actions/checkoutPublic

NotificationsYou must be signed in to change notification settings
Fork2.2k
Star7.2k

Action for checking out a repo

License

MIT license

7.2k stars 2.2k forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Use this GitHub action with your project

Add this Action to an existing workflow or create a new one

View on Marketplace

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 203 Commits
.github		.github
.licenses/npm		.licenses/npm
__test__		__test__
adrs		adrs
dist		dist
images		images
src		src
.eslintignore		.eslintignore
.eslintrc.json		.eslintrc.json
.gitattributes		.gitattributes
.gitignore		.gitignore
.licensed.yml		.licensed.yml
.prettierignore		.prettierignore
.prettierrc.json		.prettierrc.json
CHANGELOG.md		CHANGELOG.md
CODEOWNERS		CODEOWNERS
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
action.yml		action.yml
jest.config.js		jest.config.js
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json

Repository files navigation

Checkout v6-beta

What's new

Updatedpersist-credentials to store the credentials under$RUNNER_TEMP instead of directly in the local git config.
- This requires a minimum Actions Runner version ofv2.329.0 to access the persisted credentials forDocker container action scenarios.

Checkout v5

What's new

Updated to the node24 runtime
- This requires a minimum Actions Runner version ofv2.327.1 to run.

Checkout v4

This action checks-out your repository under$GITHUB_WORKSPACE, so your workflow can access it.

Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Setfetch-depth: 0 to fetch all history for all branches and tags. Referhere to learn which commit$GITHUB_SHA points to for different events.

The auth token is persisted in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup. Setpersist-credentials: false to opt-out.

When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.

Note

Thank you for your interest in this GitHub action, however, right now we are not taking contributions.

We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.

We are taking the following steps to better direct requests related to GitHub Actions, including:

We will be directing questions and support requests to ourCommunity Discussions area
High Priority bugs can be reported through Community Discussions or you can report these to our support teamhttps://support.github.com/contact/bug-report.
Security Issues should be handled as per oursecurity.md

We will still provide security updates for this project and fix major breaking changes during this time.

You are welcome to still raise bugs in this repo.

What's new

Please refer to therelease page for the latest release notes.

Usage

-uses:actions/checkout@v5with:# Repository name with owner. For example, actions/checkout# Default: ${{ github.repository }}repository:''# The branch, tag or SHA to checkout. When checking out the repository that# triggered a workflow, this defaults to the reference or SHA for that event.# Otherwise, uses the default branch.ref:''# Personal access token (PAT) used to fetch the repository. The PAT is configured# with the local git config, which enables your scripts to run authenticated git# commands. The post-job step removes the PAT.## We recommend using a service account with the least permissions necessary. Also# when generating a new PAT, select the least scopes necessary.## [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)## Default: ${{ github.token }}token:''# SSH key used to fetch the repository. The SSH key is configured with the local# git config, which enables your scripts to run authenticated git commands. The# post-job step removes the SSH key.## We recommend using a service account with the least permissions necessary.## [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)ssh-key:''# Known hosts in addition to the user and global host key database. The public SSH# keys for a host may be obtained using the utility `ssh-keyscan`. For example,# `ssh-keyscan github.com`. The public key for github.com is always implicitly# added.ssh-known-hosts:''# Whether to perform strict host key checking. When true, adds the options# `StrictHostKeyChecking=yes` and `CheckHostIP=no` to the SSH command line. Use# the input `ssh-known-hosts` to configure additional hosts.# Default: truessh-strict:''# The user to use when connecting to the remote SSH host. By default 'git' is# used.# Default: gitssh-user:''# Whether to configure the token or SSH key with the local git config# Default: truepersist-credentials:''# Relative path under $GITHUB_WORKSPACE to place the repositorypath:''# Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching# Default: trueclean:''# Partially clone against a given filter. Overrides sparse-checkout if set.# Default: nullfilter:''# Do a sparse checkout on given patterns. Each pattern should be separated with# new lines.# Default: nullsparse-checkout:''# Specifies whether to use cone-mode when doing a sparse checkout.# Default: truesparse-checkout-cone-mode:''# Number of commits to fetch. 0 indicates all history for all branches and tags.# Default: 1fetch-depth:''# Whether to fetch tags, even if fetch-depth > 0.# Default: falsefetch-tags:''# Whether to show progress status output when fetching.# Default: trueshow-progress:''# Whether to download Git-LFS files# Default: falselfs:''# Whether to checkout submodules: `true` to checkout submodules or `recursive` to# recursively checkout submodules.## When the `ssh-key` input is not provided, SSH URLs beginning with# `git@github.com:` are converted to HTTPS.## Default: falsesubmodules:''# Add repository path as safe.directory for Git global config by running `git# config --global --add safe.directory <path>`# Default: trueset-safe-directory:''# The base URL for the GitHub instance that you are trying to clone from, will use# environment defaults to fetch from the same instance that the workflow is# running from unless specified. Example URLs are https://github.com or# https://my-ghes-server.example.comgithub-server-url:''

Scenarios

Fetch only the root files

-uses:actions/checkout@v5with:sparse-checkout:.

Fetch only the root files and`.github` and`src` folder

-uses:actions/checkout@v5with:sparse-checkout:|      .github      src

Fetch only a single file

-uses:actions/checkout@v5with:sparse-checkout:|      README.mdsparse-checkout-cone-mode:false

Fetch all history for all tags and branches

-uses:actions/checkout@v5with:fetch-depth:0

Checkout a different branch

-uses:actions/checkout@v5with:ref:my-branch

Checkout HEAD^

-uses:actions/checkout@v5with:fetch-depth:2-run:git checkout HEAD^

Checkout multiple repos (side by side)

-name:Checkoutuses:actions/checkout@v5with:path:main-name:Checkout tools repouses:actions/checkout@v5with:repository:my-org/my-toolspath:my-tools

If your secondary repository is private or internal you will need to add the option noted inCheckout multiple repos (private)

Checkout multiple repos (nested)

-name:Checkoutuses:actions/checkout@v5-name:Checkout tools repouses:actions/checkout@v5with:repository:my-org/my-toolspath:my-tools

If your secondary repository is private or internal you will need to add the option noted inCheckout multiple repos (private)

Checkout multiple repos (private)

-name:Checkoutuses:actions/checkout@v5with:path:main-name:Checkout private toolsuses:actions/checkout@v5with:repository:my-org/my-private-toolstoken:${{ secrets.GH_PAT }}# `GH_PAT` is a secret that contains your PATpath:my-tools

${{ github.token }} is scoped to the current repository, so if you want to checkout a different repository that is private you will need to provide your ownPAT.

Checkout pull request HEAD commit instead of merge commit

-uses:actions/checkout@v5with:ref:${{ github.event.pull_request.head.sha }}

Checkout pull request on closed event

on:pull_request:branches:[main]types:[opened, synchronize, closed]jobs:build:runs-on:ubuntu-lateststeps:      -uses:actions/checkout@v5

Push a commit using the built-in token

on:pushjobs:build:runs-on:ubuntu-lateststeps:      -uses:actions/checkout@v5      -run:|          date > generated.txt          # Note: the following account information will not work on GHES          git config user.name "github-actions[bot]"          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"          git add .          git commit -m "generated"          git push

NOTE: The user email is{user.id}+{user.login}@users.noreply.github.com. See users API:https://api.github.com/users/github-actions%5Bbot%5D

Push a commit to a PR using the built-in token

In a pull request trigger,ref is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.

on:pull_requestjobs:build:runs-on:ubuntu-lateststeps:      -uses:actions/checkout@v5with:ref:${{ github.head_ref }}      -run:|          date > generated.txt          # Note: the following account information will not work on GHES          git config user.name "github-actions[bot]"          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"          git add .          git commit -m "generated"          git push

NOTE: The user email is{user.id}+{user.login}@users.noreply.github.com. See users API:https://api.github.com/users/github-actions%5Bbot%5D

Recommended permissions

When using thecheckout action in your GitHub Actions workflow, it is recommended to set the followingGITHUB_TOKEN permissions to ensure proper functionality, unless alternative auth is provided via thetoken orssh-key inputs: