我的组织(或我的用户)内有两个私有 GitHub 存储库。其中一个包含另一个作为子模块。如何克隆另一个私有存储库及其包含的子模块?
我试过了
- uses: actions/checkout@v3
with:
submodules: true
但是,这失败了,子模块部分出现错误消息,我是否应该添加一些权限或其他权限?
Fetching submodules
/usr/bin/git submodule sync
/usr/bin/git -c protocol.version=2 submodule update --init --force --depth=1
Submodule '.github/workflows/MYPROJECT1' (https://github.com/MYUSER/MYPROJECT1.git) registered for path '.github/workflows/MYPROJECT1'
Cloning into '/home/runner/work/MYPROJECT2/MYPROJECT2/.github/workflows/MYPROJECT1'...
remote: Repository not found.
Error: fatal: repository 'https://github.com/MYUSER/MYPROJECT1.git/' not found
Error: fatal: clone of 'https://github.com/MYUSER/MYPROJECT1.git' into submodule path '/home/runner/work/MYPROJECT2/MYPROJECT2/.github/workflows/MYPROJECT1' failed
Failed to clone '.github/workflows/MYPROJECT1'. Retry scheduled
... more errors
您可以尝试使用 SSH URL。
问题 116“私有子模块签出失败”现在(2022 年 7 月)说明了作为替代方案:
当您想要保持 URL 存储库的灵活性并仍然使用带有部署密钥的 GitHub Actions 来访问私有子模块时,此解决方案适用:
- name: Checkout
uses: actions/checkout@v3
- name: Clone Submodule
run: |
mkdir -p $HOME/.ssh
echo '${{ secrets.SUBMODULE_REPO_DEPLOY_KEY }}' > $HOME/.ssh/ssh.key
chmod 600 $HOME/.ssh/ssh.key
export GIT_SSH_COMMAND="ssh -i $HOME/.ssh/ssh.key"
git submodule set-url <path-to-submodule> [email protected]:<organization/submodule>.git
git submodule update --init --recursive
git submodule set-url <path-to-submodule> https://github.com/<organization/submodule>.git
unset GIT_SSH_COMMAND
您可以使用这个操作为多个子模块存储库提供单独的部署密钥,如下所示:... steps: - uses: actions/checkout@v3 - name: Add SSH private keys for submodule repositories uses: webfactory/[email protected] with: ssh-private-key: | ${{ secrets.SSH_PRIVATE_KEY_SUBMODULE_1 }} ${{ secrets.SSH_PRIVATE_KEY_SUBMODULE_2 }} - run: git submodule update --init --recursive --remote ...这对我有用,除了
--remote导致它签出不正确的引用(子模块的master,而不是引用的提交)。只是做git submodule update --init --recursive让我得到了想要的行为
评论证实了 ssh-agent 方法。
issue 116还包括:
这对我有用。检查主存储库后,我的管道运行此操作来检查所有子模块。这有点hacky,但它对我有用。
- name: Checkout the repo uses: actions/[email protected] with: persist-credentials: false - name: Checkout submodule run: | git submodule sync --recursive git -c protocol.version=2 submodule update --init --force --depth=1 --recursive
- name: Checkout Repository
uses: actions/checkout@v4
with:
submodules: true
token: ${{ secrets.READ_ONLY_PAT }}
container:
image: alpine/git
command: ["/bin/sh", "-c"]
args:
- |
echo "Setting up URL substitution..."
&& git config --global url.https://{{inputs.parameters.github-username}}:${READ_ONLY_PAT}@github.com/.insteadOf https://github.com/
&& echo "Configured URL substitution:"
&& git config --get-regexp 'url.*.insteadOf'
&& echo "Cloning repository..."
&& git clone --recurse-submodules https://github.com/{{inputs.parameters.org-name}}/{{inputs.parameters.private-repo-name}}.git /workspace/repo
&& cd /workspace/repo && git status && ls
env:
- name: READ_ONLY_PAT
valueFrom:
secretKeyRef:
name: github-secret-{{inputs.parameters.github-username}}
key: READ_ONLY_PAT