Promise { let configValue = '' // Save and unset persisted extraheader credential in git config if it exists