Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v6 cannot be used with actions/download-artifact@v4 #1167

Open
3 tasks done
kateinoigakukun opened this issue Jul 1, 2024 · 10 comments
Open
3 tasks done

v6 cannot be used with actions/download-artifact@v4 #1167

kateinoigakukun opened this issue Jul 1, 2024 · 10 comments
Labels
area/summary kind/upstream Changes need to be made on upstream project

Comments

@kateinoigakukun
Copy link

Contributing guidelines

I've found a bug, and:

  • The documentation does not mention anything about my problem
  • There are no open or closed issues that are related to my problem

Description

After updating docker/build-push-action to v6, we started observing the following error at actions/download-artifact step.

Unable to download artifact(s): Unable to download and extract artifact: Artifact download failed after 5 retries.

I guess something in the build summary uploading feature is incompatible with actions/download-artifact.

You can reproduce the problem with this https://github.com/kateinoigakukun/gh-actions-sandbox/actions/runs/9737812232/workflow

Expected behaviour

actions/download-artifact can download all artifacts even with this action.

Actual behaviour

actions/download-artifact fails while trying to download all artifacts

Repository URL

No response

Workflow run URL

No response

YAML workflow

name: Docker Build

on:
  workflow_dispatch:

jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - uses: docker/build-push-action@v6
  post-job:
    runs-on: ubuntu-latest
    needs: [docker]
    steps:
      - uses: actions/download-artifact@v4

Workflow logs

No response

BuildKit logs

No response

Additional info

No response

@crazy-max
Copy link
Member

crazy-max commented Jul 1, 2024

Thanks for your feedback, looking at the workflow:

name: Docker Build

on:
  workflow_dispatch:

jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - uses: docker/build-push-action@v6
  post-job:
    runs-on: ubuntu-latest
    needs: [docker]
    steps:
      - uses: actions/download-artifact@v4

It seems actions/download-artifact@v4 downloads all available artifacts within the workflow if name and pattern are not set: https://github.com/actions/download-artifact?tab=readme-ov-file#download-all-artifacts

If the name input parameter is not provided, all artifacts will be downloaded. To differentiate between downloaded artifacts, by default a directory denoted by the artifacts name will be created for each individual artifact. This behavior can be changed with the merge-multiple input parameter.

And will therefore try to download the .dockerbuild file uploaded by our action: https://github.com/kateinoigakukun/gh-actions-sandbox/actions/runs/9737812232/job/26870430716#step:2:13

Starting download of artifact to: /home/runner/work/gh-actions-sandbox/gh-actions-sandbox/kateinoigakukun~gh-actions-sandbox~8P1DEG.dockerbuild

I wonder if this is because we are setting the content disposition header when uploading the file to the store: https://github.com/docker/actions-toolkit/blob/fe9937dd36b64d2090fbfec40e144944ae390a12/src/github.ts#L159

I will take a closer look.

@crazy-max
Copy link
Member

After enabling debug it seems it fails because the file is not a valid zip which makes sense because in your case it's a gzip:

##[debug]Failed to download artifact after 1 retries due to Not a valid zip file. Retrying in 5 seconds...
##[debug]Failed to download artifact after 2 retries due to Not a valid zip file. Retrying in 5 seconds...
##[debug]Failed to download artifact after 3 retries due to Not a valid zip file. Retrying in 5 seconds...
##[debug]Failed to download artifact after 4 retries due to Not a valid zip file. Retrying in 5 seconds...
##[debug]Failed to download artifact after 5 retries due to Not a valid zip file. Retrying in 5 seconds...
Error: Unable to download artifact(s): Unable to download and extract artifact: Artifact download failed after 5 retries.

Seems related to actions/download-artifact#328

@crazy-max
Copy link
Member

Found a way to mitigate this issue when using actions/download-artifact: actions/download-artifact#328 (comment)

Will see for maintainers feedback.

@hegerdes
Copy link

hegerdes commented Jul 1, 2024

Had the same issue.

If you remove the build summary artifacts it works again. I think you can disable it with setting DOCKER_BUILD_NO_SUMMARY=true

@crazy-max
Copy link
Member

crazy-max commented Jul 3, 2024

If you remove the build summary artifacts it works again. I think you can disable it with setting DOCKER_BUILD_NO_SUMMARY=true

Since https://github.com/docker/build-push-action/releases/tag/v6.3.0 you can also just set DOCKER_BUILD_RECORD_UPLOAD: false to disable build record upload as GitHub artifact and keep summary generation: https://github.com/docker/build-push-action?tab=readme-ov-file#environment-variables

@crazy-max crazy-max added kind/upstream Changes need to be made on upstream project and removed status/needs-investigation labels Jul 3, 2024
@saisatishkarra
Copy link

saisatishkarra commented Jul 3, 2024

An [example of reproduced issue](https://github.com/saisatishkarra/public-shared-actions/actions/runs/9781049546/job/27004202651#step:2:16 to download all assets using actions/download@v4 after the docker/build-push-action@v6 job
An quick run by bumping to v6.3.0 also doesn't work UNTIL a new run with change is made to disable build record upload.

@crazy-max
Copy link
Member

UNTIL a new run with change is made to disable docker summary report starting v6.

I think you mean build record upload not "disable docker summary report" but yeah that's it.

@hegerdes
Copy link

hegerdes commented Jul 3, 2024

@crazy-max May I suggest to update the release notes for v6 to mention the incompatibility with download-artifacts and to promote the new environment flag to disable that behavior instead of a deprecated one?

Manny people will get the dependabot PR to update the action but it will serve outdated/inakkurate information for compatibility if it is not mentioned in the release notes.
For future features an opt-in testing phase might be a great idea.

pbrisbin added a commit to restyled-io/restylers that referenced this issue Jul 11, 2024
The updated docker build-push action is now uploading build results as
GitHub artifacts automatically. These break when download-artifacts is
used in the "download all" style. We could disable those artifacts, but
it's better to be more specific in the download, IMO.

docker/build-push-action#1167
rcdailey added a commit to recyclarr/recyclarr that referenced this issue Jul 11, 2024
Downgrade the artifact upload/download actions to v3 since none of the
v4 versions seem to address the "Not a valid zip file" issue.

Modified the codesign job to additionally run on PRs, so that when
Renovate upgrades the upload/download artifacts, we can tell from the PR
if the ZIP file issue is fixed.

For more info, see:

- actions/download-artifact#328
- docker/build-push-action#1167
rcdailey added a commit to recyclarr/recyclarr that referenced this issue Jul 11, 2024
Downgrade the artifact upload/download actions to v3 since none of the
v4 versions seem to address the "Not a valid zip file" issue.

Modified the codesign job to additionally run on PRs, so that when
Renovate upgrades the upload/download artifacts, we can tell from the PR
if the ZIP file issue is fixed.

For more info, see:

- actions/download-artifact#328
- docker/build-push-action#1167
rcdailey added a commit to recyclarr/recyclarr that referenced this issue Jul 11, 2024
Downgrade the artifact upload/download actions to v3 since none of the
v4 versions seem to address the "Not a valid zip file" issue.

Modified the codesign job to additionally run on PRs, so that when
Renovate upgrades the upload/download artifacts, we can tell from the PR
if the ZIP file issue is fixed.

For more info, see:

- actions/download-artifact#328
- docker/build-push-action#1167
HyukjinKwon pushed a commit to apache/spark that referenced this issue Sep 6, 2024
### What changes were proposed in this pull request?
Upgrade `dawidd6/action-download-artifact` from v1 to v6
Upgrade `scacap/action-surefire-report` from v1.0.13 to v1.8.0

### Why are the changes needed?
Current versions have the following problems:

`dawidd6/action-download-artifact` failing:
```
 ==> Downloading: apache~spark~ADIBKZ.dockerbuild.zip (44.7 kB)
Error: <?xml version="1.0" encoding="utf-8"?>
<Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:2c8b19f5-601e-007f-54e7-ffac7a000000
Time:2024-09-05T23:01:54.1979479Z</Message></Error>
```
https://github.com/apache/spark/actions/runs/10729437729/job/29756039009#step:2:15-17

`scacap/action-surefire-report` warning:
```
Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
```
https://github.com/apache/spark/actions/runs/10723482700/job/29736875911#step:3:14

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
In GitHub CI:
The download succeeds (authentication issue above resolved), not hit by another bug: docker/build-push-action#1167
```
==> Downloading: G-Research~spark~R7TXVG.dockerbuild.zip (23.76 kB)
Error: Invalid or unsupported zip format. No END header found
```
https://github.com/G-Research/spark/actions/runs/10733657395/job/29767392437#step:2:27

To be fixed in #48012.

### Was this patch authored or co-authored using generative AI tooling?
No.

Closes #48011 from EnricoMi/master.

Authored-by: Enrico Minack <[email protected]>
Signed-off-by: Hyukjin Kwon <[email protected]>
IvanK-db pushed a commit to IvanK-db/spark that referenced this issue Sep 20, 2024
### What changes were proposed in this pull request?
Upgrade `dawidd6/action-download-artifact` from v1 to v6
Upgrade `scacap/action-surefire-report` from v1.0.13 to v1.8.0

### Why are the changes needed?
Current versions have the following problems:

`dawidd6/action-download-artifact` failing:
```
 ==> Downloading: apache~spark~ADIBKZ.dockerbuild.zip (44.7 kB)
Error: <?xml version="1.0" encoding="utf-8"?>
<Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:2c8b19f5-601e-007f-54e7-ffac7a000000
Time:2024-09-05T23:01:54.1979479Z</Message></Error>
```
https://github.com/apache/spark/actions/runs/10729437729/job/29756039009#step:2:15-17

`scacap/action-surefire-report` warning:
```
Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
```
https://github.com/apache/spark/actions/runs/10723482700/job/29736875911#step:3:14

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
In GitHub CI:
The download succeeds (authentication issue above resolved), not hit by another bug: docker/build-push-action#1167
```
==> Downloading: G-Research~spark~R7TXVG.dockerbuild.zip (23.76 kB)
Error: Invalid or unsupported zip format. No END header found
```
https://github.com/G-Research/spark/actions/runs/10733657395/job/29767392437#step:2:27

To be fixed in apache#48012.

### Was this patch authored or co-authored using generative AI tooling?
No.

Closes apache#48011 from EnricoMi/master.

Authored-by: Enrico Minack <[email protected]>
Signed-off-by: Hyukjin Kwon <[email protected]>
attilapiros pushed a commit to attilapiros/spark that referenced this issue Oct 4, 2024
### What changes were proposed in this pull request?
Upgrade `dawidd6/action-download-artifact` from v1 to v6
Upgrade `scacap/action-surefire-report` from v1.0.13 to v1.8.0

### Why are the changes needed?
Current versions have the following problems:

`dawidd6/action-download-artifact` failing:
```
 ==> Downloading: apache~spark~ADIBKZ.dockerbuild.zip (44.7 kB)
Error: <?xml version="1.0" encoding="utf-8"?>
<Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:2c8b19f5-601e-007f-54e7-ffac7a000000
Time:2024-09-05T23:01:54.1979479Z</Message></Error>
```
https://github.com/apache/spark/actions/runs/10729437729/job/29756039009#step:2:15-17

`scacap/action-surefire-report` warning:
```
Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
```
https://github.com/apache/spark/actions/runs/10723482700/job/29736875911#step:3:14

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
In GitHub CI:
The download succeeds (authentication issue above resolved), not hit by another bug: docker/build-push-action#1167
```
==> Downloading: G-Research~spark~R7TXVG.dockerbuild.zip (23.76 kB)
Error: Invalid or unsupported zip format. No END header found
```
https://github.com/G-Research/spark/actions/runs/10733657395/job/29767392437#step:2:27

To be fixed in apache#48012.

### Was this patch authored or co-authored using generative AI tooling?
No.

Closes apache#48011 from EnricoMi/master.

Authored-by: Enrico Minack <[email protected]>
Signed-off-by: Hyukjin Kwon <[email protected]>
himadripal pushed a commit to himadripal/spark that referenced this issue Oct 19, 2024
### What changes were proposed in this pull request?
Upgrade `dawidd6/action-download-artifact` from v1 to v6
Upgrade `scacap/action-surefire-report` from v1.0.13 to v1.8.0

### Why are the changes needed?
Current versions have the following problems:

`dawidd6/action-download-artifact` failing:
```
 ==> Downloading: apache~spark~ADIBKZ.dockerbuild.zip (44.7 kB)
Error: <?xml version="1.0" encoding="utf-8"?>
<Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:2c8b19f5-601e-007f-54e7-ffac7a000000
Time:2024-09-05T23:01:54.1979479Z</Message></Error>
```
https://github.com/apache/spark/actions/runs/10729437729/job/29756039009#step:2:15-17

`scacap/action-surefire-report` warning:
```
Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
```
https://github.com/apache/spark/actions/runs/10723482700/job/29736875911#step:3:14

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
In GitHub CI:
The download succeeds (authentication issue above resolved), not hit by another bug: docker/build-push-action#1167
```
==> Downloading: G-Research~spark~R7TXVG.dockerbuild.zip (23.76 kB)
Error: Invalid or unsupported zip format. No END header found
```
https://github.com/G-Research/spark/actions/runs/10733657395/job/29767392437#step:2:27

To be fixed in apache#48012.

### Was this patch authored or co-authored using generative AI tooling?
No.

Closes apache#48011 from EnricoMi/master.

Authored-by: Enrico Minack <[email protected]>
Signed-off-by: Hyukjin Kwon <[email protected]>
@ahatzz11
Copy link

ahatzz11 commented Nov 7, 2024

@crazy-max Has there been any update to this? GitHub is going to be deprecating the old actions on December 5th blog post so people will be required to use v4. Having these docker build artifacts break downloads is going to start causing a larger range of issues.

@crazy-max
Copy link
Member

@ahatzz11 Will reach GitHub staff and keep you posted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/summary kind/upstream Changes need to be made on upstream project
Projects
None yet
Development

No branches or pull requests

5 participants