feat: set and remove git safe directory

2025-01-18 16:01:06 +01:00 · 2022-12-13 10:35:28 +09:00 · 2022-12-13 10:35:28 +09:00 · 4713ea3ed1
commit 4713ea3ed1
parent e3b26d554a
5 changed files with 96 additions and 24 deletions
--- a/test/git-auth-helper.int.test.ts
+++ b/test/git-auth-helper.int.test.ts
@ -46,4 +46,25 @@ describe('git-auth-helper tests', () => {

    await gitAuthHelper.removeAuth()
  })
+
+  it('tests adding and removing the safe.directory config', async () => {
+    await git.config('safe.directory', '/another-value', true, true)
+
+    await gitAuthHelper.removeSafeDirectory()
+    await gitAuthHelper.addSafeDirectory()
+
+    expect(
+      await git.configExists('safe.directory', REPO_PATH, true)
+    ).toBeTruthy()
+
+    await gitAuthHelper.addSafeDirectory()
+    await gitAuthHelper.removeSafeDirectory()
+
+    expect(
+      await git.configExists('safe.directory', REPO_PATH, true)
+    ).toBeFalsy()
+    expect(
+      await git.configExists('safe.directory', '/another-value', true)
+    ).toBeTruthy()
+  })
 })
--- a/dist/index.js
+++ b/dist/index.js
@ -332,8 +332,9 @@ function createPullRequest(inputs) {
            // Create a git command manager
            const git = yield git_command_manager_1.GitCommandManager.create(repoPath);
            // Save and unset the extraheader auth config if it exists
-            core.startGroup('Save persisted git credentials');
+            core.startGroup('Prepare git configuration');
            gitAuthHelper = new git_auth_helper_1.GitAuthHelper(git);
+            yield gitAuthHelper.addSafeDirectory();
            yield gitAuthHelper.savePersistedAuth();
            core.endGroup();
            // Init the GitHub client
@ -491,9 +492,10 @@ function createPullRequest(inputs) {
        }
        finally {
            // Remove auth and restore persisted auth config if it existed
-            core.startGroup('Restore persisted git credentials');
+            core.startGroup('Restore git configuration');
            yield gitAuthHelper.removeAuth();
            yield gitAuthHelper.restorePersistedAuth();
+            yield gitAuthHelper.removeSafeDirectory();
            core.endGroup();
        }
    });
@ -549,14 +551,33 @@ const url_1 = __nccwpck_require__(7310);
 const utils = __importStar(__nccwpck_require__(918));
 class GitAuthHelper {
    constructor(git) {
+        this.safeDirectoryConfigKey = 'safe.directory';
+        this.safeDirectoryAdded = false;
        this.extraheaderConfigPlaceholderValue = 'AUTHORIZATION: basic ***';
        this.extraheaderConfigValueRegex = '^AUTHORIZATION:';
        this.persistedExtraheaderConfigValue = '';
        this.git = git;
-        this.gitConfigPath = path.join(this.git.getWorkingDirectory(), '.git', 'config');
+        this.workingDirectory = this.git.getWorkingDirectory();
+        this.gitConfigPath = path.join(this.workingDirectory, '.git', 'config');
        const serverUrl = this.getServerUrl();
        this.extraheaderConfigKey = `http.${serverUrl.origin}/.extraheader`;
    }
+    addSafeDirectory() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const exists = yield this.git.configExists(this.safeDirectoryConfigKey, this.workingDirectory, true);
+            if (!exists) {
+                yield this.git.config(this.safeDirectoryConfigKey, this.workingDirectory, true, true);
+                this.safeDirectoryAdded = true;
+            }
+        });
+    }
+    removeSafeDirectory() {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.safeDirectoryAdded) {
+                yield this.git.tryConfigUnset(this.safeDirectoryConfigKey, this.workingDirectory, true);
+            }
+        });
+    }
    savePersistedAuth() {
        return __awaiter(this, void 0, void 0, function* () {
            // Save and unset persisted extraheader credential in git config if it exists
@ -737,14 +758,14 @@ class GitCommandManager {
            return yield this.exec(args, allowAllExitCodes);
        });
    }
-    config(configKey, configValue, globalConfig) {
+    config(configKey, configValue, globalConfig, add) {
        return __awaiter(this, void 0, void 0, function* () {
-            yield this.exec([
-                'config',
-                globalConfig ? '--global' : '--local',
-                configKey,
-                configValue
-            ]);
+            const args = ['config', globalConfig ? '--global' : '--local'];
+            if (add) {
+                args.push('--add');
+            }
+            args.push(...[configKey, configValue]);
+            yield this.exec(args);
        });
    }
    configExists(configKey, configValue = '.', globalConfig) {
--- a/src/create-pull-request.ts
+++ b/src/create-pull-request.ts
@ -45,8 +45,9 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
    const git = await GitCommandManager.create(repoPath)

    // Save and unset the extraheader auth config if it exists
-    core.startGroup('Save persisted git credentials')
+    core.startGroup('Prepare git configuration')
    gitAuthHelper = new GitAuthHelper(git)
+    await gitAuthHelper.addSafeDirectory()
    await gitAuthHelper.savePersistedAuth()
    core.endGroup()

@ -252,9 +253,10 @@ export async function createPullRequest(inputs: Inputs): Promise<void> {
    core.setFailed(utils.getErrorMessage(error))
  } finally {
    // Remove auth and restore persisted auth config if it existed
-    core.startGroup('Restore persisted git credentials')
+    core.startGroup('Restore git configuration')
    await gitAuthHelper.removeAuth()
    await gitAuthHelper.restorePersistedAuth()
+    await gitAuthHelper.removeSafeDirectory()
    core.endGroup()
  }
 }
--- a/src/git-auth-helper.ts
+++ b/src/git-auth-helper.ts
@ -8,6 +8,9 @@ import * as utils from './utils'
 export class GitAuthHelper {
  private git: GitCommandManager
  private gitConfigPath: string
+  private workingDirectory: string
+  private safeDirectoryConfigKey = 'safe.directory'
+  private safeDirectoryAdded = false
  private extraheaderConfigKey: string
  private extraheaderConfigPlaceholderValue = 'AUTHORIZATION: basic ***'
  private extraheaderConfigValueRegex = '^AUTHORIZATION:'
@ -15,15 +18,39 @@ export class GitAuthHelper {

  constructor(git: GitCommandManager) {
    this.git = git
-    this.gitConfigPath = path.join(
-      this.git.getWorkingDirectory(),
-      '.git',
-      'config'
-    )
+    this.workingDirectory = this.git.getWorkingDirectory()
+    this.gitConfigPath = path.join(this.workingDirectory, '.git', 'config')
    const serverUrl = this.getServerUrl()
    this.extraheaderConfigKey = `http.${serverUrl.origin}/.extraheader`
  }

+  async addSafeDirectory(): Promise<void> {
+    const exists = await this.git.configExists(
+      this.safeDirectoryConfigKey,
+      this.workingDirectory,
+      true
+    )
+    if (!exists) {
+      await this.git.config(
+        this.safeDirectoryConfigKey,
+        this.workingDirectory,
+        true,
+        true
+      )
+      this.safeDirectoryAdded = true
+    }
+  }
+
+  async removeSafeDirectory(): Promise<void> {
+    if (this.safeDirectoryAdded) {
+      await this.git.tryConfigUnset(
+        this.safeDirectoryConfigKey,
+        this.workingDirectory,
+        true
+      )
+    }
+  }
+
  async savePersistedAuth(): Promise<void> {
    // Save and unset persisted extraheader credential in git config if it exists
    this.persistedExtraheaderConfigValue = await this.getAndUnset()
--- a/src/git-command-manager.ts
+++ b/src/git-command-manager.ts
@ -72,14 +72,15 @@ export class GitCommandManager {
  async config(
    configKey: string,
    configValue: string,
-    globalConfig?: boolean
+    globalConfig?: boolean,
+    add?: boolean
  ): Promise<void> {
-    await this.exec([
-      'config',
-      globalConfig ? '--global' : '--local',
-      configKey,
-      configValue
-    ])
+    const args: string[] = ['config', globalConfig ? '--global' : '--local']
+    if (add) {
+      args.push('--add')
+    }
+    args.push(...[configKey, configValue])
+    await this.exec(args)
  }

  async configExists(