Check out a Git repository into $CLOUDBEES_WORKSPACE so your workflow steps can access source code.
Authentication is persisted in the local Git config by default, enabling authenticated Git commands in any container image that has git executables.
Authenticate the checkout
By default, the checkout action uses the CloudBees workflow run token (cloudbees.api.token) to fetch an app access token.
If you provide an ssh-key input, the SSH key is used instead.
|
CloudBees recommends using platform authentication instead of SSH keys.
Do not use SSH keys when the authentication built into CloudBees Unify for the workflow repository is available, or when the configure-git-global-credentials action can be used.
Check out a repository
To check out a repository:
-
Add the checkout step to your workflow YAML, setting
usestohttps://github.com/cloudbees-io/checkout@v2. -
Set the
repositoryinput to the clone URL of your repository.The default value is
${{ cloudbees.scm.repository }}, which checks out the triggering workflow’s repository.
The following example checks out a GitHub repository:
- name: Check out my GitHub repo uses: https://github.com/cloudbees-io/checkout@v2 (1) with: repository: https://github.com/my-name/my-repo-name
| 1 | The full URL for the action is not required. CloudBees recommends using the full action URL to ensure clear identification. However, the short form can be used when the action resides in a GitHub SaaS repository. |
The following example checks out a Bitbucket Cloud or Bitbucket Data Center repository:
- name: Check out my Bitbucket repo uses: https://github.com/cloudbees-io/checkout@v2 with: repository: https://bitbucket.org/my-name/my-repo-name
Configure checkout options
The checkout action supports several inputs to control what is fetched and how authentication is handled.
Specify a branch, tag, or commit
Use the ref input to check out a specific branch, tag, or SHA.
The following example checks out the test branch of a Bitbucket repository from a workflow hosted in a GitHub repository:
- name: Check out Bitbucket repo for GitHub workflow uses: https://github.com/cloudbees-io/checkout@v2 with: repository: https://bitbucket.org/my-name/my-repo-name ref: test
Fetch full history
By default, the action fetches only the most recent commit (fetch-depth: 1).
Set fetch-depth: 0 to fetch the full history for all branches and tags.
The following example fetches the full history of the default branch using an SSH key, without persisting credentials:
- name: Check out GitHub repo uses: https://github.com/cloudbees-io/checkout@v2 with: repository: https://github.com/my-name/my-repo-name ssh-key: {{ secrets.MY_SSH_KEY }} persist-credentials: false fetch-depth: 0
Check out submodules
Set submodules: true to check out submodules, or submodules: recursive to check out submodules recursively.
The following example checks out the last commit of the default branch with submodules checked out recursively into a specified path:
When the ssh-key input is not provided, SSH URLs beginning with git@github.com: are converted to HTTPS.
|
Access checkout outputs
To access the checkout outputs in a later workflow step:
-
Add an
idfield to your checkout step, for exampleid: checkout. -
Reference the outputs using the expression
${{ steps.checkout.outputs.<output-name> }}.
The following example displays all three checkout outputs:
Inputs
| Input name | Data type | Required? | Description | ||
|---|---|---|---|---|---|
|
Boolean |
No |
Default is |
||
|
String |
No |
The CloudBees API token to use when fetching the SCM token when a |
||
|
Number |
No |
Number of commits to fetch.
Default is |
||
|
Boolean |
No |
Default is |
||
|
String |
No |
The relative repository path under |
||
|
Boolean |
No |
Default is |
||
|
String |
No |
The branch, tag, or SHA to check out. The action uses the default branch, except when checking out the triggering workflow repository, in which case the event reference or SHA is used. |
||
|
String |
No |
Repository clone URL.
For example, |
||
|
Boolean |
No |
Default is |
||
|
String |
No |
SSH key used to fetch the repository. The SSH key is configured with the local Git config, enabling scripts to run authenticated Git commands. CloudBees recommends using CloudBees Unify authentication instead of SSH keys.
Do not use SSH keys if authentication built into CloudBees Unify for the workflow repository is available, or if the
The |
||
|
String |
No |
A list of known SSH hosts to add to the global host database.
Use the The public keys for GitHub and Bitbucket are implicitly added by default. |
||
|
Boolean |
No |
Default is |
||
|
Boolean |
No |
Default is |
Outputs
| Output name | Data type | Description |
|---|---|---|
|
String |
The commit SHA for the source repository. |
|
String |
The ref or branch for the checked-out repository. Returns empty when in a detached-head state or if the commit is from a local merge. |
|
String |
The URL of the cloned repository. |
Migrate from v1 to v2
Version 2 of the checkout action is SCM-provider-agnostic.
The repository input now takes the full clone URL (for example, https://github.com/cloudbees-io/checkout), with a default value of ${{ cloudbees.scm.repository }}.
The following inputs and outputs were removed in v2:
| Removed input | Removed output |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
The token and token-auth-type inputs are not supported in v2.
For workflows that previously used these inputs, the repository must now either be integrated with CloudBees Unify or accessed using SSH keys.
The provider, github-server-url, bitbucket-server-url, and gitlab-server-url inputs are no longer required.
These values are derived automatically from the repository field.