Use latest actions/upload-artifact

.github/dependabot.yml

@@ -4,6 +4,3 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
-    groups:
-      non-breaking-changes:
-        update-types: [minor, patch]

.github/workflows/draft-release.yml

@@ -0,0 +1,14 @@
+name: Draft release
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  draft-release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: release-drafter/release-drafter@v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release.yml

@@ -0,0 +1,30 @@
+name: Release
+on:
+  release:
+    types: [released]
+  workflow_dispatch:
+    inputs:
+      TAG_NAME:
+        description: "Tag name that the major tag will point to"
+        required: true
+
+env:
+  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+
+permissions:
+  contents: write
+
+jobs:
+  update_tag:
+    name: Update the major tag to include the ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }} changes
+    runs-on: ubuntu-latest
+    environment:
+      # Note: this environment is protected
+      name: Release
+    steps:
+      - name: Update the ${{ env.TAG_NAME }} tag
+        id: update-major-tag
+        uses: actions/publish-action@v0.2.2
+        with:
+          source-tag: ${{ env.TAG_NAME }}
+          slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/test-hosted-runners.yml

@@ -0,0 +1,52 @@
+name: Run Tests
+
+#
+# Create some files with script/new-artifact.sh and confirm they are properly packaged and uploaded
+# as artifacts with the actions.
+#
+# This is tested on all OS platforms where we have hosted runners.
+#
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Generate files
+      run: mkdir artifact && mkdir artifact2 && cd artifact && ../script/new-artifact.sh
+      shell: bash
+
+    - name: Upload Pages artifact
+      uses: ./
+      with:
+        path: artifact
+
+    - name: Download artifact
+      uses: actions/download-artifact@v4
+      with:
+          name: github-pages
+          path: artifact2
+
+    - name: Extract artifact
+      run: tar -xf artifact2/artifact.tar -C artifact2 && rm artifact2/artifact.tar
+      shell: bash
+
+    - name: Compare files
+      run: diff -qr artifact artifact2
+      shell: bash
+
+    - name: Check for absence of symlinks
+      run: if [ $(find artifact2 -type l | wc -l) != 0 ]; then echo "Symlinks found"; exit 1; fi
+      shell: bash

README.md

@@ -2,76 +2,69 @@
 
 A composite Action for packaging and uploading artifact that can be deployed to [GitHub Pages][pages].
 
+## Scope
+
+⚠️ Official support for building Pages with Actions is in public beta at the moment.
+
 ## Usage
 
-See [action.yml](action.yml) for the various `inputs` this action supports (or [below](#inputs-📥)).
+See [action.yml](action.yml)
 
-If you breakdown your workflow in two jobs (`build` and `deploy`), we recommend this action to be used in your `build` job:
-
-```yaml
-jobs:
-  # Build job
-  build:
-    # Specify runner +  build & upload the static files as an artifact
-    runs-on: ubuntu-latest
-    steps:
-      - name: Build static files
-        id: build
-        run: |
-          # <Not provided for brevity>
-          # At a minimum this step should build the static files of your site
-          # <Not provided for brevity>
-
-      - name: Upload static files as artifact
-        id: deployment
-        uses: actions/upload-pages-artifact@v3 # or specific "vX.X.X" version tag for this action
-        with:
-          path: build_outputs_folder/
-
-  # Deployment job
-  deploy:
-    environment:
-      name: github-pages
-      url: ${{ steps.deployment.outputs.page_url }}
-    runs-on: ubuntu-latest
-    needs: build
-    steps:
-      - name: Deploy to GitHub Pages
-        id: deployment
-        uses: actions/deploy-pages@v4
-```
-
-### Inputs 📥
-
-| Input            | Required? | Default        | Description                                        |
-| ---------------- | --------- | -------------- | -------------------------------------------------- |
-| `name`           | `false`   | `github-pages` | Artifact name                                      |
-| `path`           | `true`    | `_site/`       | Path of the directory containing the static assets |
-| `retention-days` | `false`   | `1`            | Duration after which artifact will expire in days  |
-| `include-hidden-files` | `false` | `false`  | Include hidden files and directories (those starting with a dot) in the artifact. Excludes `.git` and `.github` regardless. |
-
-### Outputs 📤
-
-| Output        | Description                              |
-| ------------- | ---------------------------------------- |
-| `artifact_id` | The ID of the artifact that was uploaded |
+<!-- TODO: document custom workflow -->
 
 ## Artifact validation
 
-While choosing to use this action as part of your approach to deploying to GitHub Pages is technically optional, we highly recommend it since it takes care of producing (mostly) valid artifacts.
+While using this action is optional, we highly recommend it since it takes care of producing (mostly) valid artifacts.
 
-However, if you _**do not**_ choose to use this action but still want to deploy to Pages using an Actions workflow, then you must upload an Actions artifact that meets the following criteria:
+A Pages artifact must:
 
-- Be named `github-pages`
+- Be called `github-pages`
 - Be a single [`gzip` archive][gzip] containing a single [`tar` file][tar]
 
 The [`tar` file][tar] must:
 
-- be under 10GB in size (we recommend under 1 GB!)
-  - :warning: The GitHub Pages [officially supported maximum size limit is 1GB][pages-usage-limits], so the subsequent deployment of larger tarballs are not guaranteed to succeed &mdash; often because they are more prone to exceeding the maximum deployment timeout of 10 minutes.
-  - ⛔ However, there is also an _unofficial_ absolute maximum size limit of 10GB, which Pages will not even _attempt_ to deploy.
+- be under 10GB in size
 - not contain any symbolic or hard links
-- contain only files and directories
+- contain only files and directories that all meet the expected minimum [file permissions](#file-permissions)
+
+### File permissions
+
+When using this action, ensure that your files have appropriate file permissions.
+At a minimum, GitHub Pages expects:
+- files to have read permission for the current user and the "Others" user role (e.g. `0744`, `0644`, `0444`)
+- directories to have read and execute permissions for the current user and the "Others" user role (e.g. `0755`, `0555`)
+
+Failure to supply adequate permissions will result in a `deployment_perms_error` when attempting to deploy your artifacts to GitHub Pages.
+
+#### Example permissions fix for Linux
+
+```yaml
+steps:
+# ...
+  - name: Fix permissions
+    run: |
+      chmod -c -R +rX "_site/" | while read line; do
+        echo "::warning title=Invalid file permissions automatically fixed::$line"
+      done
+  - name: Upload Pages artifact
+    uses: actions/upload-pages-artifact@v3
+# ...
+```
+
+#### Example permissions fix for Mac
+
+```yaml
+steps:
+# ...
+  - name: Fix permissions
+    run: |
+      chmod -v -R +rX "_site/" | while read line; do
+        echo "::warning title=Invalid file permissions automatically fixed::$line"
+      done
+  - name: Upload Pages artifact
+    uses: actions/upload-pages-artifact@v3
+# ...
+```
 
 ## Release instructions
 
@@ -81,7 +74,7 @@ In order to release a new version of this Action:
 
 2. Publish the draft release from the `main` branch with semantic version as the tag name, _with_ the checkbox to publish to the GitHub Marketplace checked. :ballot_box_with_check:
 
-3. After publishing the release, the [`release` workflow][release] will automatically run to create/update the corresponding major version tag such as `v0`.
+3. After publishing the release, the [`release` workflow][release] will automatically run to create/update the corresponding the major version tag such as `v0`.
 
    ⚠️ Environment approval is required. Check the [Release workflow run list][release-workflow-runs].
 
@@ -97,4 +90,3 @@ The scripts and documentation in this project are released under the [MIT Licens
 [release-workflow-runs]: https://github.com/actions/upload-pages-artifact/actions/workflows/release.yml
 [gzip]: https://en.wikipedia.org/wiki/Gzip
 [tar]: https://en.wikipedia.org/wiki/Tar_(computing)
-[pages-usage-limits]: https://docs.github.com/en/pages/getting-started-with-github-pages/about-github-pages#usage-limits

action.yml

@@ -14,10 +14,6 @@ inputs:
     description: "Duration after which artifact will expire in days."
     required: false
     default: "1"
-  include-hidden-files:
-    description: "Include hidden files and directories (those starting with a dot) in the artifact. Excludes .git and .github regardless."
-    required: false
-    default: "false"
 outputs:
   artifact_id:
     description: "The ID of the artifact that was uploaded."
@@ -29,16 +25,13 @@ runs:
       shell: sh
       if: runner.os == 'Linux'
       run: |
-        echo ::group::Archive artifact
         tar \
           --dereference --hard-dereference \
           --directory "$INPUT_PATH" \
           -cvf "$RUNNER_TEMP/artifact.tar" \
           --exclude=.git \
           --exclude=.github \
-          ${{ inputs.include-hidden-files != 'true' && '--exclude=.[^/]*' || '' }} \
           .
-        echo ::endgroup::
       env:
         INPUT_PATH: ${{ inputs.path }}
 
@@ -47,16 +40,13 @@ runs:
       shell: sh
       if: runner.os == 'macOS'
       run: |
-        echo ::group::Archive artifact
         gtar \
           --dereference --hard-dereference \
           --directory "$INPUT_PATH" \
           -cvf "$RUNNER_TEMP/artifact.tar" \
           --exclude=.git \
           --exclude=.github \
-          ${{ inputs.include-hidden-files != 'true' && '--exclude=.[^/]*' || '' }} \
           .
-        echo ::endgroup::
       env:
         INPUT_PATH: ${{ inputs.path }}
 
@@ -65,23 +55,20 @@ runs:
       shell: bash
       if: runner.os == 'Windows'
       run: |
-        echo ::group::Archive artifact
         tar \
           --dereference --hard-dereference \
           --directory "$INPUT_PATH" \
           -cvf "$RUNNER_TEMP\artifact.tar" \
           --exclude=.git \
           --exclude=.github \
-          ${{ inputs.include-hidden-files != 'true' && '--exclude=.[^/]*' || '' }} \
           --force-local \
           "."
-        echo ::endgroup::
       env:
         INPUT_PATH: ${{ inputs.path }}
 
     - name: Upload artifact
       id: upload-artifact
-      uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      uses: actions/upload-artifact@v4
       with:
         name: ${{ inputs.name }}
         path: ${{ runner.temp }}/artifact.tar

script/new-artifact.sh

@@ -8,6 +8,3 @@ echo 'world' > subdir/world.txt
 # Add some symlinks (which we should dereference properly when archiving)
 ln -s subdir subdir-link
 ln -s hello.txt bonjour.txt
-
-# Create some hidden files
-echo 'foo' > .hidden