Resolve the git committer identity - name and email - from the token a
workflow already has, instead of hardcoding a committer into every action
that commits. Pure resolution: no checkout, no git config, the result
comes back as step outputs.
Picks the committer in this order, first match wins:
- explicit
name/emailinputs, taken as is - no lookup; - the run's own workflow token (
GITHUB_TOKEN) resolves togithub-actions[bot], the standard identity for commits made with it; - a PAT resolves to its owner via
GET /user:loginas the name,<id>+<login>@users.noreply.github.comas the email - the noreply address GitHub links back to the profile; default_name/default_emailinputs, when the token resolves to no one (an installation token of some GitHub App, for example);- otherwise the step fails.
Both pairs are all-or-nothing: passing one half fails loud. Values with control characters are rejected - a newline in an input could forge extra step outputs.
The committer email is what decides whether GitHub renders the commit author as a clickable profile: addresses of real accounts (a user's noreply address, the Actions bot) are linked, arbitrary strings are not.
- id: committer
uses: voidmason/git-identity@v1
with:
token: ${{ secrets.RELEASE_TOKEN }}
- env:
NAME: ${{ steps.committer.outputs.name }}
EMAIL: ${{ steps.committer.outputs.email }}
run: |
git config user.name "$NAME"
git config user.email "$EMAIL"| Input | Required | Description |
|---|---|---|
token |
yes | Token to resolve; a PAT resolves to its owner. |
name |
no | Explicit committer name; skips the lookup. |
email |
no | Explicit committer email; goes with name. |
default_name |
no | Fallback name for a token that resolves to no one. |
default_email |
no | Fallback email; goes with default_name. |
| Output | Description |
|---|---|
name |
Resolved committer name. |
email |
Resolved committer email (id+login noreply for a PAT). |
The runner needs gh; ubuntu-latest ships it. The /user lookup is a
single API call and happens only when no explicit pair is given and the
token is not the workflow token.