-
Notifications
You must be signed in to change notification settings - Fork 736
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upload-artifact does not retain artifact permissions #38
Comments
Adding this issue to the |
See actions/upload-artifact#38 for upstream issue
* Add bundle test to ci * Remove juju 2.4 * Add jujuna timeout and dump debug-log on failure * Add permissions workaround * See actions/upload-artifact#38 for upstream issue
workaround actions/upload-artifact#38 I think I'm still missing something, but I don't see any negative consequences. Plus, when you tell me it's ready to merge, I merge! Ok, most of the time ...
Can confirm that with |
Is anything being done about this? It's been over 6 moths and this is the recommended way by GitHub to handle artifact upload |
This is still broken as of today, very annoying. |
I am not proud of it, but actions/cache@v2 keeps the permissions. If the goal is to pass some artifacts between jobs the following is working for me so far.
|
A workaround is documented in the readme https://github.com/actions/upload-artifact#maintaining-file-permissions-and-case-sensitive-files
|
Permission loss when artifact is uploaded. Related to actions/upload-artifact#38
This issue still persists as for 2024. Just lost some time trying to figure out why a downloaded artifact's permissions weren't as I expected them to be. |
I don't know whether this is a good way or not, whe i trying upload and download artifact which is a golang binary, i set permissions for the binary file on the job that needs execute it
|
Use |
Looks like there's a PR that would fix half of this issue: actions/toolkit#1609. (Edit: Nope, see below). That would store file permissions in the .zip files created by upload-artifact; the next step after that would be to fix download-artifact to recreate those permissions, but that can't happen until the permissions actually exist in the .zip file. But that PR has been sitting there for four months with no review from the GitHub Actions team yet. Hopefully someone from the GHA team will notice that PR and give it some attention soon. UPDATE: Looks like that PR wouldn't work (the zip.append method wants a |
I've found that at least a couple of the packages don't work due to internal files losing their executable permissions. The recommended fix is to tar the files before uploading to github. Workaround is documented here: https://github.com/actions/upload-artifact#maintaining-file-permissions-and-case-sensitive-files. See actions/upload-artifact#38.
5 years later, still an issue. Couldn't the fix just be to tar before zipping automatically or just enable an option to use tar.gz instead of zip? |
Here is my workaround: https://gist.github.com/rcdailey/cd3437bb2c63647126aa5740824b2a4f Basically involves three files, and two custom actions:
Examples of how they're used in my workflow jobs: - name: Upload Artifacts
uses: ./.github/actions/upload-tar
with:
name: ${{ matrix.runtime }}
path: publish
- name: Download Artifacts
uses: ./.github/actions/download-tar
with:
name: ${{ matrix.runtime }}
path: publish They're very simplistic (mainly because this is all I need for my particular project) but I'm happy with them and they do their job. Hopefully these custom actions will help others. |
The baseline behavior of the
zip
utilty on Linux and macOS is to retain permissions.However, when the
upload-artifact
action zips a directory, it loses permissions, which subsequently breaks the artifacts for users and downstream tools.Expected behavior: the permissions applied to assets in prior steps should be retained by the
upload-artifact
zipper, and should be present in the resulting asset zip file.The text was updated successfully, but these errors were encountered: