softprops/action-gh-release
1
0
Fork 0
mirror of https://github.com/softprops/action-gh-release.git synced 2026-03-15 09:20:54 -04:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: softprops:v2.5.1
Branches Tags
softprops:master softprops:copilot/fix-8cc96c9f-14fa-4c73-89d2-a72cbdcbee20 softprops:debug softprops:debug-cross-repo-release softprops:releases/v0.1.4 softprops:releases/v0.1.3 softprops:releases/v0.1.2 softprops:releases/v1
softprops:v2.5.3 softprops:v2.5.2 softprops:v2 softprops:v2.5.1 softprops:v2.5.0 softprops:v2.4.2 softprops:v2.4.1 softprops:v2.4.0 softprops:v2.3.4 softprops:v2.3.3 softprops:v2.3.2 softprops:v2.3.1 softprops:v2.3.0 softprops:v2.2.2 softprops:v2.2.1 softprops:v2.2.0 softprops:v2.1.0 softprops:v2.0.9 softprops:v2.0.8 softprops:v2.0.7 softprops:v2.0.6 softprops:v2.0.5 softprops:v2.0.4 softprops:v2.0.3 softprops:v2.0.2 softprops:v2.0.1 softprops:v2.0.0 softprops:v1 softprops:v0.1.15 softprops:v0.1.14 softprops:v0.1.13 softprops:v0.1.12 softprops:v0.1.11 softprops:v0.1.10 softprops:v0.1.9 softprops:v0.1.8 softprops:v0.1.7 softprops:v0.1.6 softprops:v0.1.5 softprops:v0.1.4 softprops:v0.1.3 softprops:v0.1.2 softprops:v0.1.0
..
compare: softprops:v2.5.3
Branches Tags
softprops:master softprops:copilot/fix-8cc96c9f-14fa-4c73-89d2-a72cbdcbee20 softprops:debug softprops:debug-cross-repo-release softprops:releases/v0.1.4 softprops:releases/v0.1.3 softprops:releases/v0.1.2 softprops:releases/v1
softprops:v2.5.3 softprops:v2.5.2 softprops:v2 softprops:v2.5.1 softprops:v2.5.0 softprops:v2.4.2 softprops:v2.4.1 softprops:v2.4.0 softprops:v2.3.4 softprops:v2.3.3 softprops:v2.3.2 softprops:v2.3.1 softprops:v2.3.0 softprops:v2.2.2 softprops:v2.2.1 softprops:v2.2.0 softprops:v2.1.0 softprops:v2.0.9 softprops:v2.0.8 softprops:v2.0.7 softprops:v2.0.6 softprops:v2.0.5 softprops:v2.0.4 softprops:v2.0.3 softprops:v2.0.2 softprops:v2.0.1 softprops:v2.0.0 softprops:v1 softprops:v0.1.15 softprops:v0.1.14 softprops:v0.1.13 softprops:v0.1.12 softprops:v0.1.11 softprops:v0.1.10 softprops:v0.1.9 softprops:v0.1.8 softprops:v0.1.7 softprops:v0.1.6 softprops:v0.1.5 softprops:v0.1.4 softprops:v0.1.3 softprops:v0.1.2 softprops:v0.1.0

18 Commits
v2.5.1 ... v2.5.3

Author SHA1 Message Date
Rui Chen
1853d73993 release 2.5.3 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-15 00:44:50 -04:00
Rui Chen
e8dbf3cc4a docs: clarify GitHub release limits (#758) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-15 00:22:01 -04:00
Rui Chen
37f7a20824 fix: expand tilde file paths (#756) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-15 00:09:15 -04:00
Rui Chen
45211baa90 fix: normalize refs-tag inputs (#755) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-15 00:05:22 -04:00
Rui Chen
21ae1a1eb2 fix: support Windows-style file globs (#754) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 23:58:43 -04:00
Rui Chen
26c9a934b1 docs: clarify asset filename limitations 
Closes #542

Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 23:05:29 -04:00
Rui Chen
abb4370aef docs: clarify preserve_order behavior 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 23:00:02 -04:00
Rui Chen
ff689a6881 docs: clarify empty token handling 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 22:56:01 -04:00
Rui Chen
0a28836784 fix: clean up duplicate drafts after canonicalization (#753) 
* fix: clean up duplicate drafts after canonicalization

Signed-off-by: Rui Chen <rui@chenrui.dev>

* refactor: collapse duplicate draft cleanup path

Signed-off-by: Rui Chen <rui@chenrui.dev>

---------

Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 22:48:32 -04:00
Rui Chen
bafaa2d7ac docs: clarify token precedence in docs (#752) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 22:34:28 -04:00
Rui Chen
b36466e122 fix: prefer token input over GITHUB_TOKEN (#751) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 22:29:40 -04:00
Rui Chen
b25b93d384 release 2.5.2 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 22:01:58 -04:00
Rui Chen
7a0ff5e07a chore: add GitHub issue templates 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 21:59:40 -04:00
Rui Chen
488ac715ff fix: clean up orphan drafts when tag creation is blocked (#750) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 21:51:04 -04:00
api2062
52847653ee fix: handle upload already_exists races across workflows (#745) 
* Handle upload already_exists races across workflows

* fix: rebase duplicate asset race handling

Signed-off-by: Rui Chen <rui@chenrui.dev>

---------

Signed-off-by: Rui Chen <rui@chenrui.dev>
Co-authored-by: Aditya Inamdar <api2062@Adityas-MacBook-Air.local>
Co-authored-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 21:31:14 -04:00
Rui Chen
4aadb0df8b fix: restore dotfile asset labels (#749) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 21:14:27 -04:00
Rui Chen
ef43a3125e fix: preserve prereleased events for prereleases (#748) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 21:05:36 -04:00
Rui Chen
ab416a1836 fix: canonicalize releases after concurrent create (#746) 
Signed-off-by: Rui Chen <rui@chenrui.dev>
 2026-03-14 20:48:22 -04:00
13 changed files with 1290 additions and 85 deletions
Expand all files Collapse all files

97
.github/ISSUE_TEMPLATE/bug_report.yml vendored Normal file
View File

@@ -0,0 +1,97 @@
name: Bug report
description: Report a bug or regression in action-gh-release
title: "[Bug]: "
labels:
- bug
body:
- type: markdown
attributes:
value: |
Before filing:
- confirm the problem still reproduces on the latest release or `master`
- search existing issues for the same behavior
- if the original repository is private, include a minimal public repro, a sanitized workflow snippet, or exact redacted steps a maintainer can follow
- type: checkboxes
id: checks
attributes:
label: Pre-flight checks
options:
- label: I searched existing issues and did not find a duplicate
required: true
- label: I reproduced this with the latest released version or current `master`
required: true
- label: I included a reproducible example or a sanitized/redacted reproduction path if the original repository is private
required: true
- type: input
id: action_version
attributes:
label: action-gh-release version
description: Tag, SHA, or ref used in your workflow
placeholder: v2.5.2
validations:
required: true
- type: dropdown
id: runner
attributes:
label: Runner operating system
options:
- ubuntu-latest
- windows-latest
- macos-latest
- other
validations:
required: true
- type: input
id: target_repository
attributes:
label: Release target repository
description: Fill this in if you set the `repository:` input
placeholder: owner/repo
- type: input
id: repro_reference
attributes:
label: Reproduction repo, gist, or artifact
description: Link a minimal repro repository, gist, run URL, or other shareable artifact if you have one
placeholder: https://github.com/owner/repro-repo
- type: textarea
id: workflow
attributes:
label: Workflow snippet
description: Include the relevant `uses:` step and inputs. If the original repo is private, paste a sanitized version here.
render: yaml
- type: textarea
id: expected
attributes:
label: Expected behavior
validations:
required: true
- type: textarea
id: actual
attributes:
label: Actual behavior
validations:
required: true
- type: textarea
id: reproduce
attributes:
label: Steps to reproduce
description: Include tags, matrix/concurrency details, and any repo rules involved. If the original repo is private, describe the smallest setup a maintainer can recreate locally or in a throwaway repo.
placeholder: |
1. Trigger workflow with ...
2. Action creates ...
3. Action fails with ...
validations:
required: true
- type: textarea
id: logs
attributes:
label: Relevant logs
description: Paste the relevant error output or run URL
render: shell
validations:
required: true
- type: textarea
id: additional
attributes:
label: Additional context
description: Any extra environment, token, ruleset, or asset details

50
.github/ISSUE_TEMPLATE/feature_request.yml vendored Normal file
View File

@@ -0,0 +1,50 @@
name: Feature request
description: Propose an enhancement or new capability for action-gh-release
title: "[Feature]: "
labels:
- enhancement
body:
- type: markdown
attributes:
value: |
Use this template for new capabilities, behavior changes, or ergonomics improvements.
If you are reporting something broken, use the bug report template instead.
- type: checkboxes
id: checks
attributes:
label: Pre-flight checks
options:
- label: I searched existing issues and did not find a duplicate request
required: true
- label: This is not a bug report for existing behavior
required: true
- type: textarea
id: problem
attributes:
label: Problem to solve
description: What workflow pain point or gap are you trying to address?
validations:
required: true
- type: textarea
id: proposal
attributes:
label: Proposed solution
description: Describe the behavior, input, or output you want
validations:
required: true
- type: textarea
id: workflow
attributes:
label: Example workflow snippet
description: Show how you would expect to use this
render: yaml
- type: textarea
id: alternatives
attributes:
label: Alternatives considered
description: Workarounds or other approaches you evaluated
- type: textarea
id: impact
attributes:
label: Why this belongs in action-gh-release
description: Explain the user impact or why this should live in the action rather than in workflow glue

44
CHANGELOG.md
View File

@@ -1,3 +1,47 @@
## 2.5.3
`2.5.3` is a patch release focused on the remaining path-handling and release-selection bugs uncovered after `2.5.2`.
It fixes `#639`, `#571`, `#280`, `#614`, `#311`, `#403`, and `#368`.
It also adds documentation clarifications for `#541`, `#645`, `#542`, `#393`, and `#411`,
where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.
If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.
## What's Changed
### Bug fixes 🐛
* fix: prefer token input over GITHUB_TOKEN by @chenrui333 in https://github.com/softprops/action-gh-release/pull/751
* fix: clean up duplicate drafts after canonicalization by @chenrui333 in https://github.com/softprops/action-gh-release/pull/753
* fix: support Windows-style file globs by @chenrui333 in https://github.com/softprops/action-gh-release/pull/754
* fix: normalize refs-tag inputs by @chenrui333 in https://github.com/softprops/action-gh-release/pull/755
* fix: expand tilde file paths by @chenrui333 in https://github.com/softprops/action-gh-release/pull/756
### Other Changes 🔄
* docs: clarify token precedence by @chenrui333 in https://github.com/softprops/action-gh-release/pull/752
* docs: clarify GitHub release limits by @chenrui333 in https://github.com/softprops/action-gh-release/pull/758
* documentation clarifications for empty-token handling, `preserve_order`, and special-character asset filename behavior
## 2.5.2
`2.5.2` is a patch release focused on the remaining release-creation and prerelease regressions in the `2.5.x` bug-fix cycle.
It fixes `#705`, fixes `#708`, fixes `#740`, fixes `#741`, and fixes `#722`.
Regression testing covers the shared-tag race, prerelease event behavior, dotfile asset labels,
same-filename concurrent uploads, and blocked-tag cleanup behavior.
If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.
## What's Changed
### Bug fixes 🐛
* fix: canonicalize releases after concurrent create by @chenrui333 in https://github.com/softprops/action-gh-release/pull/746
* fix: preserve prereleased events for prereleases by @chenrui333 in https://github.com/softprops/action-gh-release/pull/748
* fix: restore dotfile asset labels by @chenrui333 in https://github.com/softprops/action-gh-release/pull/749
* fix: handle upload already_exists races across workflows by @api2062 in https://github.com/softprops/action-gh-release/pull/745
* fix: clean up orphan drafts when tag creation is blocked by @chenrui333 in https://github.com/softprops/action-gh-release/pull/750
## 2.5.1
`2.5.1` is a patch release focused on regressions introduced in `2.5.0` and on release lookup reliability.

24
README.md
View File

@@ -139,7 +139,7 @@ jobs:
> **⚠️ Note:** Notice the `|` in the yaml syntax above ☝️. That lets you effectively declare a multi-line yaml string. You can learn more about multi-line yaml syntax [here](https://yaml-multiline.info)
> **⚠️ Note for Windows:** Paths must use `/` as a separator, not `\`, as `\` is used to escape characters with special meaning in the pattern; for example, instead of specifying `D:\Foo.txt`, you must specify `D:/Foo.txt`. If you're using PowerShell, you can do this with `$Path = $Path -replace '\\','/'`
> **⚠️ Note for Windows:** Both `\` and `/` path separators are accepted in `files` globs. If you need to match a literal glob metacharacter such as `[` or `]`, keep escaping the metacharacter itself in the pattern.
### 📝 External release notes
@@ -167,7 +167,9 @@ jobs:
body_path: ${{ github.workspace }}-CHANGELOG.txt
repository: my_gh_org/my_gh_repo
# note you'll typically need to create a personal access token
# with permissions to create releases in the other repo
# with permissions to create releases in the other repo.
# A non-empty explicit token overrides GITHUB_TOKEN.
# Omit the input to use github.token; passing "" treats the token as unset.
token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
```
@@ -183,15 +185,15 @@ The following are optional as `step.with` keys
| `body_path` | String | Path to load text communicating notable changes in this release |
| `draft` | Boolean | Indicator of whether or not this release is a draft |
| `prerelease` | Boolean | Indicator of whether or not is a prerelease |
| `preserve_order` | Boolean | Indicator of whether order of files should be preserved when uploading assets |
| `files` | String | Newline-delimited globs of paths to assets to upload for release |
| `preserve_order` | Boolean | Upload assets sequentially in the provided order. This controls the action's upload behavior, but it does not control the final asset ordering that GitHub may display on the release page or return from the Releases API. |
| `files` | String | Newline-delimited globs of paths to assets to upload for release. Escape glob metacharacters when you need to match a literal filename that contains them, such as `[` or `]`. `~/...` expands to the runner home directory. On Windows, both `\` and `/` separators are accepted. GitHub may normalize raw asset filenames that contain special characters; the action restores the asset label when possible, but the final download name remains GitHub-controlled. |
| `overwrite_files` | Boolean | Indicator of whether files should be overwritten when they already exist. Defaults to true |
| `name` | String | Name of the release. defaults to tag name |
| `tag_name` | String | Name of a tag. defaults to `github.ref_name` |
| `tag_name` | String | Name of a tag. defaults to `github.ref_name`. `refs/tags/<name>` values are normalized to `<name>`. |
| `fail_on_unmatched_files` | Boolean | Indicator of whether to fail if any of the `files` globs match nothing |
| `repository` | String | Name of a target repository in `<owner>/<repo>` format. Defaults to GITHUB_REPOSITORY env variable |
| `target_commitish` | String | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. Defaults to repository default branch. |
| `token` | String | Secret GitHub Personal Access Token. Defaults to `${{ github.token }}` |
| `target_commitish` | String | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. Defaults to repository default branch. When creating a new tag for an older commit, `github.token` may not have permission to create the ref; use a PAT or another token with sufficient contents permissions if you hit `403 Resource not accessible by integration`. |
| `token` | String | Authorized GitHub token or PAT. Defaults to `${{ github.token }}` when omitted. A non-empty explicit token overrides `GITHUB_TOKEN`. Passing `""` treats the token as explicitly unset, so omit the input entirely or use an expression such as `${{ inputs.token || github.token }}` when wrapping this action in a composite action. |
| `discussion_category_name` | String | If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. For more information, see ["Managing categories for discussions in your repository."](https://docs.github.com/en/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository) |
| `generate_release_notes` | Boolean | Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes. See the [GitHub docs for this feature](https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes) for more information |
| `append_body` | Boolean | Append to existing body instead of overwriting it |
@@ -204,6 +206,14 @@ attempted first, then falling back on `body` if the path can not be read from.
are not explicitly set and there is already an existing release for the tag, the
release will retain its original info.
💡 `files` is glob-based, so literal filenames that contain glob metacharacters such as
`[` or `]` must be escaped in the pattern.
💡 GitHub may normalize or rewrite uploaded asset filenames that contain special or
non-ASCII characters. This action uploads the requested file, but it cannot force the
final asset name that GitHub stores or returns from the Releases API. In particular,
4-byte Unicode characters such as emoji cannot currently be restored via asset labels.
#### outputs
The following outputs can be accessed via `${{ steps.<step-id>.outputs }}` from this action

579
__tests__/github.test.ts
View File

@@ -6,8 +6,12 @@ import {
release,
Release,
Releaser,
upload,
} from '../src/github';
import { mkdtempSync, rmSync, writeFileSync } from 'fs';
import { tmpdir } from 'os';
import { join } from 'path';
import { assert, describe, expect, it, vi } from 'vitest';
describe('github', () => {
@@ -77,6 +81,8 @@ describe('github', () => {
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: () => Promise.reject('Not implemented'),
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
} as const;
@@ -158,21 +164,35 @@ describe('github', () => {
...draftRelease,
draft: false,
};
const publishedPrerelease: Release = {
...draftRelease,
draft: false,
prerelease: true,
};
it.each([
{
name: 'returns early when input_draft is true',
input_draft: true,
release: draftRelease,
expectedCalls: 0,
expectedResult: draftRelease,
},
{
name: 'finalizes release when input_draft is false',
input_draft: false,
release: draftRelease,
expectedCalls: 1,
expectedResult: finalizedRelease,
},
])('$name', async ({ input_draft, expectedCalls, expectedResult }) => {
{
name: 'returns early when release is already published',
input_draft: false,
release: publishedPrerelease,
expectedCalls: 0,
expectedResult: publishedPrerelease,
},
])('$name', async ({ input_draft, release, expectedCalls, expectedResult }) => {
const finalizeReleaseSpy = vi.fn(async () => ({ data: finalizedRelease }));
const releaser: Releaser = {
@@ -185,6 +205,8 @@ describe('github', () => {
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: () => Promise.reject('Not implemented'),
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
};
@@ -194,7 +216,7 @@ describe('github', () => {
input_draft,
},
releaser,
draftRelease,
release,
);
expect(finalizeReleaseSpy).toHaveBeenCalledTimes(expectedCalls);
@@ -204,13 +226,217 @@ describe('github', () => {
expect(finalizeReleaseSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
release_id: draftRelease.id,
release_id: release.id,
});
}
});
it('deletes a newly created draft when tag creation is blocked by repository rules', async () => {
const finalizeReleaseSpy = vi.fn(async () => {
throw {
status: 422,
response: {
data: {
errors: [
{
field: 'pre_receive',
message:
'pre_receive Repository rule violations found\n\nCannot create ref due to creations being restricted.\n\n',
},
],
},
},
};
});
const deleteReleaseSpy = vi.fn(async () => undefined);
const releaser: Releaser = {
getReleaseByTag: () => Promise.reject('Not implemented'),
createRelease: () => Promise.reject('Not implemented'),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: finalizeReleaseSpy,
allReleases: async function* () {
throw new Error('Not implemented');
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: deleteReleaseSpy,
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
};
await expect(
finalizeRelease(
{
...config,
input_draft: false,
},
releaser,
draftRelease,
true,
),
).rejects.toThrow(
'Tag creation for v1.0.0 is blocked by repository rules. Deleted draft release 1 to avoid leaving an orphaned draft release.',
);
expect(finalizeReleaseSpy).toHaveBeenCalledTimes(1);
expect(deleteReleaseSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
release_id: draftRelease.id,
});
});
it('does not delete an existing draft release when tag creation is blocked by repository rules', async () => {
const finalizeReleaseSpy = vi.fn(async () => {
throw {
status: 422,
response: {
data: {
errors: [
{
field: 'pre_receive',
message:
'pre_receive Repository rule violations found\n\nCannot create ref due to creations being restricted.\n\n',
},
],
},
},
};
});
const deleteReleaseSpy = vi.fn(async () => undefined);
const releaser: Releaser = {
getReleaseByTag: () => Promise.reject('Not implemented'),
createRelease: () => Promise.reject('Not implemented'),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: finalizeReleaseSpy,
allReleases: async function* () {
throw new Error('Not implemented');
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: deleteReleaseSpy,
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
};
await expect(
finalizeRelease(
{
...config,
input_draft: false,
},
releaser,
draftRelease,
false,
1,
),
).rejects.toThrow('Too many retries.');
expect(finalizeReleaseSpy).toHaveBeenCalledTimes(1);
expect(deleteReleaseSpy).not.toHaveBeenCalled();
});
});
describe('error handling', () => {
it('creates published prereleases without the forced draft-first path', async () => {
const prereleaseConfig = {
...config,
input_prerelease: true,
input_draft: false,
};
const createdRelease: Release = {
id: 1,
upload_url: 'test',
html_url: 'test',
tag_name: 'v1.0.0',
name: 'test',
body: 'test',
target_commitish: 'main',
draft: false,
prerelease: true,
assets: [],
};
const createReleaseSpy = vi.fn(async () => ({ data: createdRelease }));
const mockReleaser: Releaser = {
getReleaseByTag: () => Promise.reject({ status: 404 }),
createRelease: createReleaseSpy,
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
yield { data: [createdRelease] };
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: () => Promise.reject('Not implemented'),
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
} as const;
const result = await release(prereleaseConfig, mockReleaser, 1);
assert.equal(result.release.id, createdRelease.id);
assert.equal(result.created, true);
expect(createReleaseSpy).toHaveBeenCalledWith(
expect.objectContaining({
draft: false,
prerelease: true,
}),
);
});
it('retries upload after deleting conflicting asset on 422 already_exists race', async () => {
const uploadReleaseAsset = vi
.fn()
.mockRejectedValueOnce({
status: 422,
response: { data: { errors: [{ code: 'already_exists' }] } },
})
.mockResolvedValueOnce({
status: 201,
data: { id: 123, name: 'release.txt' },
});
const listReleaseAssets = vi.fn().mockResolvedValue([{ id: 99, name: 'release.txt' }]);
const deleteReleaseAsset = vi.fn().mockResolvedValue(undefined);
const mockReleaser: Releaser = {
getReleaseByTag: () => Promise.reject('Not implemented'),
createRelease: () => Promise.reject('Not implemented'),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
throw new Error('Not implemented');
},
listReleaseAssets,
deleteReleaseAsset,
uploadReleaseAsset,
};
const result = await upload(
config,
mockReleaser,
'https://uploads.github.com/repos/owner/repo/releases/1/assets',
'__tests__/release.txt',
[],
);
expect(result).toStrictEqual({ id: 123, name: 'release.txt' });
expect(listReleaseAssets).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
release_id: 1,
});
expect(deleteReleaseAsset).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
asset_id: 99,
});
expect(uploadReleaseAsset).toHaveBeenCalledTimes(2);
});
it('handles 422 already_exists error gracefully', async () => {
const existingRelease = {
id: 1,
@@ -262,12 +488,357 @@ describe('github', () => {
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
} as const;
const result = await release(config, mockReleaser, 2);
assert.ok(result);
assert.equal(result.id, 1);
assert.equal(result.release.id, 1);
assert.equal(result.created, false);
});
it('normalizes refs/tags-prefixed input_tag_name values before reusing an existing release', async () => {
const existingRelease: Release = {
id: 1,
upload_url: 'test',
html_url: 'test',
tag_name: 'v1.0.0',
name: 'test',
body: 'test',
target_commitish: 'main',
draft: false,
prerelease: false,
assets: [],
};
const updateReleaseSpy = vi.fn(async () => ({ data: existingRelease }));
const getReleaseByTagSpy = vi.fn(async () => ({ data: existingRelease }));
const result = await release(
{
...config,
input_tag_name: 'refs/tags/v1.0.0',
},
{
getReleaseByTag: getReleaseByTagSpy,
createRelease: () => Promise.reject('Not implemented'),
updateRelease: updateReleaseSpy,
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
yield { data: [existingRelease] };
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: () => Promise.reject('Not implemented'),
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
},
1,
);
expect(getReleaseByTagSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
tag: 'v1.0.0',
});
expect(updateReleaseSpy).toHaveBeenCalledWith(
expect.objectContaining({
tag_name: 'v1.0.0',
}),
);
assert.equal(result.release.id, existingRelease.id);
assert.equal(result.created, false);
});
it('reuses a canonical release after concurrent create success and removes empty duplicates', async () => {
const canonicalRelease: Release = {
id: 1,
upload_url: 'canonical-upload',
html_url: 'canonical-html',
tag_name: 'v1.0.0',
name: 'canonical',
body: 'test',
target_commitish: 'main',
draft: true,
prerelease: false,
assets: [],
};
const duplicateRelease: Release = {
id: 2,
upload_url: 'duplicate-upload',
html_url: 'duplicate-html',
tag_name: 'v1.0.0',
name: 'duplicate',
body: 'test',
target_commitish: 'main',
draft: true,
prerelease: false,
assets: [],
};
let lookupCount = 0;
const deleteReleaseSpy = vi.fn(async () => undefined);
const mockReleaser: Releaser = {
getReleaseByTag: () => {
lookupCount += 1;
if (lookupCount === 1) {
return Promise.reject({ status: 404 });
}
return Promise.resolve({ data: canonicalRelease });
},
createRelease: () => Promise.resolve({ data: duplicateRelease }),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
yield { data: [duplicateRelease, canonicalRelease] };
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: deleteReleaseSpy,
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
};
const result = await release(config, mockReleaser, 2);
assert.equal(result.release.id, canonicalRelease.id);
assert.equal(result.created, false);
expect(deleteReleaseSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
release_id: duplicateRelease.id,
});
});
it('falls back to recent releases when tag lookup still lags after create', async () => {
const canonicalRelease: Release = {
id: 1,
upload_url: 'canonical-upload',
html_url: 'canonical-html',
tag_name: 'v1.0.0',
name: 'canonical',
body: 'test',
target_commitish: 'main',
draft: true,
prerelease: false,
assets: [],
};
const duplicateRelease: Release = {
id: 2,
upload_url: 'duplicate-upload',
html_url: 'duplicate-html',
tag_name: 'v1.0.0',
name: 'duplicate',
body: 'test',
target_commitish: 'main',
draft: true,
prerelease: false,
assets: [],
};
const deleteReleaseSpy = vi.fn(async () => undefined);
const mockReleaser: Releaser = {
getReleaseByTag: () => Promise.reject({ status: 404 }),
createRelease: () => Promise.resolve({ data: duplicateRelease }),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
yield { data: [duplicateRelease, canonicalRelease] };
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: deleteReleaseSpy,
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
};
const result = await release(config, mockReleaser, 1);
assert.equal(result.release.id, canonicalRelease.id);
assert.equal(result.created, false);
expect(deleteReleaseSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
release_id: duplicateRelease.id,
});
});
it('deletes the just-created duplicate draft even if recent release listing misses it', async () => {
const canonicalRelease: Release = {
id: 1,
upload_url: 'canonical-upload',
html_url: 'canonical-html',
tag_name: 'v1.0.0',
name: 'canonical',
body: 'test',
target_commitish: 'main',
draft: true,
prerelease: false,
assets: [],
};
const duplicateRelease: Release = {
id: 2,
upload_url: 'duplicate-upload',
html_url: 'duplicate-html',
tag_name: 'v1.0.0',
name: 'duplicate',
body: 'test',
target_commitish: 'main',
draft: true,
prerelease: false,
assets: [],
};
let lookupCount = 0;
const deleteReleaseSpy = vi.fn(async () => undefined);
const mockReleaser: Releaser = {
getReleaseByTag: () => {
lookupCount += 1;
if (lookupCount === 1) {
return Promise.reject({ status: 404 });
}
return Promise.resolve({ data: canonicalRelease });
},
createRelease: () => Promise.resolve({ data: duplicateRelease }),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
yield { data: [canonicalRelease] };
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: deleteReleaseSpy,
updateReleaseAsset: () => Promise.reject('Not implemented'),
uploadReleaseAsset: () => Promise.reject('Not implemented'),
};
const result = await release(config, mockReleaser, 2);
assert.equal(result.release.id, canonicalRelease.id);
assert.equal(result.created, false);
expect(deleteReleaseSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
release_id: duplicateRelease.id,
});
});
});
describe('upload', () => {
it('restores a dotfile label when GitHub normalizes the uploaded asset name', async () => {
const tempDir = mkdtempSync(join(tmpdir(), 'gh-release-dotfile-'));
const dotfilePath = join(tempDir, '.config');
writeFileSync(dotfilePath, 'config');
const updateReleaseAssetSpy = vi.fn(async () => ({
data: {
id: 1,
name: 'default.config',
label: '.config',
},
}));
const releaser: Releaser = {
getReleaseByTag: () => Promise.reject('Not implemented'),
createRelease: () => Promise.reject('Not implemented'),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
throw new Error('Not implemented');
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: () => Promise.reject('Not implemented'),
deleteRelease: () => Promise.reject('Not implemented'),
updateReleaseAsset: updateReleaseAssetSpy,
uploadReleaseAsset: () =>
Promise.resolve({
status: 201,
data: {
id: 1,
name: 'default.config',
label: '',
},
}),
};
try {
const result = await upload(
config,
releaser,
'https://uploads.example.test/assets',
dotfilePath,
[],
);
expect(updateReleaseAssetSpy).toHaveBeenCalledWith({
owner: 'owner',
repo: 'repo',
asset_id: 1,
name: 'default.config',
label: '.config',
});
expect(result).toEqual({
id: 1,
name: 'default.config',
label: '.config',
});
} finally {
rmSync(tempDir, { recursive: true, force: true });
}
});
it('matches an existing asset by label when overwriting a dotfile', async () => {
const tempDir = mkdtempSync(join(tmpdir(), 'gh-release-dotfile-'));
const dotfilePath = join(tempDir, '.config');
writeFileSync(dotfilePath, 'config');
const deleteReleaseAssetSpy = vi.fn(async () => undefined);
const releaser: Releaser = {
getReleaseByTag: () => Promise.reject('Not implemented'),
createRelease: () => Promise.reject('Not implemented'),
updateRelease: () => Promise.reject('Not implemented'),
finalizeRelease: () => Promise.reject('Not implemented'),
allReleases: async function* () {
throw new Error('Not implemented');
},
listReleaseAssets: () => Promise.reject('Not implemented'),
deleteReleaseAsset: deleteReleaseAssetSpy,
deleteRelease: () => Promise.reject('Not implemented'),
updateReleaseAsset: () =>
Promise.resolve({
data: {
id: 2,
name: 'default.config',
label: '.config',
},
}),
uploadReleaseAsset: () =>
Promise.resolve({
status: 201,
data: {
id: 2,
name: 'default.config',
label: '',
},
}),
};
try {
await upload(config, releaser, 'https://uploads.example.test/assets', dotfilePath, [
{
id: 1,
name: 'default.config',
label: '.config',
},
]);
expect(deleteReleaseAssetSpy).toHaveBeenCalledWith({
asset_id: 1,
owner: 'owner',
repo: 'repo',
});
} finally {
rmSync(tempDir, { recursive: true, force: true });
}
});
});
});

101
__tests__/util.test.ts
View File

@@ -1,6 +1,10 @@
import {
alignAssetName,
expandHomePattern,
isTag,
normalizeFilePattern,
normalizeGlobPattern,
normalizeTagName,
parseConfig,
parseInputFiles,
paths,
@@ -292,7 +296,7 @@ describe('util', () => {
);
});
it('prefers GITHUB_TOKEN over token input for backwards compatibility', () => {
it('prefers token input over GITHUB_TOKEN', () => {
assert.deepStrictEqual(
parseConfig({
INPUT_DRAFT: 'false',
@@ -304,7 +308,7 @@ describe('util', () => {
{
github_ref: '',
github_repository: '',
github_token: 'env-token',
github_token: 'input-token',
input_working_directory: undefined,
input_append_body: false,
input_body: undefined,
@@ -324,6 +328,35 @@ describe('util', () => {
},
);
});
it('falls back to GITHUB_TOKEN when token input is empty', () => {
assert.deepStrictEqual(
parseConfig({
GITHUB_TOKEN: 'env-token',
INPUT_TOKEN: ' ',
}),
{
github_ref: '',
github_repository: '',
github_token: 'env-token',
input_working_directory: undefined,
input_append_body: false,
input_body: undefined,
input_body_path: undefined,
input_draft: undefined,
input_prerelease: undefined,
input_preserve_order: undefined,
input_files: [],
input_overwrite_files: undefined,
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false,
input_make_latest: undefined,
},
);
});
it('uses input token as the source of GITHUB_TOKEN by default', () => {
assert.deepStrictEqual(
parseConfig({
@@ -439,6 +472,10 @@ describe('util', () => {
},
);
});
it('normalizes refs/tags-prefixed input_tag_name values', () => {
expect(parseConfig({ INPUT_TAG_NAME: 'refs/tags/v1.2.3' }).input_tag_name).toBe('v1.2.3');
});
});
describe('isTag', () => {
it('returns true for tags', async () => {
@@ -449,6 +486,16 @@ describe('util', () => {
});
});
describe('normalizeTagName', () => {
it('strips refs/tags/ from explicit tag names', () => {
assert.equal(normalizeTagName('refs/tags/v1.2.3'), 'v1.2.3');
});
it('leaves plain tag names unchanged', () => {
assert.equal(normalizeTagName('v1.2.3'), 'v1.2.3');
});
});
describe('paths', () => {
it('resolves files given a set of paths', async () => {
assert.deepStrictEqual(paths(['tests/data/**/*', 'tests/data/does/not/exist/*']), [
@@ -476,6 +523,56 @@ describe('util', () => {
});
});
describe('normalizeGlobPattern', () => {
it('preserves posix-style patterns on non-windows platforms', () => {
assert.equal(normalizeGlobPattern('./dist/**/*.tgz', 'linux'), './dist/**/*.tgz');
});
it('normalizes relative windows-style glob patterns', () => {
assert.equal(
normalizeGlobPattern('.\\release-assets\\rssguard-*win7.exe', 'win32'),
'./release-assets/rssguard-*win7.exe',
);
});
it('normalizes absolute windows-style glob patterns', () => {
assert.equal(
normalizeGlobPattern('D:\\a\\repo\\build\\packages\\*', 'win32'),
'D:/a/repo/build/packages/*',
);
});
});
describe('expandHomePattern', () => {
it('expands a bare tilde to the provided home directory', () => {
assert.equal(expandHomePattern('~', '/home/runner'), '/home/runner');
});
it('expands posix-style tilde paths', () => {
assert.equal(expandHomePattern('~/release.txt', '/home/runner'), '/home/runner/release.txt');
});
it('leaves non-tilde paths unchanged', () => {
assert.equal(expandHomePattern('./release.txt', '/home/runner'), './release.txt');
});
});
describe('normalizeFilePattern', () => {
it('expands tilde paths before globbing', () => {
assert.equal(
normalizeFilePattern('~/release-assets/*.tgz', 'linux', '/home/runner'),
'/home/runner/release-assets/*.tgz',
);
});
it('expands tilde paths and normalizes windows separators', () => {
assert.equal(
normalizeFilePattern('~\\release-assets\\*.zip', 'win32', 'C:\\Users\\runner'),
'C:/Users/runner/release-assets/*.zip',
);
});
});
describe('replaceSpacesWithDots', () => {
it('replaces all spaces with dots', () => {
expect(alignAssetName('John Doe.bla')).toBe('John.Doe.bla');

10
action.yml
View File

@@ -13,7 +13,7 @@ inputs:
description: "Gives the release a custom name. Defaults to tag name"
required: false
tag_name:
description: "Gives a tag name. Defaults to github.ref_name"
description: "Gives a tag name. Defaults to github.ref_name. refs/tags/<name> values are normalized to <name>."
required: false
draft:
description: "Creates a draft release. Defaults to false"
@@ -22,10 +22,10 @@ inputs:
description: "Identify the release as a prerelease. Defaults to false"
required: false
preserve_order:
description: "Preserver the order of the artifacts when uploading"
description: "Upload artifacts sequentially in the provided order. This does not control the final display order GitHub uses for release assets."
required: false
files:
description: "Newline-delimited list of path globs for asset files to upload"
description: "Newline-delimited list of path globs for asset files to upload. Escape glob metacharacters when matching literal filenames that contain them. `~/...` expands to the runner home directory. On Windows, both \\ and / path separators are accepted. GitHub may normalize raw asset filenames that contain special characters; the action restores the asset label when possible, but the final download name remains GitHub-controlled."
required: false
working_directory:
description: "Base directory to resolve 'files' globs against (defaults to job working-directory)"
@@ -41,11 +41,11 @@ inputs:
description: "Repository to make releases against, in <owner>/<repo> format"
required: false
token:
description: "Authorized secret GitHub Personal Access Token. Defaults to github.token"
description: "Authorized GitHub token or PAT. Defaults to github.token when omitted. A non-empty explicit token overrides GITHUB_TOKEN. Passing an empty string treats the token as unset."
required: false
default: ${{ github.token }}
target_commitish:
description: "Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA."
description: "Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. When creating a new tag for an older commit, `github.token` may not have permission to create the ref; use a PAT or another token with sufficient contents permissions if you hit 403 `Resource not accessible by integration`."
required: false
discussion_category_name:
description: "If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. If there is already a discussion linked to the release, this parameter is ignored."

64
dist/index.js vendored
View File

File diff suppressed because one or more lines are too long

4
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{
"name": "action-gh-release",
"version": "2.5.1",
"version": "2.5.3",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "action-gh-release",
"version": "2.5.1",
"version": "2.5.3",
"dependencies": {
"@actions/core": "^3.0.0",
"@actions/github": "^9.0.0",

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "action-gh-release",
"version": "2.5.1",
"version": "2.5.3",
"private": true,
"description": "GitHub Action for creating GitHub Releases",
"main": "lib/main.js",

338
src/github.ts
View File

@@ -3,7 +3,7 @@ import { statSync } from 'fs';
import { open } from 'fs/promises';
import { lookup } from 'mime-types';
import { basename } from 'path';
import { alignAssetName, Config, isTag, releaseBody } from './util';
import { alignAssetName, Config, isTag, normalizeTagName, releaseBody } from './util';
type GitHub = InstanceType<typeof GitHub>;
@@ -23,7 +23,12 @@ export interface Release {
target_commitish: string;
draft: boolean;
prerelease: boolean;
assets: Array<{ id: number; name: string }>;
assets: Array<{ id: number; name: string; label?: string | null }>;
}
export interface ReleaseResult {
release: Release;
created: boolean;
}
export interface Releaser {
@@ -71,10 +76,20 @@ export interface Releaser {
owner: string;
repo: string;
release_id: number;
}): Promise<Array<{ id: number; name: string; [key: string]: any }>>;
}): Promise<Array<{ id: number; name: string; label?: string | null; [key: string]: any }>>;
deleteReleaseAsset(params: { owner: string; repo: string; asset_id: number }): Promise<void>;
deleteRelease(params: { owner: string; repo: string; release_id: number }): Promise<void>;
updateReleaseAsset(params: {
owner: string;
repo: string;
asset_id: number;
name: string;
label: string;
}): Promise<{ data: any }>;
uploadReleaseAsset(params: {
url: string;
size: number;
@@ -209,7 +224,7 @@ export class GitHubReleaser implements Releaser {
owner: string;
repo: string;
release_id: number;
}): Promise<Array<{ id: number; name: string; [key: string]: any }>> {
}): Promise<Array<{ id: number; name: string; label?: string | null; [key: string]: any }>> {
return this.github.paginate(this.github.rest.repos.listReleaseAssets, {
...params,
per_page: 100,
@@ -224,6 +239,20 @@ export class GitHubReleaser implements Releaser {
await this.github.rest.repos.deleteReleaseAsset(params);
}
async deleteRelease(params: { owner: string; repo: string; release_id: number }): Promise<void> {
await this.github.rest.repos.deleteRelease(params);
}
async updateReleaseAsset(params: {
owner: string;
repo: string;
asset_id: number;
name: string;
label: string;
}): Promise<{ data: any }> {
return await this.github.rest.repos.updateReleaseAsset(params);
}
async uploadReleaseAsset(params: {
url: string;
size: number;
@@ -261,15 +290,18 @@ export const upload = async (
releaser: Releaser,
url: string,
path: string,
currentAssets: Array<{ id: number; name: string }>,
currentAssets: Array<{ id: number; name: string; label?: string | null }>,
): Promise<any> => {
const [owner, repo] = config.github_repository.split('/');
const { name, mime, size } = asset(path);
const releaseIdMatch = url.match(/\/releases\/(\d+)\/assets/);
const releaseId = releaseIdMatch ? Number(releaseIdMatch[1]) : undefined;
const currentAsset = currentAssets.find(
// note: GitHub renames asset filenames that have special characters, non-alphanumeric characters, and leading or trailing periods. The "List release assets" endpoint lists the renamed filenames.
// due to this renaming we need to be mindful when we compare the file name we're uploading with a name github may already have rewritten for logical comparison
// see https://docs.github.com/en/rest/releases/assets?apiVersion=2022-11-28#upload-a-release-asset
({ name: currentName }) => currentName == alignAssetName(name),
({ name: currentName, label: currentLabel }) =>
currentName === name || currentName === alignAssetName(name) || currentLabel === name,
);
if (currentAsset) {
if (config.input_overwrite_files === false) {
@@ -287,15 +319,23 @@ export const upload = async (
console.log(`⬆️ Uploading ${name}...`);
const endpoint = new URL(url);
endpoint.searchParams.append('name', name);
const fh = await open(path);
const uploadAsset = async () => {
const fh = await open(path);
try {
return await releaser.uploadReleaseAsset({
url: endpoint.toString(),
size,
mime,
token: config.github_token,
data: fh.readableWebStream({ type: 'bytes' }),
});
} finally {
await fh.close();
}
};
try {
const resp = await releaser.uploadReleaseAsset({
url: endpoint.toString(),
size,
mime,
token: config.github_token,
data: fh.readableWebStream({ type: 'bytes' }),
});
const resp = await uploadAsset();
const json = resp.data;
if (resp.status !== 201) {
throw new Error(
@@ -304,10 +344,67 @@ export const upload = async (
}\n${json.message}\n${JSON.stringify(json.errors)}`,
);
}
if (json.name && json.name !== name && json.id) {
console.log(`✏️ Restoring asset label to ${name}...`);
try {
const { data } = await releaser.updateReleaseAsset({
owner,
repo,
asset_id: json.id,
name: json.name,
label: name,
});
console.log(`✅ Uploaded ${name}`);
return data;
} catch (error) {
console.warn(`error updating release asset label for ${name}: ${error}`);
}
}
console.log(`✅ Uploaded ${name}`);
return json;
} finally {
await fh.close();
} catch (error: any) {
const errorStatus = error?.status ?? error?.response?.status;
const errorData = error?.response?.data;
// Handle race conditions across concurrent workflows uploading the same asset.
if (
config.input_overwrite_files !== false &&
errorStatus === 422 &&
errorData?.errors?.[0]?.code === 'already_exists' &&
releaseId !== undefined
) {
console.log(
`⚠️ Asset ${name} already exists (race condition), refreshing assets and retrying once...`,
);
const latestAssets = await releaser.listReleaseAssets({
owner,
repo,
release_id: releaseId,
});
const latestAsset = latestAssets.find(
({ name: currentName }) => currentName == alignAssetName(name),
);
if (latestAsset) {
await releaser.deleteReleaseAsset({
owner,
repo,
asset_id: latestAsset.id,
});
const retryResp = await uploadAsset();
const retryJson = retryResp.data;
if (retryResp.status !== 201) {
throw new Error(
`Failed to upload release asset ${name}. received status code ${
retryResp.status
}\n${retryJson.message}\n${JSON.stringify(retryJson.errors)}`,
);
}
console.log(`✅ Uploaded ${name}`);
return retryJson;
}
}
throw error;
}
};
@@ -315,7 +412,7 @@ export const release = async (
config: Config,
releaser: Releaser,
maxRetries: number = 3,
): Promise<Release> => {
): Promise<ReleaseResult> => {
if (maxRetries <= 0) {
console.log(`❌ Too many retries. Aborting...`);
throw new Error('Too many retries.');
@@ -323,7 +420,7 @@ export const release = async (
const [owner, repo] = config.github_repository.split('/');
const tag =
config.input_tag_name ||
normalizeTagName(config.input_tag_name) ||
(isTag(config.github_ref) ? config.github_ref.replace('refs/tags/', '') : '');
const discussion_category_name = config.input_discussion_category_name;
@@ -395,7 +492,10 @@ export const release = async (
generate_release_notes,
make_latest,
});
return release.data;
return {
release: release.data,
created: false,
};
} catch (error) {
if (error.status !== 404) {
console.log(
@@ -430,9 +530,10 @@ export const finalizeRelease = async (
config: Config,
releaser: Releaser,
release: Release,
releaseWasCreated: boolean = false,
maxRetries: number = 3,
): Promise<Release> => {
if (config.input_draft === true) {
if (config.input_draft === true || release.draft === false) {
return release;
}
@@ -453,8 +554,34 @@ export const finalizeRelease = async (
return data;
} catch (error) {
console.warn(`error finalizing release: ${error}`);
if (releaseWasCreated && release.draft && isTagCreationBlockedError(error)) {
let deleted = false;
try {
console.log(
`🧹 Deleting draft release ${release.id} for tag ${release.tag_name} because tag creation is blocked by repository rules...`,
);
await releaser.deleteRelease({
owner,
repo,
release_id: release.id,
});
deleted = true;
} catch (cleanupError) {
console.warn(`error deleting orphan draft release ${release.id}: ${cleanupError}`);
}
const cleanupResult = deleted
? `Deleted draft release ${release.id} to avoid leaving an orphaned draft release.`
: `Failed to delete draft release ${release.id}; manual cleanup may still be required.`;
throw new Error(
`Tag creation for ${release.tag_name} is blocked by repository rules. ${cleanupResult}`,
);
}
console.log(`retrying... (${maxRetries - 1} retries remaining)`);
return finalizeRelease(config, releaser, release, maxRetries - 1);
return finalizeRelease(config, releaser, release, releaseWasCreated, maxRetries - 1);
}
};
@@ -525,6 +652,141 @@ export async function findTagFromReleases(
}
}
const CREATED_RELEASE_DISCOVERY_RETRY_DELAY_MS = 1000;
const RECENT_RELEASE_SCAN_PAGES = 2;
async function sleep(ms: number): Promise<void> {
await new Promise((resolve) => setTimeout(resolve, ms));
}
async function recentReleasesByTag(
releaser: Releaser,
owner: string,
repo: string,
tag: string,
): Promise<Release[]> {
const matches: Release[] = [];
let pages = 0;
for await (const page of releaser.allReleases({ owner, repo })) {
matches.push(...page.data.filter((release) => release.tag_name === tag));
pages += 1;
if (pages >= RECENT_RELEASE_SCAN_PAGES) {
break;
}
}
return matches;
}
function pickCanonicalRelease(
releases: Release[],
releaseByTag: Release | undefined,
): Release | undefined {
if (releaseByTag && releases.some((release) => release.id === releaseByTag.id)) {
return releaseByTag;
}
if (releases.length === 0) {
return releaseByTag;
}
return [...releases].sort((left, right) => {
if (left.draft !== right.draft) {
return Number(left.draft) - Number(right.draft);
}
return left.id - right.id;
})[0];
}
async function cleanupDuplicateDraftReleases(
releaser: Releaser,
owner: string,
repo: string,
tag: string,
canonicalReleaseId: number,
releases: Release[],
): Promise<void> {
const uniqueReleases = Array.from(
new Map(releases.map((release) => [release.id, release])).values(),
);
for (const duplicate of uniqueReleases) {
if (duplicate.id === canonicalReleaseId || !duplicate.draft || duplicate.assets.length > 0) {
continue;
}
try {
console.log(`🧹 Removing duplicate draft release ${duplicate.id} for tag ${tag}...`);
await releaser.deleteRelease({
owner,
repo,
release_id: duplicate.id,
});
} catch (error) {
console.warn(`error deleting duplicate release ${duplicate.id}: ${error}`);
}
}
}
async function canonicalizeCreatedRelease(
releaser: Releaser,
owner: string,
repo: string,
tag: string,
createdRelease: Release,
maxRetries: number,
): Promise<Release> {
const attempts = Math.max(maxRetries, 1);
for (let attempt = 1; attempt <= attempts; attempt += 1) {
let releaseByTag: Release | undefined;
try {
releaseByTag = await findTagFromReleases(releaser, owner, repo, tag);
} catch (error) {
console.warn(`error reloading release for tag ${tag}: ${error}`);
}
let recentReleases: Release[] = [];
try {
recentReleases = await recentReleasesByTag(releaser, owner, repo, tag);
} catch (error) {
console.warn(`error listing recent releases for tag ${tag}: ${error}`);
}
const canonicalRelease = pickCanonicalRelease(recentReleases, releaseByTag);
if (canonicalRelease) {
if (canonicalRelease.id !== createdRelease.id) {
console.log(
`↪️ Using release ${canonicalRelease.id} for tag ${tag} instead of duplicate draft ${createdRelease.id}`,
);
}
await cleanupDuplicateDraftReleases(releaser, owner, repo, tag, canonicalRelease.id, [
createdRelease,
...recentReleases,
]);
return canonicalRelease;
}
if (attempt < attempts) {
console.log(
`Release ${createdRelease.id} is not yet discoverable by tag ${tag}, retrying... (${
attempts - attempt
} retries remaining)`,
);
await sleep(CREATED_RELEASE_DISCOVERY_RETRY_DELAY_MS);
}
}
console.log(
`⚠️ Continuing with newly created release ${createdRelease.id} because tag ${tag} is still not discoverable`,
);
return createdRelease;
}
async function createRelease(
tag: string,
config: Config,
@@ -534,11 +796,12 @@ async function createRelease(
discussion_category_name: string | undefined,
generate_release_notes: boolean | undefined,
maxRetries: number,
) {
): Promise<ReleaseResult> {
const tag_name = tag;
const name = config.input_name || tag;
const body = releaseBody(config);
const prerelease = config.input_prerelease;
const draft = prerelease === true ? config.input_draft === true : true;
const target_commitish = config.input_target_commitish;
const make_latest = config.input_make_latest;
let commitMessage: string = '';
@@ -547,20 +810,31 @@ async function createRelease(
}
console.log(`👩‍🏭 Creating new GitHub release for tag ${tag_name}${commitMessage}...`);
try {
let release = await releaser.createRelease({
const createdRelease = await releaser.createRelease({
owner,
repo,
tag_name,
name,
body,
draft: true,
draft,
prerelease,
target_commitish,
discussion_category_name,
generate_release_notes,
make_latest,
});
return release.data;
const canonicalRelease = await canonicalizeCreatedRelease(
releaser,
owner,
repo,
tag_name,
createdRelease.data,
maxRetries,
);
return {
release: canonicalRelease,
created: canonicalRelease.id === createdRelease.data.id,
};
} catch (error) {
// presume a race with competing matrix runs
console.log(`⚠️ GitHub release failed with status: ${error.status}`);
@@ -596,3 +870,17 @@ async function createRelease(
return release(config, releaser, maxRetries - 1);
}
}
function isTagCreationBlockedError(error: any): boolean {
const errors = error?.response?.data?.errors;
if (!Array.isArray(errors) || error?.status !== 422) {
return false;
}
return errors.some(
({ field, message }: { field?: string; message?: string }) =>
field === 'pre_receive' &&
typeof message === 'string' &&
message.includes('creations being restricted'),
);
}

6
src/main.ts
View File

@@ -49,7 +49,9 @@ async function run() {
});
//);
const releaser = new GitHubReleaser(gh);
let rel = await release(config, releaser);
const releaseResult = await release(config, releaser);
let rel = releaseResult.release;
const releaseWasCreated = releaseResult.created;
let uploadedAssetIds: Set<number> = new Set();
if (config.input_files && config.input_files.length > 0) {
const files = paths(config.input_files, config.input_working_directory);
@@ -81,7 +83,7 @@ async function run() {
}
console.log('Finalizing release...');
rel = await finalizeRelease(config, releaser, rel);
rel = await finalizeRelease(config, releaser, rel, releaseWasCreated);
// Draft releases use temporary "untagged-..." URLs for assets.
// URLs will be changed to correct ones once the release is published.

56
src/util.ts
View File

@@ -1,5 +1,6 @@
import * as glob from 'glob';
import { statSync, readFileSync } from 'fs';
import { homedir } from 'os';
import * as pathLib from 'path';
export interface Config {
@@ -84,13 +85,21 @@ export const parseInputFiles = (files: string): string[] => {
.filter((pat) => pat.trim() !== '');
};
const parseToken = (env: Env): string => {
const inputToken = env.INPUT_TOKEN?.trim();
if (inputToken) {
return inputToken;
}
return env.GITHUB_TOKEN?.trim() || '';
};
export const parseConfig = (env: Env): Config => {
return {
github_token: env.GITHUB_TOKEN || env.INPUT_TOKEN || '',
github_token: parseToken(env),
github_ref: env.GITHUB_REF || '',
github_repository: env.INPUT_REPOSITORY || env.GITHUB_REPOSITORY || '',
input_name: env.INPUT_NAME,
input_tag_name: env.INPUT_TAG_NAME?.trim(),
input_tag_name: normalizeTagName(env.INPUT_TAG_NAME?.trim()),
input_body: env.INPUT_BODY,
input_body_path: env.INPUT_BODY_PATH,
input_files: parseInputFiles(env.INPUT_FILES || ''),
@@ -117,11 +126,39 @@ const parseMakeLatest = (value: string | undefined): 'true' | 'false' | 'legacy'
return undefined;
};
export const normalizeGlobPattern = (
pattern: string,
platform: NodeJS.Platform = process.platform,
): string => {
if (platform === 'win32') {
return pattern.replace(/\\/g, '/');
}
return pattern;
};
export const expandHomePattern = (pattern: string, homeDirectory: string = homedir()): string => {
if (pattern === '~') {
return homeDirectory;
}
if (pattern.startsWith('~/') || pattern.startsWith('~\\')) {
return pathLib.join(homeDirectory, pattern.slice(2));
}
return pattern;
};
export const normalizeFilePattern = (
pattern: string,
platform: NodeJS.Platform = process.platform,
homeDirectory: string = homedir(),
): string => {
return normalizeGlobPattern(expandHomePattern(pattern, homeDirectory), platform);
};
export const paths = (patterns: string[], cwd?: string): string[] => {
return patterns.reduce((acc: string[], pattern: string): string[] => {
const matches = glob.sync(pattern, { cwd, dot: true, absolute: false });
const matches = glob.sync(normalizeFilePattern(pattern), { cwd, dot: true, absolute: false });
const resolved = matches
.map((p) => (cwd ? pathLib.join(cwd, p) : p))
.map((p) => (cwd && !pathLib.isAbsolute(p) ? pathLib.join(cwd, p) : p))
.filter((p) => {
try {
return statSync(p).isFile();
@@ -135,10 +172,10 @@ export const paths = (patterns: string[], cwd?: string): string[] => {
export const unmatchedPatterns = (patterns: string[], cwd?: string): string[] => {
return patterns.reduce((acc: string[], pattern: string): string[] => {
const matches = glob.sync(pattern, { cwd, dot: true, absolute: false });
const matches = glob.sync(normalizeFilePattern(pattern), { cwd, dot: true, absolute: false });
const files = matches.filter((p) => {
try {
const full = cwd ? pathLib.join(cwd, p) : p;
const full = cwd && !pathLib.isAbsolute(p) ? pathLib.join(cwd, p) : p;
return statSync(full).isFile();
} catch {
return false;
@@ -152,6 +189,13 @@ export const isTag = (ref: string): boolean => {
return ref.startsWith('refs/tags/');
};
export const normalizeTagName = (tag: string | undefined): string | undefined => {
if (!tag) {
return tag;
}
return isTag(tag) ? tag.replace('refs/tags/', '') : tag;
};
export const alignAssetName = (assetName: string): string => {
return assetName.replace(/ /g, '.');
};