feat: add repository and repository_path inputs for enhanced configuration#220
Merged
Conversation
github-actions
Bot
requested review from
a team and
ChristophShyper
as code owners
Member
|
Relates to #95 and devops-infra/action-commit-push#96 |
There was a problem hiding this comment.
Pull request overview
Adds configurability for running the action against a specific repository and/or when the checked-out repo lives in a subdirectory of GITHUB_WORKSPACE (e.g., actions/checkout with path:). This also introduces temporary global git config isolation via GIT_CONFIG_GLOBAL to avoid touching runner/user-level git config.
Changes:
- Add new inputs
repositoryandrepository_path(and document them) to support custom checkout paths / target repos. - Update
entrypoint.shto resolve/validate repo path, usegit -C, and switch API calls to the resolved target repository. - Add/adjust unit tests to cover repository configuration and template source selection with a repository subdirectory.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
README.md |
Documents new repository / repository_path inputs and shows checkout-with-path usage. |
Taskfile.scripts.yml |
Updates version-bump sed rules to use regex-based matching for tag updates. |
action.yml |
Declares new action inputs and keeps GITHUB_TOKEN env wiring. |
entrypoint.sh |
Implements repository/repository_path resolution, path safety checks, and uses TARGET_REPOSITORY for API calls. |
tests/unit/test_repository_configuration.sh |
New unit test validating repository path resolution + isolated git global config. |
tests/unit/test_template_source_selection.sh |
Updates stubs to support git -C and exercises repository_path usage. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+313
to
+316
| if ! git -C "${REPO_DIR}" rev-parse --is-inside-work-tree >/dev/null 2>&1; then | ||
| echo -e "\n[ERROR] Path is not a git repository: ${REPO_DIR}" >&2 | ||
| exit 1 | ||
| fi |
Comment on lines
+283
to
+291
| TARGET_REPOSITORY="${INPUT_REPOSITORY:-${GITHUB_REPOSITORY}}" | ||
| if [[ -z "${TARGET_REPOSITORY}" ]]; then | ||
| echo -e "\n[ERROR] Unable to resolve repository. Set input 'repository' or ensure GITHUB_REPOSITORY is available." >&2 | ||
| exit 1 | ||
| fi | ||
| if [[ ! "${TARGET_REPOSITORY}" =~ ^[^/]+/[^/]+$ ]]; then | ||
| echo -e "\n[ERROR] Input 'repository' must use owner/name format. Got: ${TARGET_REPOSITORY}" >&2 | ||
| exit 1 | ||
| fi |
| echo -e "\n[ERROR] Input 'repository' must use owner/name format. Got: ${TARGET_REPOSITORY}" >&2 | ||
| exit 1 | ||
| fi | ||
| if [[ "${TARGET_REPOSITORY}" == *".."* || "${TARGET_REPOSITORY}" == */.* || "${TARGET_REPOSITORY}" == */*. || "${TARGET_REPOSITORY}" == *"/."* ]]; then |
| fi | ||
|
|
||
| echo -e "\nSetting GitHub credentials..." | ||
| git -C "${REPO_DIR}" remote set-url origin "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/${TARGET_REPOSITORY}" |
Comment on lines
+84
to
+86
| INPUT_NEW_STRING="" \ | ||
| INPUT_IGNORE_USERS="ci-user" \ | ||
| INPUT_ALLOW_NO_DIFF="false" \ |
…ndling and repository validation
ChristophShyper
approved these changes
May 23, 2026
cherny-sh
added a commit
to ignitetech-group/action-pull-request
that referenced
this pull request
May 26, 2026
This is a `-s ours` (strategy-ours) merge. It records `upstream/master` at SHA c5a99ac as a second parent of our HEAD without changing a single byte of our tree — the entire point is to update git's commit-reachability graph so that GitHub's "X commits ahead / Y commits behind" comparison between this fork and devops-infra/action-pull-request stops counting those 13 upstream commits as "behind". The actual content reconciliation already happened in PR #2 (commits 0b5126e + 832dfcc), where I selectively ported upstream's security and feature improvements onto our gh-CLI-based fork after a security review: - repository / repository_path inputs (multi-repo support) - max_body_bytes / max_diff_lines (large-diff overflow handling) - GIT_CONFIG_GLOBAL isolation - repository regex + path-traversal validation - perl-based template substitution via scripts/replace-template-diff.sh - body-overflow split into managed PR comments - 7 new unit tests under tests/unit/ NOT merged from upstream (deliberately, per fork policy "no new third parties"): - new .github/workflows/* that call devops-infra/.github reusable workflows or devops-infra/triglav with `secrets: inherit` - action.yml `image: docker://devopsinfra/...` (we keep `image: Dockerfile` so consumers build from our source) - Taskfile.scripts.yml dev-time refactor The 13 upstream commits being recorded as ancestors: c5a99ac chore(release): prepare v1.2.1 (devops-infra#227) 6aa878a feat: add Triglav as end-to-end test orchestrator (devops-infra#222) 562d37b chore(release): prepare v1.2.0 (devops-infra#221) 766f664 feat: add repository and repository_path inputs (devops-infra#220) 86d8692 chore(release): prepare v1.1.3 (devops-infra#219) 0ca8a22 fix: update README for clarity and versioning (devops-infra#218) eb4c48b chore(release): prepare v1.1.2 (devops-infra#217) 5b6f69b fix: update Alpine package handling (devops-infra#216) ea294d9 feat: improve workflow linting (devops-infra#215) 378b46d chore: update action-pull-request to v1.1.1 (devops-infra#212) a8b34a6 chore: update action-pull-request to v1.1.0 (devops-infra#211) 0916b92 feat: harden action for handling large diffs (devops-infra#210) 889cc9b feat: group GitHub Actions and Docker (devops-infra#209)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📝 Brief description
feat: add repository and repository_path inputs for enhanced configuration
fix: enhance repository validation in entrypoint script and add tests
test: add validation for repository names containing dot in tests
feat: update entrypoint and test scripts for improved GitHub token handling and repository validation
💻 Commits
| feat: update entrypoint and test scripts for improved GitHub token handling and repository validation
|
| test: add validation for repository names containing dot in tests
|
| fix: enhance repository validation in entrypoint script and add tests
|
feat: add repository and repository_path inputs for enhanced configuration
📁 Modified files
README.md | 55 +++++---
Taskfile.scripts.yml | 14 +-
action.yml | 8 ++
entrypoint.sh | 104 +++++++++++----
.../unit/test_repository_configuration.sh (new +x) | 133 +++++++++++++++++++
tests/unit/test_repository_validation.sh (new +x) | 141 +++++++++++++++++++++
tests/unit/test_template_source_selection.sh | 42 ++++--
7 files changed, 434 insertions(+), 63 deletions(-)
Check CONTRIBUTING.md and CODE_OF_CONDUCT.md for more information