make octokit follow proxy setting.

.github/workflows/test.yml

@@ -11,9 +11,6 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/setup-node@v1
-        with:
-          node-version: 12.x
       - uses: actions/checkout@v2
       - run: npm ci
       - run: npm run build
@@ -86,95 +83,19 @@ jobs:
         shell: bash
         run: __test__/verify-lfs.sh
 
-      # Basic checkout using REST API
-      - name: Remove basic
-        if: runner.os != 'windows'
-        run: rm -rf basic
-      - name: Remove basic (Windows)
-        if: runner.os == 'windows'
-        shell: cmd
-        run: rmdir /s /q basic
-      - name: Override git version
-        if: runner.os != 'windows'
-        run: __test__/override-git-version.sh
-      - name: Override git version (Windows)
-        if: runner.os == 'windows'
-        run: __test__\\override-git-version.cmd
-      - name: Basic checkout using REST API
-        uses: ./
-        with:
-          ref: test-data/v2/basic
-          path: basic
-      - name: Verify basic
-        run: __test__/verify-basic.sh --archive
-
-  test-proxy:
+  test-job-container:
     runs-on: ubuntu-latest
-    container:
-      image: alpine/git:latest
-      options: --dns 127.0.0.1
-    services:
-      squid-proxy:
-        image: datadog/squid:latest
-        ports:
-          - 3128:3128
-    env:
-      https_proxy: http://squid-proxy:3128
+    container: alpine:latest
     steps:
       # Clone this repo
       - name: Checkout
         uses: actions/checkout@v2
 
-      # Basic checkout using git
+      # Basic checkout
       - name: Basic checkout
         uses: ./
         with:
           ref: test-data/v2/basic
           path: basic
-      - name: Verify basic
-        run: __test__/verify-basic.sh
-
-      # Basic checkout using REST API
-      - name: Remove basic
-        run: rm -rf basic
-      - name: Override git version
-        run: __test__/override-git-version.sh
-      - name: Basic checkout using REST API
-        uses: ./
-        with:
-          ref: test-data/v2/basic
-          path: basic
-      - name: Verify basic
-        run: __test__/verify-basic.sh --archive
-
-  test-bypass-proxy:
-    runs-on: ubuntu-latest
-    env:
-      https_proxy: http://no-such-proxy:3128
-      no_proxy: api.github.com,github.com
-    steps:
-      # Clone this repo
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      # Basic checkout using git
-      - name: Basic checkout
-        uses: ./
-        with:
-          ref: test-data/v2/basic
-          path: basic
-      - name: Verify basic
-        run: __test__/verify-basic.sh
-      - name: Remove basic
-        run: rm -rf basic
-
-      # Basic checkout using REST API
-      - name: Override git version
-        run: __test__/override-git-version.sh
-      - name: Basic checkout using REST API
-        uses: ./
-        with:
-          ref: test-data/v2/basic
-          path: basic
       - name: Verify basic
         run: __test__/verify-basic.sh --archive

README.md

@@ -180,8 +180,6 @@ jobs:
 - name: Checkout submodules
   shell: bash
   run: |
-    # If your submodules are configured to use SSH instead of HTTPS please uncomment the following line
-    # git config --global url."https://github.com/".insteadOf "git@github.com:"
     auth_header="$(git config --local --get http.https://github.com/.extraheader)"
     git submodule sync --recursive
     git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --init --force --recursive --depth=1

__test__/input-helper.test.ts

@@ -1,44 +1,47 @@
 import * as assert from 'assert'
-import * as core from '@actions/core'
-import * as fsHelper from '../lib/fs-helper'
-import * as github from '@actions/github'
-import * as inputHelper from '../lib/input-helper'
 import * as path from 'path'
 import {ISourceSettings} from '../lib/git-source-provider'
 
 const originalGitHubWorkspace = process.env['GITHUB_WORKSPACE']
 const gitHubWorkspace = path.resolve('/checkout-tests/workspace')
 
-// Inputs for mock @actions/core
-let inputs = {} as any
+// Late bind
+let inputHelper: any
 
-// Shallow clone original @actions/github context
-let originalContext = {...github.context}
+// Mock @actions/core
+let inputs = {} as any
+const mockCore = jest.genMockFromModule('@actions/core') as any
+mockCore.getInput = (name: string) => {
+  return inputs[name]
+}
+
+// Mock @actions/github
+const mockGitHub = jest.genMockFromModule('@actions/github') as any
+mockGitHub.context = {
+  repo: {
+    owner: 'some-owner',
+    repo: 'some-repo'
+  },
+  ref: 'refs/heads/some-ref',
+  sha: '1234567890123456789012345678901234567890'
+}
+
+// Mock ./fs-helper
+const mockFSHelper = jest.genMockFromModule('../lib/fs-helper') as any
+mockFSHelper.directoryExistsSync = (path: string) => path == gitHubWorkspace
 
 describe('input-helper tests', () => {
   beforeAll(() => {
-    // Mock @actions/core getInput()
-    jest.spyOn(core, 'getInput').mockImplementation((name: string) => {
-      return inputs[name]
-    })
-
-    // Mock @actions/github context
-    jest.spyOn(github.context, 'repo', 'get').mockImplementation(() => {
-      return {
-        owner: 'some-owner',
-        repo: 'some-repo'
-      }
-    })
-    github.context.ref = 'refs/heads/some-ref'
-    github.context.sha = '1234567890123456789012345678901234567890'
-
-    // Mock ./fs-helper directoryExistsSync()
-    jest
-      .spyOn(fsHelper, 'directoryExistsSync')
-      .mockImplementation((path: string) => path == gitHubWorkspace)
-
     // GitHub workspace
     process.env['GITHUB_WORKSPACE'] = gitHubWorkspace
+
+    // Mocks
+    jest.setMock('@actions/core', mockCore)
+    jest.setMock('@actions/github', mockGitHub)
+    jest.setMock('../lib/fs-helper', mockFSHelper)
+
+    // Now import
+    inputHelper = require('../lib/input-helper')
   })
 
   beforeEach(() => {
@@ -47,18 +50,14 @@ describe('input-helper tests', () => {
   })
 
   afterAll(() => {
-    // Restore GitHub workspace
+    // Reset GitHub workspace
     delete process.env['GITHUB_WORKSPACE']
     if (originalGitHubWorkspace) {
       process.env['GITHUB_WORKSPACE'] = originalGitHubWorkspace
     }
 
-    // Restore @actions/github context
-    github.context.ref = originalContext.ref
-    github.context.sha = originalContext.sha
-
-    // Restore
-    jest.restoreAllMocks()
+    // Reset modules
+    jest.resetModules()
   })
 
   it('sets defaults', () => {
@@ -76,19 +75,6 @@ describe('input-helper tests', () => {
     expect(settings.repositoryPath).toBe(gitHubWorkspace)
   })
 
-  it('qualifies ref', () => {
-    let originalRef = github.context.ref
-    try {
-      github.context.ref = 'some-unqualified-ref'
-      const settings: ISourceSettings = inputHelper.getInputs()
-      expect(settings).toBeTruthy()
-      expect(settings.commit).toBe('1234567890123456789012345678901234567890')
-      expect(settings.ref).toBe('refs/heads/some-unqualified-ref')
-    } finally {
-      github.context.ref = originalRef
-    }
-  })
-
   it('requires qualified repo', () => {
     inputs.repository = 'some-unqualified-repo'
     assert.throws(() => {

__test__/override-git-version.cmd

@@ -1,6 +0,0 @@
-
-mkdir override-git-version
-cd override-git-version
-echo @echo override git version 1.2.3 > git.cmd
-echo ::add-path::%CD%
-cd ..

__test__/override-git-version.sh

@@ -1,9 +0,0 @@
-#!/bin/sh
-
-mkdir override-git-version
-cd override-git-version
-echo "#!/bin/sh" > git
-echo "echo override git version 1.2.3" >> git
-chmod +x git
-echo "::add-path::$(pwd)"
-cd ..

__test__/retry-helper.test.ts

@@ -1,17 +1,18 @@
-import * as core from '@actions/core'
-import {RetryHelper} from '../lib/retry-helper'
-
+const mockCore = jest.genMockFromModule('@actions/core') as any
+mockCore.info = (message: string) => {
+  info.push(message)
+}
 let info: string[]
 let retryHelper: any
 
 describe('retry-helper tests', () => {
   beforeAll(() => {
-    // Mock @actions/core info()
-    jest.spyOn(core, 'info').mockImplementation((message: string) => {
-      info.push(message)
-    })
+    // Mocks
+    jest.setMock('@actions/core', mockCore)
 
-    retryHelper = new RetryHelper(3, 0, 0)
+    // Now import
+    const retryHelperModule = require('../lib/retry-helper')
+    retryHelper = new retryHelperModule.RetryHelper(3, 0, 0)
   })
 
   beforeEach(() => {
@@ -20,8 +21,8 @@ describe('retry-helper tests', () => {
   })
 
   afterAll(() => {
-    // Restore
-    jest.restoreAllMocks()
+    // Reset modules
+    jest.resetModules()
   })
 
   it('first attempt succeeds', async () => {

adrs/0153-checkout-v2.md

@@ -1,215 +0,0 @@
-# ADR 0153: Checkout v2
-
-**Date**: 2019-10-21
-
-**Status**: Accepted
-
-## Context
-
-This ADR details the behavior for `actions/checkout@v2`.
-
-The new action will be written in typescript. We are moving away from runner-plugin actions.
-
-We want to take this opportunity to make behavioral changes, from v1. This document is scoped to those differences.
-
-## Decision
-
-### Inputs
-
-```yaml
-  repository:
-    description: 'Repository name with owner. For example, actions/checkout'
-    default: ${{ github.repository }}
-  ref:
-    description: >
-      The branch, tag or SHA to checkout. When checking out the repository that
-      triggered a workflow, this defaults to the reference or SHA for that
-      event.  Otherwise, defaults to `master`.
-  token:
-    description: >
-      Auth token used to fetch the repository. The token is stored in the local
-      git config, which enables your scripts to run authenticated git commands.
-      The post-job step removes the token from the git config. [Learn more about
-      creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
-    default: ${{ github.token }}
-  persist-credentials:
-    description: 'Whether to persist the token in the git config'
-    default: true
-  path:
-    description: 'Relative path under $GITHUB_WORKSPACE to place the repository'
-  clean:
-    description: 'Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching'
-    default: true
-  fetch-depth:
-    description: 'Number of commits to fetch. 0 indicates all history.'
-    default: 1
-  fetch-refs:
-    description: >
-      Additional refs to fetch: `branches`, `tags`, `pr-base`, or `all`.
-      Combinations are also accepted. For example: `branches, tags`
-    default: ''
-  lfs:
-    description: 'Whether to download Git-LFS files'
-    default: false
-```
-
-Note:
-- `fetch-refs` is new
-- `persist-credentials` is new
-- `path` behavior is different (refer [below](#path) for details)
-- `submodules` was removed (error if specified; add later if needed)
-
-### Fallback to GitHub API
-
-When a sufficient version of git is not in the PATH, fallback to the [web API](https://developer.github.com/v3/repos/contents/#get-archive-link) to download a tarball/zipball.
-
-Note:
-- LFS files are not included in the archive. Therefore fail if LFS is set to true.
-- Submodules are also not included in the archive. However submodules are not supported by checkout v2 anyway.
-
-### Persist credentials
-
-Persist the token in the git config (http.extraheader). This will allow users to script authenticated git commands, like `git fetch`.
-
-A post script will remove the credentials from the git config (cleanup for self-hosted).
-
-Users may opt-out by specifying `persist-credentials: false`
-
-Note:
-- Users scripting `git commit` may need to set the username and email. The service does not provide any reasonable default value. Users can add `git config user.name <NAME>` and `git config user.email <EMAIL>`. We will document this guidance.
-- The auth header (stored in the repo's git config), is scoped to all of github `http.https://github.com/.extraheader`
-  - Additional public remotes also just work.
-  - If users want to authenticate to an additional private remote, they should provide the `token` input.
-  - Lines up if we add submodule support in the future. Don't need to worry about calculating relative URLs. Just works, although needs to be persisted in each submodule git config.
-  - Users opt out of persisted credentials (`persist-credentials: false`), or can script the removal themselves (`git config --unset-all http.https://github.com/.extraheader`).
-
-### Fetch behavior
-
-Fetch only the SHA being built and set depth=1. This significantly reduces the fetch time for large repos.
-
-If a SHA isn't available (e.g. multi repo), then fetch only the specified ref with depth=1.
-
-The input `fetch-depth` can be used to control the depth.
-
-The input `fetch-refs` can be used to fetch additional refs.
-
-Note:
-- Fetching a single commit is supported by Git wire protocol version 2. The git client uses protocol version 0 by default. The desired protocol version can be overridden in the git config or on the fetch command line invocation (`-c protocol.version=2`). We will override on the fetch command line, for transparency.
-- Git client version 2.18+ (released June 2018) is required for wire protocol version 2.
-
-### Checkout behavior
-
-For CI, checkout will create a local ref with the upstream set. This allows users to script git as they normally would.
-
-For PR, continue to checkout detached head. The PR branch is special - the branch and merge commit are created by the server. It doesn't match a users' local workflow.
-
-Note:
-- Consider deleting all local refs during cleanup if that helps avoid collisions. More testing required.
-
-### Path
-
-For the mainline scenario, the disk-layout behavior remains the same.
-
-Remember, given the repo `johndoe/foo`, the mainline disk layout looks like:
-
-```
-GITHUB_WORKSPACE=/home/runner/work/foo/foo
-RUNNER_WORKSPACE=/home/runner/work/foo
-```
-
-V2 introduces a new contraint on the checkout path. The location must now be under `github.workspace`. Whereas the checkout@v1 constraint was one level up, under `runner.workspace`.
-
-V2 no longer changes `github.workspace` to follow wherever the self repo is checked-out.
-
-These behavioral changes align better with container actions. The [documented filesystem contract](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/virtual-environments-for-github-hosted-runners#docker-container-filesystem) is:
-
-- `/github/home`
-- `/github/workspace` - Note: GitHub Actions must be run by the default Docker user (root). Ensure your Dockerfile does not set the USER instruction, otherwise you will not be able to access `GITHUB_WORKSPACE`.
-- `/github/workflow`
-
-Note:
-- The tracking config will not be updated to reflect the path of the workflow repo.
-- Any existing workflow repo will not be moved when the checkout path changes. In fact some customers want to checkout the workflow repo twice, side by side against different branches.
-- Actions that need to operate only against the root of the self repo, should expose a `path` input.
-
-#### Default value for `path` input
-
-The `path` input will default to `./` which is rooted against `github.workspace`.
-
-This default fits the mainline scenario well: single checkout
-
-For multi-checkout, users must specify the `path` input for at least one of the repositories.
-
-Note:
-- An alternative is for the self repo to default to `./` and other repos default to `<REPO_NAME>`. However nested layout is an atypical git layout and therefore is not a good default. Users should supply the path info.
-
-#### Example - Nested layout
-
-The following example checks-out two repositories and creates a nested layout.
-
-```yaml
-# Self repo - Checkout to $GITHUB_WORKSPACE
-- uses: checkout@v2
-
-# Other repo - Checkout to $GITHUB_WORKSPACE/myscripts
-- uses: checkout@v2
-  with:
-    repository: myorg/myscripts
-    path: myscripts
-```
-
-#### Example - Side by side layout
-
-The following example checks-out two repositories and creates a side-by-side layout.
-
-```yaml
-# Self repo - Checkout to $GITHUB_WORKSPACE/foo
-- uses: checkout@v2
-  with:
-    path: foo
-
-# Other repo - Checkout to $GITHUB_WORKSPACE/myscripts
-- uses: checkout@v2
-  with:
-    repository: myorg/myscripts
-    path: myscripts
-```
-
-#### Path impact to problem matchers
-
-Problem matchers associate the source files with annotations.
-
-Today the runner verifies the source file is under the `github.workspace`. Otherwise the source file property is dropped.
-
-Multi-checkout complicates the matter. However even today submodules may cause this heuristic to be inaccurate.
-
-A better solution is:
-
-Given a source file path, walk up the directories until the first `.git/config` is found. Check if it matches the self repo (`url = https://github.com/OWNER/REPO`). If not, drop the source file path.
-
-### Port to typescript
-
-The checkout action should be a typescript action on the GitHub graph, for the following reasons:
-- Enables customers to fork the checkout repo and modify
-- Serves as an example for customers
-- Demystifies the checkout action manifest
-- Simplifies the runner
-- Reduce the amount of runner code to port (if we ever do)
-
-Note:
-- This means job-container images will need git in the PATH, for checkout.
-
-### Branching strategy and release tags
-
-- Create a servicing branch for V1: `releases/v1`
-- Merge the changes into `master`
-- Release using a new tag `preview`
-- When stable, release using a new tag `v2`
-
-## Consequences
-
-- Update the checkout action and readme
-- Update samples to consume `actions/checkout@v2`
-- Job containers now require git in the PATH for checkout, otherwise fallback to REST API
-- Minimum git version 2.18
-- Update problem matcher logic regarding source file verification (runner)

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "checkout",
-  "version": "2.0.2",
+  "version": "2.0.1",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -15,30 +15,14 @@
       "integrity": "sha512-nvFkxwiicvpzNiCBF4wFBDfnBvi7xp/as7LE1hBxBxKG2L29+gkIPBiLKMVORL+Hg3JNf07AKRfl0V5djoypjQ=="
     },
     "@actions/github": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/@actions/github/-/github-2.1.0.tgz",
-      "integrity": "sha512-G4ncMlh4pLLAvNgHUYUtpWQ1zPf/VYqmRH9oshxLabdaOOnp7i1hgSgzr2xne2YUaSND3uqemd3YYTIsm2f/KQ==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@actions/github/-/github-2.0.0.tgz",
+      "integrity": "sha512-sNpZ5dJyJyfJIO5lNYx8r/Gha4Tlm8R0MLO2cBkGdOnAAEn3t1M/MHVcoBhY/VPfjGVe5RNAUPz+6INrViiUPA==",
       "requires": {
-        "@actions/http-client": "^1.0.3",
         "@octokit/graphql": "^4.3.1",
         "@octokit/rest": "^16.15.0"
       }
     },
-    "@actions/http-client": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.3.tgz",
-      "integrity": "sha512-wFwh1U4adB/Zsk4cc9kVqaBOHoknhp/pJQk+aWTocbAZWpIl4Zx/At83WFRLXvxB+5HVTWOACM6qjULMZfQSfw==",
-      "requires": {
-        "tunnel": "0.0.6"
-      },
-      "dependencies": {
-        "tunnel": {
-          "version": "0.0.6",
-          "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz",
-          "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg=="
-        }
-      }
-    },
     "@actions/io": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.0.1.tgz",
@@ -613,14 +597,6 @@
         "@types/yargs": "^13.0.0"
       }
     },
-    "@octokit/auth-token": {
-      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-2.4.0.tgz",
-      "integrity": "sha512-eoOVMjILna7FVQf96iWc3+ZtE/ZT6y8ob8ZzcqKY1ibSQCnu4O/B7pJvzMx5cyZ/RjAff6DAdEb0O0Cjcxidkg==",
-      "requires": {
-        "@octokit/types": "^2.0.0"
-      }
-    },
     "@octokit/endpoint": {
       "version": "5.5.1",
       "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-5.5.1.tgz",
@@ -667,11 +643,10 @@
       }
     },
     "@octokit/rest": {
-      "version": "16.38.1",
-      "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-16.38.1.tgz",
-      "integrity": "sha512-zyNFx+/Bd1EXt7LQjfrc6H4wryBQ/oDuZeZhGMBSFr1eMPFDmpEweFQR3R25zjKwBQpDY7L5GQO6A3XSaOfV1w==",
+      "version": "16.35.0",
+      "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-16.35.0.tgz",
+      "integrity": "sha512-9ShFqYWo0CLoGYhA1FdtdykJuMzS/9H6vSbbQWDX4pWr4p9v+15MsH/wpd/3fIU+tSxylaNO48+PIHqOkBRx3w==",
       "requires": {
-        "@octokit/auth-token": "^2.4.0",
         "@octokit/request": "^5.2.0",
         "@octokit/request-error": "^1.0.2",
         "atob-lite": "^2.0.0",
@@ -687,9 +662,9 @@
       }
     },
     "@octokit/types": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-2.1.1.tgz",
-      "integrity": "sha512-89LOYH+d/vsbDX785NOfLxTW88GjNd0lWRz1DVPVsZgg9Yett5O+3MOvwo7iHgvUwbFz0mf/yPIjBkUbs4kxoQ==",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-2.0.2.tgz",
+      "integrity": "sha512-StASIL2lgT3TRjxv17z9pAqbnI7HGu9DrJlg3sEBFfCLaMEqp+O3IQPUF6EZtQ4xkAu2ml6kMBBCtGxjvmtmuQ==",
       "requires": {
         "@types/node": ">= 8"
       }
@@ -954,6 +929,11 @@
       "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==",
       "dev": true
     },
+    "agent-base": {
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-5.1.1.tgz",
+      "integrity": "sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g=="
+    },
     "ajv": {
       "version": "6.10.2",
       "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz",
@@ -1732,7 +1712,6 @@
       "version": "4.1.1",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz",
       "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==",
-      "dev": true,
       "requires": {
         "ms": "^2.1.1"
       }
@@ -3695,6 +3674,15 @@
         "sshpk": "^1.7.0"
       }
     },
+    "https-proxy-agent": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz",
+      "integrity": "sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg==",
+      "requires": {
+        "agent-base": "5",
+        "debug": "4"
+      }
+    },
     "iconv-lite": {
       "version": "0.4.24",
       "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
@@ -5010,8 +4998,7 @@
     "ms": {
       "version": "2.1.2",
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
-      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
-      "dev": true
+      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
     },
     "mute-stream": {
       "version": "0.0.7",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "checkout",
-  "version": "2.0.2",
+  "version": "2.0.1",
   "description": "checkout action",
   "main": "lib/main.js",
   "scripts": {
@@ -31,9 +31,10 @@
   "dependencies": {
     "@actions/core": "^1.1.3",
     "@actions/exec": "^1.0.1",
-    "@actions/github": "^2.0.2",
+    "@actions/github": "^2.0.0",
     "@actions/io": "^1.0.1",
     "@actions/tool-cache": "^1.1.2",
+    "https-proxy-agent": "^4.0.0",
     "uuid": "^3.3.3"
   },
   "devDependencies": {

src/git-source-provider.ts

@@ -9,8 +9,7 @@ import * as refHelper from './ref-helper'
 import * as stateHelper from './state-helper'
 import {IGitCommandManager} from './git-command-manager'
 
-const serverUrl = 'https://github.com/'
-const authConfigKey = `http.${serverUrl}.extraheader`
+const authConfigKey = `http.https://github.com/.extraheader`
 
 export interface ISourceSettings {
   repositoryPath: string
@@ -96,7 +95,7 @@ export async function getSource(settings: ISourceSettings): Promise<void> {
     await removeGitConfig(git, authConfigKey)
 
     try {
-      // Config extraheader
+      // Config auth token
       await configureAuthToken(git, settings.authToken)
 
       // LFS install
@@ -137,21 +136,16 @@ export async function getSource(settings: ISourceSettings): Promise<void> {
 
 export async function cleanup(repositoryPath: string): Promise<void> {
   // Repo exists?
-  if (
-    !repositoryPath ||
-    !fsHelper.fileExistsSync(path.join(repositoryPath, '.git', 'config'))
-  ) {
+  if (!fsHelper.fileExistsSync(path.join(repositoryPath, '.git', 'config'))) {
     return
   }
+  fsHelper.directoryExistsSync(repositoryPath, true)
 
-  let git: IGitCommandManager
-  try {
-    git = await gitCommandManager.CreateCommandManager(repositoryPath, false)
-  } catch {
-    return
-  }
-
-  // Remove extraheader
+  // Remove the config key
+  const git = await gitCommandManager.CreateCommandManager(
+    repositoryPath,
+    false
+  )
   await removeGitConfig(git, authConfigKey)
 }
 

src/github-api-helper.ts

@@ -8,6 +8,7 @@ import * as retryHelper from './retry-helper'
 import * as toolCache from '@actions/tool-cache'
 import {default as uuid} from 'uuid/v4'
 import {ReposGetArchiveLinkParams} from '@octokit/rest'
+import HttpsProxyAgent from 'https-proxy-agent'
 
 const IS_WINDOWS = process.platform === 'win32'
 
@@ -74,7 +75,7 @@ async function downloadArchive(
   ref: string,
   commit: string
 ): Promise<Buffer> {
-  const octokit = new github.GitHub(authToken)
+  const octokit = createOctokit(authToken)
   const params: ReposGetArchiveLinkParams = {
     owner: owner,
     repo: repo,
@@ -90,3 +91,38 @@ async function downloadArchive(
 
   return Buffer.from(response.data) // response.data is ArrayBuffer
 }
+
+function createOctokit(authToken: string): github.GitHub {
+  let proxyVar: string =
+    process.env['https_proxy'] || process.env['HTTPS_PROXY'] || ''
+
+  if (!proxyVar) {
+    return new github.GitHub(authToken)
+  }
+
+  let noProxy: string = process.env['no_proxy'] || process.env['NO_PROXY'] || ''
+
+  let bypass: boolean = false
+  if (noProxy) {
+    let bypassList = noProxy.split(',')
+    for (let i = 0; i < bypassList.length; i++) {
+      let item = bypassList[i]
+      if (
+        item &&
+        typeof item === 'string' &&
+        item.trim().toLocaleLowerCase() === 'github.com'
+      ) {
+        bypass = true
+        break
+      }
+    }
+  }
+
+  if (bypass) {
+    return new github.GitHub(authToken)
+  } else {
+    return new github.GitHub(authToken, {
+      request: {agent: new HttpsProxyAgent(proxyVar)}
+    })
+  }
+}

src/input-helper.ts

@@ -61,12 +61,6 @@ export function getInputs(): ISourceSettings {
     if (isWorkflowRepository) {
       result.ref = github.context.ref
       result.commit = github.context.sha
-
-      // Some events have an unqualifed ref. For example when a PR is merged (pull_request closed event),
-      // the ref is unqualifed like "master" instead of "refs/heads/master".
-      if (result.commit && result.ref && !result.ref.startsWith('refs/')) {
-        result.ref = `refs/heads/${result.ref}`
-      }
     }
 
     if (!result.ref && !result.commit) {