-
Notifications
You must be signed in to change notification settings - Fork 669
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upload-artifact does not retain artifact permissions #38
Comments
Adding this issue to the |
See actions/upload-artifact#38 for upstream issue
* Add bundle test to ci * Remove juju 2.4 * Add jujuna timeout and dump debug-log on failure * Add permissions workaround * See actions/upload-artifact#38 for upstream issue
workaround actions/upload-artifact#38 I think I'm still missing something, but I don't see any negative consequences. Plus, when you tell me it's ready to merge, I merge! Ok, most of the time ...
Can confirm that with |
Is anything being done about this? It's been over 6 moths and this is the recommended way by GitHub to handle artifact upload |
This is still broken as of today, very annoying. |
I am not proud of it, but actions/cache@v2 keeps the permissions. If the goal is to pass some artifacts between jobs the following is working for me so far.
|
A workaround is documented in the readme https://github.com/actions/upload-artifact#maintaining-file-permissions-and-case-sensitive-files
|
Permission loss when artifact is uploaded. Related to actions/upload-artifact#38
Caveats: - curl tool resides under `subdir/bin/` inside the package. Can be fixed locally by renaming curl to unique names, e.g. `curl-x64.exe` or `curl-riscv64`. Maybe even to a more globally unique name, such as `curl-linux-musl-amd64`. - curl tool misses the exec permission so cannot be executed after unzipping. Needs `chmod +x` before doing so. https://github.com/actions/upload-artifact#permission-loss actions/upload-artifact#38 - There is no option to switch to tarball from zip. - there is no option to skip zip and offer files as-is. (exec attribute would be lost in this case as well) actions/upload-artifact#39 actions/upload-artifact#3 (closed) actions/upload-artifact#14 (pending upload-artifact@v4) 3-4 years old unresolved issues on the side of GitHub.
Caveats: - curl tool resides under `subdir/bin/` inside the package. Can be fixed locally by renaming curl to unique names, e.g. `curl-x64.exe` or `curl-riscv64`. Maybe even to a more globally unique name, such as `curl-linux-musl-amd64`. - curl tool misses the exec permission so cannot be executed after unzipping. Needs `chmod +x` before doing so. https://github.com/actions/upload-artifact#permission-loss actions/upload-artifact#38 - There is no option to switch to tarball from zip. - Uploading a `.tar.gz` will still get it zipped by GitHub. - there is no option to skip zip and offer files as-is. (exec attribute would be lost in this case as well) actions/upload-artifact#39 actions/upload-artifact#3 (closed) actions/upload-artifact#14 (pending upload-artifact@v4) 3-4 years old unresolved issues on the side of GitHub.
Caveats: - curl tool resides under `subdir/bin/` inside the package. Can be fixed locally by renaming curl to unique names, e.g. `curl-x64.exe` or `curl-riscv64`. Maybe even to a more globally unique name, such as `curl-linux-musl-amd64`. - curl tool misses the exec permission so cannot be executed after unzipping. Needs `chmod +x` before doing so. https://github.com/actions/upload-artifact#permission-loss actions/upload-artifact#38 - There is no option to switch to tarball from zip. - Uploading a `.tar.gz` will still get it zipped by GitHub. - there is no option to skip zip and offer files as-is. (exec attribute would be lost in this case as well) actions/upload-artifact#39 actions/upload-artifact#3 (closed) actions/upload-artifact#14 (pending upload-artifact@v4) 3-4 years old unresolved issues on the side of GitHub.
They contain curl tool executables only, without static libs, shared lib and other bits. Caveats: - curl tool resides under `subdir/` inside the package. Can be fixed locally in the future by renaming curl to unique names, e.g. `curl-x64.exe` or `curl-riscv64`. Maybe even to a more globally unique name, such as `curl-linux-musl-amd64`. - curl tool misses the exec permission so cannot be executed after unzipping on *nix systems. Needs `chmod +x` before doing so. https://github.com/actions/upload-artifact#permission-loss actions/upload-artifact#38 - there is no option to switch to tarball from zip. - uploading a `.tar.gz` will still get it zipped by GitHub. - there is no option to skip zip and offer files as-is. (exec attribute would be lost in this case as well) actions/upload-artifact#39 actions/upload-artifact#3 (closed) actions/upload-artifact#14 (pending upload-artifact@v4) - a workaround for most of this is uploading them to our own server in the exact form we want. 3-4 years old unresolved issues on the side of GitHub.
Caveats: - curl tool resides under `subdir/bin/` inside the package. Can be fixed locally by renaming curl to unique names, e.g. `curl-x64.exe` or `curl-riscv64`. Maybe even to a more globally unique name, such as `curl-linux-musl-amd64`. - curl tool misses the exec permission so cannot be executed after unzipping. Needs `chmod +x` before doing so. https://github.com/actions/upload-artifact#permission-loss actions/upload-artifact#38 - There is no option to switch to tarball from zip. - Uploading a `.tar.gz` will still get it zipped by GitHub. - there is no option to skip zip and offer files as-is. (exec attribute would be lost in this case as well) actions/upload-artifact#39 actions/upload-artifact#3 (closed) actions/upload-artifact#14 (pending upload-artifact@v4) 3-4 years old unresolved issues on the side of GitHub.
Wow, this is a pretty massive problem imo, and really frustrating to see that nothing has happened since 2019 😮💨 Wonder what the accumulated time spent to fix this locally for users of this action has been since then?? Please fix this 🙏 |
This issue still persists as for 2024. Just lost some time trying to figure out why a downloaded artifact's permissions weren't as I expected them to be. |
I don't know whether this is a good way or not, whe i trying upload and download artifact which is a golang binary, i set permissions for the binary file on the job that needs execute it
|
Use |
Looks like there's a PR that would fix half of this issue: actions/toolkit#1609. (Edit: Nope, see below). That would store file permissions in the .zip files created by upload-artifact; the next step after that would be to fix download-artifact to recreate those permissions, but that can't happen until the permissions actually exist in the .zip file. But that PR has been sitting there for four months with no review from the GitHub Actions team yet. Hopefully someone from the GHA team will notice that PR and give it some attention soon. UPDATE: Looks like that PR wouldn't work (the zip.append method wants a |
The baseline behavior of the
zip
utilty on Linux and macOS is to retain permissions.However, when the
upload-artifact
action zips a directory, it loses permissions, which subsequently breaks the artifacts for users and downstream tools.Expected behavior: the permissions applied to assets in prior steps should be retained by the
upload-artifact
zipper, and should be present in the resulting asset zip file.The text was updated successfully, but these errors were encountered: