Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to actions/upload-artifact@4.0.0 and actions/download-artifact@4.0.0 #77

Closed
freakboy3742 opened this issue Dec 18, 2023 · 4 comments · Fixed by #78
Closed

Upgrade to actions/upload-artifact@4.0.0 and actions/download-artifact@4.0.0 #77

freakboy3742 opened this issue Dec 18, 2023 · 4 comments · Fixed by #78
Labels
enhancement New features, or improvements to existing features.

Comments

@freakboy3742
Copy link
Member

What is the problem or limitation you are having?

The v4 releases of actions/upload-artifact and actions/download-artifact include a series of massive backwards incompatibilities:

  • It is no longer possible to upload multiple artefacts with the same name
  • It is no longer possible to download multiple artefacts with a wildcard (unconfirmed, but definitely not documnted)
  • If you download multiple artefacts, they are now put into parallel subdirectories, instead of being merged into a single directory.

Describe the solution you'd like

Make the changes necessary to track the new releases.

Describe alternatives you've considered

  • Stay on the v3 series forever. This will eventually cause bitrot, because the underlying Node version will be deprecated.
  • Fork the packages...

Additional context

Github issue requesting guidance on migration

The following Dependabot PRs were created automatically, and failed CI:

The following Dependabot PRs were created automatically, and passed CI:

Even though they passed CI, Dependabot was suspended for the upload/download actions. It's possible they've worked as intended; but given the size of the change, they usage needs to be carefully audited.
@freakboy3742 freakboy3742 added the enhancement New features, or improvements to existing features. label Dec 18, 2023
@chrjabs chrjabs mentioned this issue Dec 18, 2023
Merged
@rmartin16
Copy link
Member

rmartin16 commented Dec 19, 2023
edited
Loading

While the situation has improved for using the latest version of these actions, after experimenting with them a bit for a separate project, the downloading of artifacts seems much more finicky now. I have seen much higher rates of failures for downloads than with the previous version; most seem to be of the nature of a timeout.

So, while anecdotal, we'll probably be best served by letting these new GitHub services mature a bit more before implementing them en masse.

@rmartin16
Copy link
Member

Additionally, because the previous and new versions are not compatible with each other in at least one important operating mode, the upgrade will likely require several co-dependent PRs to rollout the updates to use the new versions across the repos.

@StephenWeatherford StephenWeatherford mentioned this issue Dec 19, 2023
Merged
StephenWeatherford added a commit to Azure/bicep that referenced this issue Dec 19, 2023
@StephenWeatherford
Revert "Bump actions/upload-artifact from 3 to 4 (#12786)" (#12802)
98e4431 
This reverts commit 63caca8.

See:
actions/upload-artifact#472
https://github.com/orgs/aio-libs/discussions/31
beeware/.github#77
https://github.com/Ralim/IronOS/pull/1855/files

Bug to revert back again when we have clear guidance:
#12803

###### Microsoft Reviewers: [Open in
CodeFlow](https://microsoft.github.io/open-pr/?codeflow=https://github.com/Azure/bicep/pull/12802)

Co-authored-by: Stephen Weatherford <Stephen.Weatherford.com>
@rmartin16
Copy link
Member

FWIW, more anecdotes about timeouts (which I'm also still seeing in a daily workflow I set up):

This was referenced Jan 3, 2024
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
@rmartin16
Copy link
Member

I went ahead and did the work to upgrade to v4; whether you want to merge this now or later is up to you. There are still the request timeouts for the download-artifact action....but they seem like they may be occurring less often.

In general, the upgrades are rather straightforward; for the repos where the Dependabot PR succeeded, these new PRs can be merged independently and whenever. Although, I wasn't sure how to test any of them...

As for the repos where the Dependabot PRs failed, these new PRs will all need to be merged in tandem with #78.

The one peculiar bit is the output artifact-name from the python-package-create workflow; it required a non-obvious change for Toga so definitely evaluate if you agree with my change.

@rmartin16 rmartin16 mentioned this issue Jan 3, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New features, or improvements to existing features.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade upload-artifact and download-artifact actions to v4 rmartin16/.github-beeware
2 participants
@freakboy3742 @rmartin16