Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Actions Artifacts v4 backend #2224

Merged
merged 14 commits into from
May 20, 2024
Merged

Actions Artifacts v4 backend #2224

merged 14 commits into from
May 20, 2024

Conversation

ChristopherHX
Copy link
Contributor

@ChristopherHX ChristopherHX commented Feb 19, 2024

A pretty insecure backport with stubs and removed checks

I'm the original author of most code in artifacts_v4.go and the dumped proto code

jwt code is from the gitea project

Use at your own risk

If you want tests, someone else need to take this over.

Tests for the full Gitea Implementation can be found here: go-gitea/gitea#28965

Fixes #2135

dumped proto file has been deleted, because I'm not going to make changes to that file to satisfy the linter

Copy link
Contributor

github-actions bot commented Feb 19, 2024

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ EDITORCONFIG editorconfig-checker 11 0 0.05s
✅ REPOSITORY gitleaks yes no 2.34s
✅ REPOSITORY git_diff yes no 0.01s
✅ REPOSITORY grype yes no 7.45s
✅ REPOSITORY secretlint yes no 1.08s
✅ REPOSITORY trivy-sbom yes no 0.63s
✅ REPOSITORY trufflehog yes no 4.51s
⚠️ YAML prettier 1 1 0.28s
✅ YAML v8r 1 0 1.48s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@ChristopherHX
Copy link
Contributor Author

ChristopherHX commented Feb 19, 2024

@TWiStErRob @zdenardi it's now your turn to test this if this satisfies your needs.

The following works (* christopherhx/gitea- works on GHES (currently only gitea), for GitHub.com you can use the official actions)

on:
  push:
jobs:
  _5:
    runs-on: ubuntu-latest
    steps: 
    - run: env
    - run: |
        github:
        ${{ tojson(github) }}
        inputs:
        ${{ tojson(inputs) }}
        matrix:
        ${{ tojson(matrix) }}
        needs:
        ${{ tojson(needs) }}
        strategy:
        ${{ tojson(strategy) }}            
      shell: cp {0} context.txt
    - uses: christopherhx/gitea-upload-artifact@v4
      with:
        name: test
        path: context.txt

    - uses: christopherhx/gitea-download-artifact@v4
      with:
        name: test
        path: out
    - run: cat out/context.txt

For anything else someone need to take this over. I'm more satisfied by full client + server reimplementations of actions with authentication, instead of a pseudo server like for act cli.

Copy link

codecov bot commented Feb 19, 2024

Codecov Report

Attention: Patch coverage is 72.62774% with 75 lines in your changes are missing coverage. Please review.

Project coverage is 76.35%. Comparing base (5a80a04) to head (f2df8ec).
Report is 71 commits behind head on master.

Files Patch % Lines
pkg/artifacts/arifacts_v4.go 72.56% 38 Missing and 24 partials ⚠️
pkg/common/auth.go 69.04% 7 Missing and 6 partials ⚠️
Additional details and impacted files
@@             Coverage Diff             @@
##           master    #2224       +/-   ##
===========================================
+ Coverage   61.56%   76.35%   +14.78%     
===========================================
  Files          53       61        +8     
  Lines        9002     7777     -1225     
===========================================
+ Hits         5542     5938      +396     
+ Misses       3020     1286     -1734     
- Partials      440      553      +113     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@TWiStErRob
Copy link

Awesome! I can confirm this works (I grabbed the executable artifact from https://github.com/nektos/act/actions/runs/7959602137).
Will need to adjust some scripts because of the way artifact upload works, but looks as expected:

Before After
image image image

@ChristopherHX ChristopherHX marked this pull request as ready for review May 20, 2024 10:24
@ChristopherHX ChristopherHX requested a review from a team as a code owner May 20, 2024 10:24
@mergify mergify bot merged commit e1e5671 into master May 20, 2024
11 checks passed
@mergify mergify bot deleted the artifacts-v4 branch May 20, 2024 20:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Research about actions/upload-artifact@v4 and actions/download-artifact@v4
3 participants