.

src/git-auth-helper.ts

@@ -171,11 +171,13 @@ class GitAuthHelper {
     await this.removeGitConfig(this.insteadOfKey, true)
 
     if (this.settings.persistCredentials) {
+      // TODO: UPDATE THIS
+
       // Configure a placeholder value. This approach avoids the credential being captured
       // by process creation audit events, which are commonly logged. For more information,
       // refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
       const output = await this.git.submoduleForeach(
-        // wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
+        // Wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
         `sh -c "git config --local '${this.tokenConfigKey}' '${this.tokenPlaceholderConfigValue}' && git config --local --show-origin --name-only --get-regexp remote.origin.url"`,
         this.settings.nestedSubmodules
       )
@@ -311,26 +313,30 @@ class GitAuthHelper {
 
     // Add include or includeIf to reference the credentials config
     if (globalConfig) {
-      // For global config, use unconditional include.
+      // Global config file is temporary
-      // No need to track for cleanup since the temp .gitconfig file (which contains
-      // this include.path entry) gets deleted by removeGlobalConfig().
       await this.git.config('include.path', credentialsConfigPath, true)
     } else {
       // For local config, use includeIf.gitdir to match the .git directory.
       // Configure for both host and container paths to support Docker container actions.
-      const gitDir = path.join(this.git.getWorkingDirectory(), '.git')
+      let gitDir = path.join(this.git.getWorkingDirectory(), '.git')
+      console.log(`Git dir: ${gitDir}`)
+      // Use forward slashes for git config, even on Windows
+      gitDir = gitDir.replace(/\\/g, '/')
       const hostIncludeKey = `includeIf.gitdir:${gitDir}.path`
       await this.git.config(hostIncludeKey, credentialsConfigPath)
       this.credentialsIncludeKeys.push(hostIncludeKey)
 
       // Configure for container scenario where paths are mapped to fixed locations
       const githubWorkspace = process.env['GITHUB_WORKSPACE']
-      if (githubWorkspace) {
+      assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined')
+      
       // Calculate the relative path of the working directory from GITHUB_WORKSPACE
       const workingDirectory = this.git.getWorkingDirectory()
-        const relativePath = path.relative(githubWorkspace, workingDirectory)
+      let relativePath = path.relative(githubWorkspace, workingDirectory)
 
       // Container paths: GITHUB_WORKSPACE -> /github/workspace, RUNNER_TEMP -> /github/runner_temp
+      // Use forward slashes for git config
+      relativePath = relativePath.replace(/\\/g, '/')
       const containerGitDir = path.posix.join(
         '/github/workspace',
         relativePath,
@@ -346,7 +352,6 @@ class GitAuthHelper {
       this.credentialsIncludeKeys.push(containerIncludeKey)
     }
   }
-  }
 
   private async replaceTokenPlaceholder(configPath: string): Promise<void> {
     assert.ok(configPath, 'configPath is not defined')