Stopping the mixing -> clear separation Forgejo/Github

This action is even less useful in Github than in Forgejo/Gitea so let's stop
wasting time and clearly label with a suffix 'v4.x.y-github' for Github.

.forgejo/workflows/generate-release-zipfile.yml

@@ -0,0 +1,68 @@
+on:
+  push:
+    branches:
+      - 'v4'
+
+jobs:
+  GenerateReleaseZipfile:
+    runs-on: docker
+    container:
+      image: entrepot.xlii.si/actions/alpine-wget-git-zip:latest
+    steps:
+      - name: Generate some content
+        run: |
+          set -ex
+          mkdir toto
+          echo tata > toto/tata.txt
+          echo titi > toto/titi.txt
+          echo titi titi > "toto/titi titi.txt"
+          echo tutu > tutu.txt
+          echo tutu >> tutu.txt
+          echo tutuuuuu >> tutu2.txt
+          echo tutuuuuu >> "tutu tutu.txt"
+          echo ratata >> 'tutu tutu*.txt'
+          ls -R
+
+      - name: Testing the artifact uploading
+        id: "uploading"
+        uses: "${{ github.server_url }}/${{ github.repository }}@${{ github.sha }}"
+        with:
+          path: |
+            toto
+            tutu*
+
+      - name: Is there any output for the previous step ?
+        run: |
+          set -x
+          printf "steps.uploading.outputs.artifact-id: %s\n" "${{ steps.uploading.outputs.artifact-id }}"
+          printf "steps.uploading.outputs.artifact-url: %s\n" "${{ steps.uploading.outputs.artifact-url }}"
+
+      - name: Check the content of the uploaded artifact
+        run: |
+          # Stop at first error and be verbose
+          set -ex
+
+          # Create some temporary files/directory
+          DOWNLOAD_FILE="$( mktemp )"
+          SHASUM_FILE="$( mktemp )"
+          TEST_ARTIFACT_DIR="$( mktemp -d )"
+
+          # Get the fingerprint of our test
+          find . -type f -exec sha256sum \{\} \;  > "$SHASUM_FILE"
+          # Little optional checkup
+          cat "$SHASUM_FILE"
+
+          cd "$TEST_ARTIFACT_DIR"
+          # In case the repository becomes private, we add our GITHUB_TOKEN to the artifact-url.
+          MY_AUTHENTICATED_URL="$( echo "${{ steps.uploading.outputs.artifact-url }}" | sed "s#^\(https\?://\)#\1$GITHUB_TOKEN\@#" )"
+          wget -O "$DOWNLOAD_FILE" "$MY_AUTHENTICATED_URL"
+
+          # unzip and check
+          unzip "$DOWNLOAD_FILE"
+          sha256sum -c "$SHASUM_FILE"
+
+          # Cleanup
+          cd -
+          rm -f "$DOWNLOAD_FILE"
+          rm -f "$SHASUM_FILE"
+          rm -rf "$TEST_ARTIFACT_DIR"

.github/workflows/generate-release-zipfile.yml

@@ -0,0 +1,100 @@
+on:
+  push:
+    branches:
+      - 'v4-github'
+
+jobs:
+  GenerateReleaseZipfile:
+    runs-on: ubuntu-latest
+    # Trying to help access to the artifact with the GITHUB_TOKEN at the last step but didn't help.
+    #permissions: read-all
+    steps:
+      - name: Generate some content
+        run: |
+          set -ex
+          mkdir toto
+          echo tata > toto/tata.txt
+          echo titi > toto/titi.txt
+          echo titi titi > "toto/titi titi.txt"
+          echo tutu > tutu.txt
+          echo tutu >> tutu.txt
+          echo tutuuuuu >> tutu2.txt
+          echo tutuuuuu >> "tutu tutu.txt"
+          # Github doesn't like special characters.
+          #echo ratata >> 'tutu tutu*.txt'
+          ls -R
+
+      - name: "Github requires checkout for 'uses: ./' (or we could hard write the repository's URL ?)"
+        run: |
+          mkdir myaction && cd myaction
+          git init
+          test -z "$GITHUB_TOKEN" && GITHUB_TOKEN="${{ github.token }}"
+          MY_AUTHENTICATED_URL="$( echo "$GITHUB_SERVER_URL" | sed "s#^\(https\?://\)#\1$GITHUB_TOKEN\@#" )"
+          git remote add origin "$MY_AUTHENTICATED_URL"/"$GITHUB_REPOSITORY"
+          # Little and optional speed optimization
+          git config --local gc.auto 0
+          git fetch --no-tags --prune --no-recurse-submodules --depth=1 origin "$GITHUB_SHA"
+          git reset --hard "$GITHUB_SHA"
+
+      - name: Testing the artifact uploading
+        id: "uploading"
+        uses: ./myaction
+        # For comparison
+        #uses: actions/upload-artifact@v4
+        with:
+          path: |
+            toto
+            tutu*
+
+      - name: "Cleanup Github"
+        run: rm -rvf myaction
+
+      - name: Is there any output for the uploading step ?
+        run: |
+          set -x
+          printf "steps.uploading.outputs.artifact-id: %s\n" "${{ steps.uploading.outputs.artifact-id }}"
+          printf "steps.uploading.outputs.artifact-url: %s\n" "${{ steps.uploading.outputs.artifact-url }}"
+
+      - name: Check the content of the uploaded artifact
+        run: |
+          # Stop at first error and be verbose
+          set -ex
+
+          # Create some temporary files/directory
+          DOWNLOAD_FILE="$( mktemp )"
+          SHASUM_FILE="$( mktemp )"
+          TEST_ARTIFACT_DIR="$( mktemp -d )"
+
+          # Get the fingerprint of our test
+          find . -type f -exec sha256sum \{\} \;  > "$SHASUM_FILE"
+          # Little optional checkup
+          cat "$SHASUM_FILE"
+
+          cd "$TEST_ARTIFACT_DIR"
+          # In case the repository becomes private, we add our GITHUB_TOKEN to the artifact-url.
+          test -z "$GITHUB_TOKEN" && GITHUB_TOKEN="${{ github.token }}"
+          # TODO : can't get it to work :-/
+          #wget --header "Authorization: Bearer $GITHUB_TOKEN" -O "$DOWNLOAD_FILE" "${{ steps.uploading.outputs.artifact-url }}"
+
+          # Oh boy... We're gone beyond salvation but let's try to explain:
+          # - the api.github.com accepts the GITHUB_TOKEN in the Authorization
+          #   header (but not the ACTIONS_RUNTIME_TOKEN, nor the GITHUB_TOKEN as
+          #   part of the URL like https://$GITHUB_TOKEN@api.github.com/...)
+          # - ...but we get redirect to Windows.net/Azure data warehouse which refuses GITHUB_TOKEN...
+          # -> so, if the api.github.com fails, we try to extract the redirect location and hit it without any header.
+          # ('beginning to wonder if Github's changing master to main was also a part of a plot to complexify our lives...)
+          WGET_OUTPUT="$( wget -O "$DOWNLOAD_FILE" \
+            --header "Authorization: Bearer $GITHUB_TOKEN" \
+            "https://api.github.com/repos/$GITHUB_REPOSITORY/actions/artifacts/${{ steps.uploading.outputs.artifact-id }}/zip" 2>&1 )" \
+          || wget -O "$DOWNLOAD_FILE" \
+            "$( echo "$WGET_OUTPUT" | sed -n 's/^Location: \(.*\) \[following\]/\1/p' | tail -n 1 )"
+
+          # unzip and check
+          unzip "$DOWNLOAD_FILE"
+          sha256sum -c "$SHASUM_FILE"
+
+          # Cleanup
+          cd -
+          rm -f "$DOWNLOAD_FILE"
+          rm -f "$SHASUM_FILE"
+          rm -rf "$TEST_ARTIFACT_DIR"

README.md

@@ -9,13 +9,23 @@ the artifact uploading required a full blown NodeJS container.
 
 ## Usage
 
-This actions won't copy all the features of the original NodeJS version but
+This action won't copy all the features of the original NodeJS version but
 please report differences on the main ones.
 
+### Requirements
+
+This action needs the following executables:
+
+* `zip` (unless you zip the artifact yourself)
+* `wget` (the full version : unfortunately, as of 2024-08-26, the busybox variant isn't capable of using the PUT method)
+
+
 ### Inputs
 
 ```yaml
-- uses: actions/upload-artifact@v4
+# If you can, give the full URL :
+# - uses: https://entrepot.xlii.si/actions/upload-artifact-with-wget@v4
+- uses: actions/upload-artifact-with-wget@v4
   with:
     # Name of the artifact to upload.
     # Optional. Default is 'artifact'
@@ -24,6 +34,14 @@ please report differences on the main ones.
     # A file, directory or wildcard pattern that describes what to upload
     # Required.
     path:
+
+    # If the artifact is already a zipfile, set to false.
+    # Optional. Default is true.
+    compression:
+
+    # Set the compression level of the zipfile.
+    # Optional. Default is '6'.
+    compression-level:
 ```
 
 ### Outputs
@@ -31,6 +49,7 @@ please report differences on the main ones.
 | Name | Description | Example |
 | - | - | - |
 | `artifact-id` | GitHub ID of an Artifact, can be used by the REST API | `1234` |
+| `artifact-url` | URL to download an Artifact. | `https://github.com/example-org/example-repo/actions/runs/1/artifacts/1234` or `https://codeberg.org/forgejo/forgejo/actions/runs/1/artifacts/my-artifact` |
 
 ## Examples
 
@@ -45,3 +64,21 @@ steps:
     name: my-artifact
     path: path/to/artifact/world.txt
 ```
+
+## Miscellaneous
+
+If you seek a similar alternative for checkout, look at https://github.com/marketplace/actions/checkout-action or use the code below :
+```yaml
+steps:
+  - name: Simple checkout
+    run: |
+      git init
+      # On Github, the token isn't readily available.
+      test -z "$GITHUB_TOKEN" && GITHUB_TOKEN="${{ github.token }}"
+      MY_AUTHENTICATED_URL="$( echo "$GITHUB_SERVER_URL" | sed "s#^\(https\?://\)#\1$GITHUB_TOKEN\@#" )"
+      git remote add origin "$MY_AUTHENTICATED_URL"/"$GITHUB_REPOSITORY"
+      # Little and optional speed optimization
+      git config --local gc.auto 0
+      git fetch --no-tags --prune --no-recurse-submodules --depth=1 origin "$GITHUB_SHA"
+      git reset --hard "$GITHUB_SHA"
+```

action.yml

@@ -1,13 +1,16 @@
 # SPDX-License-Identifier: 0BSD
-name: "Upload artifact with wget"
+name: "Upload an artifact with wget"
-author: "Chl <chl@xlii.si>"
+author: "Chl"
 
 description: |
-  Upload an artifact for a workflow.
+  Upload an artifact.
 
-  This is a far lighter version of upload-artifact, it only need a shell, zip
+  This is a lighter version of upload-artifact, it only needs a shell, zip
-  and the full version of wget (unfortunately, as of 2024-08-26, the busybox
+  and the full version of wget.
-  variant isn't capable of using the PUT method).
+
+branding:
+  icon: archive
+  color: gray-dark
 
 inputs:
   name:
@@ -17,7 +20,7 @@ inputs:
     description: 'A file, directory or wildcard pattern that describes what to upload'
     required: true
   compression:
-    description: 'Set to false to upload the (already zipped) file directly. (default: true)'
+    description: 'Set to false to upload the (already zipped by yourself) file directly. (default: true)'
     default: true
   compression-level:
     description: 'The level of compression for Zlib to be applied to the artifact archive (between 0 and 9).'
@@ -25,21 +28,38 @@ inputs:
 
 outputs:
   artifact-id:
-    description: A unique identifier for the artifact that was just uploaded. Empty if the artifact upload failed.
+    description: A unique identifier for the artifact that was just uploaded.
+    value: ${{ steps.uploading.outputs.artifact-id }}
+  artifact-url:
+    description: The URL for the uploaded artifact. Access may require authorization.
+    value: ${{ steps.uploading.outputs.artifact-url }}
 
 runs:
   using: 'composite'
   steps:
+    # ACTIONS_RUNTIME_TOKEN is not yet available (2024-08) for composite actions on Github :
+    # https://github.com/actions/runner/issues/3046
+    # Forgejo tries to download this remote action even if it's not needed :
+    # uncomment if you want to run this action in Github.
+    #- name: Expose GitHub Runtime
+    #  if: env.ACTIONS_RUNTIME_TOKEN == ''
+    #  uses: "https://github.com/crazy-max/ghaction-github-runtime@v3"
+
     - name: Upload artifact (using v4)
       shell: sh
+      # id for reference in the outputs extraction
+      id: uploading
       run: |
         # Some optional help for debugging.
         set -ex
 
+        # Compatibility layer for Github
+        test -z "$GITHUB_TOKEN" && GITHUB_TOKEN="${{ github.token }}"
+
         # Compress the input paths into a zip archive
         # (note: busybox' mktemp doesn't have the --suffix option)
         MYUPLOAD="$( mktemp -u ).zip"
-        if [ "${{ inputs.compression }}" == "true" ]; then
+        if [ "${{ inputs.compression }}" = "true" ]; then
           # inputs.path can be a list of files (with wildcards and spaces) and
           # the shell's command substitution + field splitting + pathname
           # expansion gives a behaviour pretty close to the original Github's
@@ -64,36 +84,55 @@ runs:
         $( echo "$ACTIONS_RUNTIME_TOKEN" | sed 's/.*\.\(.*\)\..*/\1/' | base64 -d 2>/dev/null | sed 's/.*Actions.Results:\([^:]\+\):\([^:" ]\+\).*/\1 \2/' )
         EOF
 
+        # Github compatibility layer: ACTIONS_RESULTS_URL already ends with a '/'
+        ACTIONS_RESULTS_URL="$( echo "$ACTIONS_RESULTS_URL" | sed 's/\/$//' )"
+
         # Request an upload URL
         RESPONSE="$( wget -O - \
           --header 'Content-Type:application/json' \
-          --header "Authorization: Bearer $GITHUB_TOKEN" \
+          --header "Authorization: Bearer $ACTIONS_RUNTIME_TOKEN" \
           --post-data "$( printf '{"version":4, "name":"%s", "workflow_run_backend_id":"%s", "workflow_job_run_backend_id":"%s"}' "${{ inputs.name }}" "$WORKFLOW_RUN_BACKEND_ID" "$WORKFLOW_JOB_RUN_BACKEND_ID" )" \
-          "$GITHUB_SERVER_URL"/twirp/github.actions.results.api.v1.ArtifactService/CreateArtifact
+          "$ACTIONS_RESULTS_URL"/twirp/github.actions.results.api.v1.ArtifactService/CreateArtifact
         )"
         # We get a JSON with an signedUploadUrl similar to :
         #  https://entrepot.xlii.si/twirp/github.actions.results.api.v1.ArtifactService/UploadArtifact?sig=yWWEI8tIIECp8D7E5TVh4_6G2pZxWaVdQcSYaCsx5s0=&expires=2024-08-26+07%3A20%3A49.886890537+%2B0200+CEST&artifactName=mymodule-1.2.3.zip&taskID=63
-        SIGNED_UPLOAD_URL="$( echo "$RESPONSE" | sed -n 's/.*"signedUploadUrl" *: *"\([^"]\+\)".*/\1/p' )"
+        SIGNED_UPLOAD_URL="$( echo "$RESPONSE" | sed -n 's/.*"signed_\?[uU]pload_\?[uU]rl" *: *"\([^"]\+\)".*/\1/p' )"
 
         # Upload our file
-        # (note: adding '&comp=block' at the end of the URL)
+        # (note: adding '&comp=block' at the end of the URL for Forgejo)
         # (note 2: if it fails here, it probably means you are using the busybox
         #          variant of wget which can't (as of 2024-08-26) use the PUT method.
         #          Install the full one beforehand : apt install wget / pkg add wget / ...)
-        wget --method PUT --body-file "$MYUPLOAD" "$SIGNED_UPLOAD_URL&comp=block"
+        if [ "$GITHUB_SERVER_URL" != "https://github.com" ]; then
+          SIGNED_UPLOAD_URL="$SIGNED_UPLOAD_URL&comp=block"
+        fi
+        wget -O /dev/null \
+          --method PUT \
+          --body-file "$MYUPLOAD" \
+          --header "x-ms-blob-content-type: zip" \
+          --header "x-ms-blob-type: BlockBlob" \
+          "$SIGNED_UPLOAD_URL"
 
         # Finalize the artifact
         RESPONSE="$( wget -O - \
           --header 'Content-Type:application/json' \
-          --header "Authorization: Bearer $GITHUB_TOKEN" \
+          --header "Authorization: Bearer $ACTIONS_RUNTIME_TOKEN" \
           --post-data "$( printf '{"hash":"sha256:%s", "name":"%s", "size":"%d", "workflow_run_backend_id":"%s", "workflow_job_run_backend_id":"%s"}' "$( sha256sum $MYUPLOAD | sed 's/[[:space:]]\+.*//' )" "${{ inputs.name }}" "$( stat -c %s $MYUPLOAD )" "$WORKFLOW_RUN_BACKEND_ID" "$WORKFLOW_JOB_RUN_BACKEND_ID" )" \
-          "$GITHUB_SERVER_URL"/twirp/github.actions.results.api.v1.ArtifactService/FinalizeArtifact
+          "$ACTIONS_RESULTS_URL"/twirp/github.actions.results.api.v1.ArtifactService/FinalizeArtifact
         )"
 
         # Store the outputs
-        echo artifact-id="$( echo "$RESPONSE" | sed -n 's/.*"artifactId" *: *"\([^"]\+\)".*/\1/p' )" >> $GITHUB_OUTPUT
+        ARTIFACT_ID="$( echo "$RESPONSE" | sed -n 's/.*"artifact_\?Id" *: *"\([^"]\+\)".*/\1/ip' )"
+        echo artifact-id="$ARTIFACT_ID" >> $GITHUB_OUTPUT
+        if [ "$GITHUB_SERVER_URL" = "https://github.com" ]; then
+          # note: as an alternative, there is https://api.github.com/repos/OWNER/REPO/actions/artifacts/ARTIFACT_ID
+          echo artifact-url="$GITHUB_SERVER_URL"/"$GITHUB_REPOSITORY"/actions/runs/"$GITHUB_RUN_ID"/artifacts/"$ARTIFACT_ID" >> $GITHUB_OUTPUT
+        else
+          # Gitea & Forgejo : github.run_number instead of github.run_id and name of the artifact instead of artifact_id
+          echo artifact-url="$GITHUB_SERVER_URL"/"$GITHUB_REPOSITORY"/actions/runs/"$GITHUB_RUN_NUMBER"/artifacts/"$INPUT_NAME" >> $GITHUB_OUTPUT
+        fi
 
         # Cleanup
-        if [ "${{ inputs.compression }}" == "true" ]; then
+        if [ "${{ inputs.compression }}" = "true" ]; then
           rm -f "$MYUPLOAD"
         fi