This action checks-out your repository under $GITHUB_WORKSPACE, so your workflow can access it.
Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set fetch-depth: 0 to fetch all history for all branches and tags. Refer here to learn which commit $GITHUB_SHA points to for different events.
The auth token is persisted in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup. Set persist-credentials: false to opt-out.
When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
What’s new
Improved performance
Fetches only a single commit by default
Script authenticated git commands
Auth token persisted in the local git config
Supports SSH
Creates a local branch
No longer detached HEAD when checking out a branch
Improved layout
The input path is always relative to $GITHUB_WORKSPACE
Aligns better with container actions, where $GITHUB_WORKSPACE gets mapped in
Fallback to REST API download
When Git 2.18 or higher is not in the PATH, the REST API will be used to download the files
When using a job container, the container’s PATH is used
- uses:actions/checkout@v2with:# Repository name with owner. For example, actions/checkout# Default: ${{ github.repository }}repository:''# The branch, tag or SHA to checkout. When checking out the repository that# triggered a workflow, this defaults to the reference or SHA for that event.# Otherwise, uses the default branch.ref:''# Personal access token (PAT) used to fetch the repository. The PAT is configured# with the local git config, which enables your scripts to run authenticated git# commands. The post-job step removes the PAT.## We recommend using a service account with the least permissions necessary. Also# when generating a new PAT, select the least scopes necessary.## [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)## Default: ${{ github.token }}token:''# SSH key used to fetch the repository. The SSH key is configured with the local# git config, which enables your scripts to run authenticated git commands. The# post-job step removes the SSH key.## We recommend using a service account with the least permissions necessary.## [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)ssh-key:''# Known hosts in addition to the user and global host key database. The public SSH# keys for a host may be obtained using the utility `ssh-keyscan`. For example,# `ssh-keyscan github.com`. The public key for github.com is always implicitly# added.ssh-known-hosts:''# Whether to perform strict host key checking. When true, adds the options# `StrictHostKeyChecking=yes` and `CheckHostIP=no` to the SSH command line. Use# the input `ssh-known-hosts` to configure additional hosts.# Default: truessh-strict:''# Whether to configure the token or SSH key with the local git config# Default: truepersist-credentials:''# Relative path under $GITHUB_WORKSPACE to place the repositorypath:''# Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching# Default: trueclean:''# Number of commits to fetch. 0 indicates all history for all branches and tags.# Default: 1fetch-depth:''# Whether to download Git-LFS files# Default: falselfs:''# Whether to checkout submodules: `true` to checkout submodules or `recursive` to# recursively checkout submodules.## When the `ssh-key` input is not provided, SSH URLs beginning with# `git@github.com:` are converted to HTTPS.## Default: falsesubmodules:''
- name:Checkoutuses:actions/checkout@v2with:path:main- name:Checkout private toolsuses:actions/checkout@v2with:repository:my-org/my-private-toolstoken:${{ secrets.GitHub_PAT }}# `GitHub_PAT` is a secret that contains your PATpath:my-tools
${{ github.token }} is scoped to the current repository, so if you want to checkout a different repository that is private you will need to provide your own PAT.
Checkout pull request HEAD commit instead of merge commit
