Github Action to reconfigure git to use HTTPS authentication instead of SSH (which is used by default in the runner configuration).
Kudos: This action implementation is based on this comment on the actions/setup-node.
actions/checkout is mandatory to use this action, with persist-credentials: false.
| Field | Mandatory | Observation |
|---|---|---|
| github_token | NO | How to create a PAT |
- name: Checkout
uses: actions/[email protected]
with:
persist-credentials: false
- name: Reconfigure git to use HTTPS authentication
uses: GuillaumeFalourd/SSH-to-HTTPS@v1 - name: Checkout
uses: actions/[email protected]
with:
persist-credentials: false
- name: Reconfigure git to use HTTPS authentication
uses: GuillaumeFalourd/SSH-to-HTTPS@v1
with:
github_token: ${{ secrets.ACCESS_TOKEN }}Note: You can use the default ${{ secrets.GITHUB_TOKEN }} or your PAT with ${{ secrets.ACCESS_TOKEN }}.
There is no difference in terms of transport security, HTTPS and SSH rely on similar underlying crypto.
Persisting your credentials by adding your secret Personal Access Token (PAT) to the global git config does have security implications, but it's the default behavior of the checkout action already (using persist-credentials: true) so no security is "lost".
If you don't want the PAT hanging around, run some form of post-job cleanup.
☞ This repository uses the Apache License 2.0