Fix publish action for actions/checkout@v6 worktree credentials (#133)

github-actions[bot] · web-flow · commit 1ec80dc3a2d5 · 2025-11-26T05:35:44.000Z
actions/checkout@v6 moved credentials from .git/config to a separate file using includeIf for security (actions/checkout#2286). This breaks quarto publish gh-pages which uses git worktrees, since the includeIf condition doesn't match worktree paths. The fix propagates the credential configuration to worktrees by adding a second includeIf rule that matches .git/worktrees/* paths. This is backward compatible - it only runs if v6-style credentials exist. Also updates test.yaml to use checkout@v6 and documents v6 compatibility in publish/README.md.
diff --git a/publish/action.yml b/publish/action.yml
@@ -72,6 +72,13 @@ runs:
       run: |
         git config --global user.email "${{ inputs.GITHUB_EMAIL }}"
         git config --global user.name "${{ inputs.GITHUB_USERNAME }}"
+        # Propagate git credentials to worktrees (required for actions/checkout@v6)
+        # See: https://github.com/quarto-dev/quarto-actions/issues/133
+        if git config get includeIf.gitdir:"$(git rev-parse --path-format=absolute --git-dir)".path &>/dev/null; then
+          GIT_DIR=$(git rev-parse --path-format=absolute --git-dir)
+          CRED_PATH=$(git config get --path includeIf.gitdir:"${GIT_DIR}".path)
+          git config set --path includeIf.gitdir:"${GIT_DIR}/worktrees/*".path "${CRED_PATH}"
+        fi
         TARGET="${{ inputs.to }}"
         if [ "$TARGET" == "" ]; then
           TARGET="${{ inputs.target }}"
