2.6.0

feature - promote prerelease

.eslintrc.json

@@ -24,7 +24,6 @@
         "@typescript-eslint/func-call-spacing": ["error", "never"],
         "@typescript-eslint/no-array-constructor": "error",
         "@typescript-eslint/no-empty-interface": "error",
-        "@typescript-eslint/no-explicit-any": "error",
         "@typescript-eslint/no-extraneous-class": "error",
         "@typescript-eslint/no-for-in-array": "error",
         "@typescript-eslint/no-inferrable-types": "error",

.github/workflows/ci.yml

@@ -9,7 +9,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - run: |
         npm install
         npm run all
@@ -21,7 +21,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Make test pre-release
       uses: ./
       with:
@@ -31,26 +31,57 @@ jobs:
         tag: ci-test-${{ matrix.os }}-${{ github.run_id }}
         overwrite: true
         prerelease: true
-        body: "rofl lol test"
+        make_latest: true
+        body: "rofl lol test%0Aianal %25 fubar"
     - name: Check that the uploaded asset is readable
       uses: actions/github-script@v2
       with:
         github-token: ${{ secrets.GITHUB_TOKEN }}
         script: |
           const fs = require('fs')
-          const child_process = require('child_process');
           const assert = require('assert').strict;
 
-          const expected = fs.readFileSync("README.md")
+          const expected = fs.readFileSync("README.md", "utf-8")
           const release = await github.repos.getReleaseByTag({
             ...context.repo,
             tag: "ci-test-${{ matrix.os }}-${{ github.run_id }}",
           })
           assert.deepStrictEqual(release.data.prerelease, true)
-          assert.deepStrictEqual(release.data.body, "rofl lol test")
+          assert.deepStrictEqual(release.data.body, "rofl lol test\nianal % fubar")
           assert.deepStrictEqual(release.data.assets[0].name, "TEST.md")
-          const actual = child_process.execSync(`curl -Ls ${release.data.assets[0].browser_download_url}`)
+          const actual = await github.request(release.data.assets[0].browser_download_url)
-          assert.deepStrictEqual(expected, actual)
+          assert.deepStrictEqual(expected, actual.data)
+    - name: Make test promote
+      uses: ./
+      with:
+        repo_token: ${{ secrets.GITHUB_TOKEN }}
+        file: README.md
+        asset_name: TEST.md
+        tag: ci-test-${{ matrix.os }}-${{ github.run_id }}
+        overwrite: true
+        promote: true
+        prerelease: false
+        make_latest: true
+        body: "new body"
+    - name: Check that the release is promoted
+      uses: actions/github-script@v2
+      with:
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+        retries: 15
+        script: |
+          const fs = require('fs')
+          const assert = require('assert').strict;
+          
+          const expected = fs.readFileSync("README.md", "utf-8")
+          const release = await github.repos.getReleaseByTag({
+            ...context.repo,
+            tag: "ci-test-${{ matrix.os }}-${{ github.run_id }}",
+          })
+          assert.deepStrictEqual(release.data.prerelease, false)
+          assert.deepStrictEqual(release.data.body, "new body")
+          assert.deepStrictEqual(release.data.assets[0].name, "TEST.md")
+          const actual = await github.request(release.data.assets[0].browser_download_url)
+          assert.deepStrictEqual(expected, actual.data)
     - name: Clean up
       if: ${{ always() }}
       uses: actions/github-script@v2

.gitignore

@@ -2,3 +2,4 @@ node_modules
 run.sh
 __tests__/runner/*
 lib/**/*
+.idea

CHANGELOG.md

@@ -1,5 +1,25 @@
 # Changelog
 
+## [2.6.0] - 2023-05-23
+- Add `make_latest` input parameter. Can be set to `false` to prevent the created release from being marked as the latest release for the repository [#100](https://github.com/svenstaro/upload-release-action/pull/100) (thanks @brandonkelly)
+- Don't try to upload empty files [#102](https://github.com/svenstaro/upload-release-action/pull/102) (thanks @Loyalsoldier)
+- Bump all deps [#105](https://github.com/svenstaro/upload-release-action/pull/105)
+- `overwrite` option also overwrites name and body [#106](https://github.com/svenstaro/upload-release-action/pull/106) (thanks @regevbr)
+- Add `promote` option to allow prereleases to be promoted [#74](https://github.com/svenstaro/upload-release-action/pull/74) (thanks @regevbr)
+
+## [2.5.0] - 2023-02-21
+- Add retry to upload release [#96](https://github.com/svenstaro/upload-release-action/pull/96) (thanks @sonphantrung)
+
+## [2.4.1] - 2023-02-01
+- Modernize octokit usage
+
+## [2.4.0] - 2023-01-09
+- Update to node 16
+- Bump most dependencies
+
+## [2.3.0] - 2022-06-05
+- Now defaults `repo_token` to `${{ github.token }}` and `tag` to `${{ github.ref }}` [#69](https://github.com/svenstaro/upload-release-action/pull/69) (thanks @leighmcculloch)
+
 ## [2.2.1] - 2020-12-16
 - Added support for the GitHub pagination API for repositories with many releases [#36](https://github.com/svenstaro/upload-release-action/pull/36) (thanks @djpohly)
 

README.md

@@ -1,4 +1,4 @@
-# Upload files to a GitHub release [![GitHub Actions Workflow](https://github.com/svenstaro/upload-release-action/workflows/PR%20Checks/badge.svg)](https://github.com/svenstaro/upload-release-action/actions)
+# Upload files to a GitHub release [![GitHub Actions Workflow](https://github.com/svenstaro/upload-release-action/actions/workflows/ci.yml/badge.svg)](https://github.com/svenstaro/upload-release-action/actions)
 
 This action allows you to select which files to upload to the just-tagged release.
 It runs on all operating systems types offered by GitHub.
@@ -7,17 +7,19 @@ It runs on all operating systems types offered by GitHub.
 
 You must provide:
 
-- `repo_token`: Usually you'll want to set this to `${{ secrets.GITHUB_TOKEN }}`.
 - `file`: A local file to be uploaded as the asset.
-- `tag`: The tag to upload into. If you want the current event's tag or branch name, use `${{ github.ref }}` (the `refs/tags/` and `refs/heads/` prefixes will be automatically stripped).
 
 Optional Arguments
 
+- `repo_token`: Defaults to `github.token`.
+- `tag`: The tag to upload into. If you want the current event's tag or branch name, use `${{ github.ref }}` (the `refs/tags/` and `refs/heads/` prefixes will be automatically stripped). Defaults to `github.ref`.
 - `asset_name`: The name the file gets as an asset on a release. Use `$tag` to include the tag name. When not provided it will default to the filename.
                 This is not used if `file_glob` is set to `true`.
-- `file_glob`: If set to true, the file argument can be a glob pattern (`asset_name` is ignored in this case) (Default: `false`)
+- `file_glob`: If set to true, the `file` argument can be a glob pattern (`asset_name` is ignored in this case) (Default: `false`)
 - `overwrite`: If an asset with the same name already exists, overwrite it (Default: `false`).
+- `promote`: If a prerelease already exists, promote it to a release (Default: `false`).
 - `prerelease`: Mark the release as a pre-release (Default: `false`).
+- `make_latest`: Mark the release as the latest release for the repository (Default: `true`).
 - `release_name`: Explicitly set a release name. (Defaults: implicitly same as `tag` via GitHub API).
 - `body`: Content of the release text (Default: `""`).
 - `repo_name`: Specify the name of the GitHub repository in which the GitHub release will be created, edited, and deleted. If the repository is other than the current, it is required to create a personal access token with `repo`, `user`, `admin:repo_hook` scopes to the foreign repository and add it as a secret. (Default: current repository).
@@ -47,7 +49,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build
       run: cargo build --release
     - name: Upload binaries to release
@@ -89,7 +91,7 @@ jobs:
             asset_name: mything-macos-amd64
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build
       run: cargo build --release --locked
     - name: Upload binaries to release
@@ -115,7 +117,7 @@ jobs:
     name: Publish binaries
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build
       run: cargo build --release
     - name: Upload binaries to release
@@ -144,7 +146,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build
       run: cargo build --release
     - name: Upload binaries to release
@@ -161,6 +163,61 @@ jobs:
         body: "This is my release text"
 ```
 
+**Example for feeding a file from repo to the `body` tag:**
+
+This example covers following points:
+* Reading a file present on the repo. For example, `release.md` which is placed in root directory of the repo.
+* Modify & push the `release.md` file before triggering this action (create tag for this example) to dynamically change the body of the release.
+
+```yaml
+name: Publish
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+
+  build:
+    name: Publish binaries
+    runs-on: ubuntu-latest
+         
+    steps:
+      - uses: actions/checkout@v3
+
+      # This step reads a file from repo and use it for body of the release
+      # This works on any self-hosted runner OS
+      - name: Read release.md and use it as a body of new release
+        id: read_release
+        shell: bash
+        run: |
+          r=$(cat path/to/release.md)                       # <--- Read release.md (Provide correct path as per your repo)
+          r="${r//'%'/'%25'}"                               # Multiline escape sequences for %
+          r="${r//$'\n'/'%0A'}"                             # Multiline escape sequences for '\n'
+          r="${r//$'\r'/'%0D'}"                             # Multiline escape sequences for '\r'
+          echo "RELEASE_BODY=$r" >> $GITHUB_OUTPUT          # <--- Set environment variable
+
+      - name: Upload Binaries to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ github.ref }}
+          body: |
+            ${{ steps.read_release.outputs.RELEASE_BODY }}  # <--- Use environment variables that was created earlier
+
+```
+
+### Permissions
+
+This actions requires writes access to the release. If you are using [granular permissions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions)
+in your workflow, you will need to add the `contents: write` permission to the token:
+
+```yaml
+permissions:
+  contents: write
+```
+
 ## Releasing
 
 To release this Action:

action.yml

@@ -8,20 +8,26 @@ inputs:
   repo_token:
     description: 'GitHub token.'
     required: true
+    default: ${{ github.token }}
   file:
     description: 'Local file to upload.'
     required: true
   tag:
     description: 'Tag to use as a release.'
     required: true
+    default: ${{ github.ref }}
   asset_name:
     description: 'Name of the asset. When not provided will use the file name. Unused if file_glob is set to "true".'
   overwrite:
     description: 'Overwrite the release in case it already exists.'
+  promote:
+    description: 'Promote a prerelease to release. Defaults to "false".'
   file_glob:
     description: 'If true the file can be a glob pattern, asset_name is ignored if this is true.'
   prerelease:
     description: 'Mark the release as a pre-release. Defaults to "false".'
+  make_latest:
+    description: 'Mark the release the latest release for the repository. Defaults to "true".'
   release_name:
     description: 'Explicitly set a release name. Defaults to empty which will cause the release to take the tag as name on GitHub.'
   body:
@@ -32,5 +38,5 @@ outputs:
   browser_download_url:
     description: 'The publicly available URL of the asset.'
 runs:
-  using: 'node12'
+  using: 'node16'
   main: 'dist/index.js'

package.json

@@ -1,6 +1,6 @@
 {
   "name": "upload-release-action",
-  "version": "2.2.1",
+  "version": "2.6.0",
   "private": true,
   "description": "Upload files to a GitHub release",
   "main": "lib/main.js",
@@ -27,24 +27,27 @@
   "author": "Sven-Hendrik Haase",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.2.6",
+    "@actions/core": "^1.10.0",
-    "@actions/github": "^4.0.0",
+    "@actions/github": "^5.1.1",
-    "@types/glob": "^7.1.2",
+    "@lifeomic/attempt": "^3.0.3",
-    "glob": "^7.1.6"
+    "@octokit/core": "^4.2.1",
+    "glob": "^10"
   },
   "devDependencies": {
-    "@types/jest": "^24.9.1",
+    "@octokit/types": "^9.2.3",
-    "@types/node": "^12.12.64",
+    "@types/glob": "^8",
-    "@typescript-eslint/parser": "^3.5.0",
+    "@types/jest": "^29",
-    "@zeit/ncc": "^0.22.3",
+    "@types/node": "^16",
-    "eslint": "^7.10.0",
+    "@typescript-eslint/parser": "^5",
-    "eslint-plugin-github": "^4.0.1",
+    "@vercel/ncc": "^0.36.1",
-    "eslint-plugin-jest": "^23.17.1",
+    "eslint": "^8",
-    "jest": "^26.5.2",
+    "eslint-plugin-github": "^4.7",
-    "jest-circus": "^26.5.2",
+    "eslint-plugin-jest": "^27",
-    "js-yaml": "^3.14.0",
+    "jest": "^29",
-    "prettier": "^2.0.5",
+    "jest-circus": "^29",
-    "ts-jest": "^26.4.1",
+    "js-yaml": "^4",
-    "typescript": "^3.9.6"
+    "prettier": "^2.8",
+    "ts-jest": "^29",
+    "typescript": "^5"
   }
 }

src/main.ts

@@ -5,35 +5,54 @@ import * as core from '@actions/core'
 import * as github from '@actions/github'
 import * as path from 'path'
 import * as glob from 'glob'
+import {retry} from '@lifeomic/attempt'
 
-type RepoAssetsResp = Endpoints['GET /repos/:owner/:repo/releases/:release_id/assets']['response']['data']
+const releaseByTag = 'GET /repos/{owner}/{repo}/releases/tags/{tag}' as const
-type ReleaseByTagResp = Endpoints['GET /repos/:owner/:repo/releases/tags/:tag']['response']
+const createRelease = 'POST /repos/{owner}/{repo}/releases' as const
-type CreateReleaseResp = Endpoints['POST /repos/:owner/:repo/releases']['response']
+const updateRelease =
-type UploadAssetResp = Endpoints['POST /repos/:owner/:repo/releases/:release_id/assets{?name,label}']['response']
+  'PATCH /repos/{owner}/{repo}/releases/{release_id}' as const
+const repoAssets =
+  'GET /repos/{owner}/{repo}/releases/{release_id}/assets' as const
+const uploadAssets =
+  'POST {origin}/repos/{owner}/{repo}/releases/{release_id}/assets{?name,label}' as const
+const deleteAssets =
+  'DELETE /repos/{owner}/{repo}/releases/assets/{asset_id}' as const
+
+type ReleaseByTagResp = Endpoints[typeof releaseByTag]['response']
+type CreateReleaseResp = Endpoints[typeof createRelease]['response']
+type RepoAssetsResp = Endpoints[typeof repoAssets]['response']['data']
+type UploadAssetResp = Endpoints[typeof uploadAssets]['response']
+type UpdateReleaseResp = Endpoints[typeof updateRelease]['response']
+type UpdateReleaseParams = Endpoints[typeof updateRelease]['parameters']
 
 async function get_release_by_tag(
   tag: string,
   prerelease: boolean,
+  make_latest: boolean,
   release_name: string,
   body: string,
-  octokit: Octokit
+  octokit: Octokit,
-): Promise<ReleaseByTagResp | CreateReleaseResp> {
+  overwrite: boolean,
+  promote: boolean
+): Promise<ReleaseByTagResp | CreateReleaseResp | UpdateReleaseResp> {
+  let release: ReleaseByTagResp
   try {
     core.debug(`Getting release by tag ${tag}.`)
-    return await octokit.repos.getReleaseByTag({
+    release = await octokit.request(releaseByTag, {
       ...repo(),
       tag: tag
     })
-  } catch (error) {
+  } catch (error: any) {
     // If this returns 404, we need to create the release first.
     if (error.status === 404) {
       core.debug(
         `Release for tag ${tag} doesn't exist yet so we'll create it now.`
       )
-      return await octokit.repos.createRelease({
+      return await octokit.request(createRelease, {
         ...repo(),
         tag_name: tag,
         prerelease: prerelease,
+        make_latest: make_latest ? 'true' : 'false',
         name: release_name,
         body: body
       })
@@ -41,15 +60,45 @@ async function get_release_by_tag(
       throw error
     }
   }
+  let updateObject: Partial<UpdateReleaseParams> | undefined
+  if (promote && release.data.prerelease) {
+    core.debug(`The ${tag} is a prerelease, promoting it to a release.`)
+    updateObject = updateObject || {}
+    updateObject.prerelease = false
+  }
+  if (overwrite) {
+    if (release.data.name !== release_name) {
+      core.debug(
+        `The ${tag} release already exists with a different name ${release.data.name} so we'll overwrite it.`
+      )
+      updateObject = updateObject || {}
+      updateObject.name = release_name
+    }
+    if (release.data.body !== body) {
+      core.debug(
+        `The ${tag} release already exists with a different body ${release.data.body} so we'll overwrite it.`
+      )
+      updateObject = updateObject || {}
+      updateObject.body = body
+    }
+  }
+  if (updateObject) {
+    return octokit.request(updateRelease, {
+      ...repo(),
+      ...updateObject,
+      release_id: release.data.id
+    })
+  }
+  return release
 }
 
 async function upload_to_release(
-  release: ReleaseByTagResp | CreateReleaseResp,
+  release: ReleaseByTagResp | CreateReleaseResp | UpdateReleaseResp,
   file: string,
   asset_name: string,
   tag: string,
   overwrite: boolean,
-  octokit: Octokit
+  octokit: ReturnType<(typeof github)['getOctokit']>
 ): Promise<undefined | string> {
   const stat = fs.statSync(file)
   if (!stat.isFile()) {
@@ -57,23 +106,23 @@ async function upload_to_release(
     return
   }
   const file_size = stat.size
-  const file_bytes = fs.readFileSync(file)
+  if (file_size === 0) {
+    core.debug(`Skipping ${file}, since its size is 0`)
+    return
+  }
 
   // Check for duplicates.
-  const assets: RepoAssetsResp = await octokit.paginate(
+  const assets: RepoAssetsResp = await octokit.paginate(repoAssets, {
-    octokit.repos.listReleaseAssets,
-    {
     ...repo(),
     release_id: release.data.id
-    }
+  })
-  )
   const duplicate_asset = assets.find(a => a.name === asset_name)
   if (duplicate_asset !== undefined) {
     if (overwrite) {
       core.debug(
         `An asset called ${asset_name} already exists in release ${tag} so we'll overwrite it.`
       )
-      await octokit.repos.deleteReleaseAsset({
+      await octokit.request(deleteAssets, {
         ...repo(),
         asset_id: duplicate_asset.id
       })
@@ -88,15 +137,22 @@ async function upload_to_release(
   }
 
   core.debug(`Uploading ${file} to ${asset_name} in release ${tag}.`)
-  const uploaded_asset: UploadAssetResp = await octokit.repos.uploadReleaseAsset(
+  const uploaded_asset: UploadAssetResp = await retry(
-    {
+    async () => {
+      return octokit.request(uploadAssets, {
+        ...repo(),
+        release_id: release.data.id,
         url: release.data.upload_url,
         name: asset_name,
-      data: file_bytes,
+        data: fs.createReadStream(file) as any,
         headers: {
           'content-type': 'binary/octet-stream',
           'content-length': file_size
         }
+      })
+    },
+    {
+      maxAttempts: 3
     }
   )
   return uploaded_asset.data.browser_download_url
@@ -108,17 +164,17 @@ function repo(): {owner: string; repo: string} {
   if (!repo_name) {
     return github.context.repo
   }
-  const owner = repo_name.substr(0, repo_name.indexOf('/'))
+  const owner = repo_name.substring(0, repo_name.indexOf('/'))
   if (!owner) {
     throw new Error(`Could not extract 'owner' from 'repo_name': ${repo_name}.`)
   }
-  const repo = repo_name.substr(repo_name.indexOf('/') + 1)
+  const repo_ = repo_name.substring(repo_name.indexOf('/') + 1)
-  if (!repo) {
+  if (!repo_) {
     throw new Error(`Could not extract 'repo' from 'repo_name': ${repo_name}.`)
   }
   return {
     owner,
-    repo
+    repo: repo_
   }
 }
 
@@ -134,27 +190,36 @@ async function run(): Promise<void> {
 
     const file_glob = core.getInput('file_glob') == 'true' ? true : false
     const overwrite = core.getInput('overwrite') == 'true' ? true : false
+    const promote = core.getInput('promote') == 'true' ? true : false
     const prerelease = core.getInput('prerelease') == 'true' ? true : false
+    const make_latest = core.getInput('make_latest') != 'false' ? true : false
     const release_name = core.getInput('release_name')
-    const body = core.getInput('body')
+    const body = core
+      .getInput('body')
+      .replace(/%0A/gi, '\n')
+      .replace(/%0D/gi, '\r')
+      .replace(/%25/g, '%')
 
-    const octokit: Octokit = github.getOctokit(token)
+    const octokit = github.getOctokit(token)
     const release = await get_release_by_tag(
       tag,
       prerelease,
+      make_latest,
       release_name,
       body,
-      octokit
+      octokit,
+      overwrite,
+      promote
     )
 
     if (file_glob) {
       const files = glob.sync(file)
       if (files.length > 0) {
-        for (const file of files) {
+        for (const file_ of files) {
-          const asset_name = path.basename(file)
+          const asset_name = path.basename(file_)
           const asset_download_url = await upload_to_release(
             release,
-            file,
+            file_,
             asset_name,
             tag,
             overwrite,
@@ -180,7 +245,7 @@ async function run(): Promise<void> {
       )
       core.setOutput('browser_download_url', asset_download_url)
     }
-  } catch (error) {
+  } catch (error: any) {
     core.setFailed(error.message)
   }
 }