From 2a15e11d5a27f2c84f11763a6f3296d1bcdbeaca Mon Sep 17 00:00:00 2001 From: eric sciple Date: Thu, 12 Mar 2020 00:59:09 -0400 Subject: [PATCH] update verbiage; add comments --- README.md | 10 +++++----- __test__/git-auth-helper.test.ts | 2 ++ action.yml | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index df3355c..68ae7f7 100644 --- a/README.md +++ b/README.md @@ -49,19 +49,19 @@ Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous # with the local git config, which enables your scripts to run authenticated git # commands. The post-job step removes the PAT. # - # We recommend creating a service account with the least permissions necessary. - # Also when generating a new PAT, select the least scopes necessary. + # We recommend using a service account with the least permissions necessary. Also + # when generating a new PAT, select the least scopes necessary. # # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) # # Default: ${{ github.token }} token: '' - # SSH key used to fetch the repository. SSH key is configured with the local git - # config, which enables your scripts to run authenticated git commands. The + # SSH key used to fetch the repository. The SSH key is configured with the local + # git config, which enables your scripts to run authenticated git commands. The # post-job step removes the SSH key. # - # We recommend creating a service account with the least permissions necessary. + # We recommend using a service account with the least permissions necessary. # # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) ssh-key: '' diff --git a/__test__/git-auth-helper.test.ts b/__test__/git-auth-helper.test.ts index 67e1301..1d5c3d5 100644 --- a/__test__/git-auth-helper.test.ts +++ b/__test__/git-auth-helper.test.ts @@ -320,6 +320,8 @@ describe('git-auth-helper tests', () => { ).toString() expect(actualSshKeyContent).toBe(settings.sshKey + '\n') if (!isWindows) { + // Assert read/write for user, not group or others. + // Otherwise SSH client will error. expect((await fs.promises.stat(actualSshKeyPath)).mode & 0o777).toBe( 0o600 ) diff --git a/action.yml b/action.yml index 7d5412d..58e11b7 100644 --- a/action.yml +++ b/action.yml @@ -16,7 +16,7 @@ inputs: commands. The post-job step removes the PAT. - We recommend creating a service account with the least permissions necessary. + We recommend using a service account with the least permissions necessary. Also when generating a new PAT, select the least scopes necessary. @@ -24,12 +24,12 @@ inputs: default: ${{ github.token }} ssh-key: description: > - SSH key used to fetch the repository. SSH key is configured with the local + SSH key used to fetch the repository. The SSH key is configured with the local git config, which enables your scripts to run authenticated git commands. The post-job step removes the SSH key. - We recommend creating a service account with the least permissions necessary. + We recommend using a service account with the least permissions necessary. [Learn more about creating and using