How to do a sparse checkout in GitHub Actions?

Use the sparse-checkout input with file or directory patterns. For example, set sparse-checkout: .github src to fetch only those folders, as shown in the README scenarios. Disable cone mode for single-file checkouts.

Actions/checkout vs git clone: which is better for GitHub Actions?

actions/checkout is generally better because it handles authentication, security, and workspace integration automatically. Manual git clone requires more setup and may not securely persist credentials or support features like sparse checkout.

How to push a commit using actions/checkout?

After checkout, configure git user and email, then run git push. The action persists the token, so authenticated pushes work—see the 'Push a commit using the built-in token' scenario in the README for a concrete example.

Does actions/checkout work with private repositories?

Yes, it supports private repos by using the token or ssh-key inputs. For multiple private repos, provide a PAT with appropriate permissions, as detailed in the 'Checkout multiple repos (private)' scenario.

What permissions are needed for actions/checkout to work?

Set contents: read permission for GITHUB_TOKEN unless using alternative auth via token or ssh-key. This ensures proper access without excessive privileges, as recommended in the permissions section.

How to checkout a specific branch in a pull request workflow?

Use the ref input with ${{ github.head_ref }} to checkout the branch associated with the PR, avoiding detached HEAD mode. This is demonstrated in the 'Push a commit to a PR' scenario.

checkout

MITTypeScriptv6.0.2

A GitHub Action for checking out a repository into your workflow's workspace, enabling authenticated git operations.

Visit Website

What is checkout?

Checkout is a GitHub Action that fetches a repository's content into the workflow's workspace directory. It solves the problem of accessing source code within automated CI/CD pipelines by providing a reliable way to clone repositories, handle authentication, and support advanced Git operations like sparse checkouts and submodule management.

Target Audience

Developers and DevOps engineers building CI/CD workflows on GitHub Actions who need to access repository code for building, testing, or deployment steps.

Value Proposition

As an official GitHub-maintained action, it offers robust security, performance optimizations like sparse checkout, and seamless integration with GitHub's authentication system, making it the standard and most trusted solution for repository checkout in GitHub Actions.

Overview

Action for checking out a repo

Use Cases

Best For

Fetching source code at the start of a CI/CD pipeline
Performing authenticated git operations (e.g., pushing commits) from within a workflow

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

GitHub

7.8k stars2.5k forks0 contributors

Working with large repositories by fetching only specific directories via sparse checkout

Checking out multiple repositories (including private ones) in a single workflow

Handling pull request builds by checking out the HEAD commit instead of the merge commit

Managing projects with Git submodules in automated workflows

Not Ideal For

Teams using CI/CD platforms other than GitHub Actions, such as GitLab CI or Jenkins
Projects requiring code checkout from non-Git version control systems or custom repositories without GitHub integration
Workflows needing frequent customization or contributions to the checkout logic, as the project is not accepting external contributions
Environments with outdated or restricted Actions runner versions that cannot support features like Docker container authentication

Pros & Cons

Pros

Enhanced Credential Security

Stores authentication tokens in a secure temporary file under $RUNNER_TEMP instead of .git/config, reducing credential exposure risks, as highlighted in the v6 release notes.

Sparse Checkout Optimization

Supports fetching only specific files or directories using patterns, enabling performance gains for large repositories, with examples provided in the scenarios section.

Seamless Authentication Persistence

Automatically configures provided tokens or SSH keys for authenticated git commands like push, allowing scripts to run without manual credential setup.

Robust Submodule Handling

Can recursively checkout submodules and automatically converts SSH URLs to HTTPS when needed, simplifying management for complex projects.

Cons

Closed Contribution Model

The project explicitly states it is not accepting contributions, which may limit community-driven enhancements or slow responsiveness to niche feature requests.

Runner Version Lock-in

Certain features, such as authenticated git commands from Docker containers, require specific Actions runner versions (e.g., v2.329.0+), potentially causing compatibility issues in heterogeneous environments.

GitHub Ecosystem Dependency

Optimized primarily for GitHub repositories; using it with other Git hosts or self-hosted instances may require extra configuration and lacks native support for some advanced Git features.

Frequently Asked Questions

Home

GitHub Actions

cache

Cache dependencies and build outputs in GitHub Actions

Stars5,359

Forks1,526

Last commit10 days ago

github-script

Write workflows scripting the GitHub API in JavaScript

Stars4,931

Forks554

Last commit14 days ago

upload-artifact

`@actions/upload-artifact` is an official GitHub Action that allows developers to upload files, directories, or files matching wildcard patterns as artifacts from their workflow runs. These artifacts are stored by GitHub and can be downloaded later or used by other jobs in the same workflow, facilitating data persistence and sharing across CI/CD steps. ## Key Features - **Flexible Path Specification** — Upload individual files, entire directories, or use wildcard patterns and exclusions to select specific files. - **Performance and Control** — Manually adjust compression levels for speed or size, and customize behavior when no files are found. - **Artifact Management** — Set custom retention periods, overwrite existing artifacts, and include or exclude hidden files from uploads. - **Output Integration** — Provides artifact IDs, URLs, and digests as outputs for use in subsequent steps or with the GitHub REST API. - **Immutable Archives** — Each upload creates a unique, immutable artifact, preventing accidental corruption from concurrent modifications. ## Philosophy The action is designed to be a reliable, performant, and secure method for persisting workflow data, with sensible defaults that prioritize safety (like excluding hidden files) while offering granular control for advanced use cases.

Stars4,041

Forks1,044

Last commit10 days ago

download-artifact

The `@actions/download-artifact` action enables GitHub Actions workflows to retrieve stored artifacts from workflow runs. It provides flexible options for downloading single or multiple artifacts, filtering by patterns, and accessing artifacts across different repositories and runs. ## Key Features - **Single Artifact Download** — Download a specific artifact by name or unique ID to a specified directory. - **Bulk Artifact Retrieval** — Download all artifacts from a run, with options to merge them into a single directory or keep them separate. - **Cross-Repository Access** — Download artifacts from other repositories or workflow runs using a GitHub token with appropriate permissions. - **Pattern Filtering** — Use glob patterns to download only matching artifacts, useful in multi-architecture build scenarios. - **Flexible Output Control** — Choose whether to automatically decompress artifacts or maintain them as-is for manual handling. - **File Permission Preservation** — Supports workflows that require maintaining executable permissions via tar archives. ## Philosophy The action is designed to be a reliable, configurable tool for artifact retrieval within GitHub's ecosystem, prioritizing compatibility with the platform's artifact system and providing clear, predictable behavior for common use cases.

Stars1,823

Forks695

Last commit1 month ago

#version-control

#devops

#repository-management