Merge pull request #251 from konradpabjan/main

Deploy pages using artifact IDs

.github/workflows/check-dist.yml

@@ -22,10 +22,10 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Setup Node.JS
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v3
         with:
           node-version-file: '.node-version'
           cache: npm

.github/workflows/check-formatting.yml

@@ -19,10 +19,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Setup Node.JS
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v3
         with:
           node-version-file: '.node-version'
           cache: npm

.github/workflows/check-linter.yml

@@ -19,10 +19,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Setup Node.JS
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v3
         with:
           node-version-file: '.node-version'
           cache: npm

.github/workflows/codeql-analysis.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL

.github/workflows/draft-release.yml

@@ -11,6 +11,6 @@ jobs:
   draft-release:
     runs-on: ubuntu-latest
     steps:
-      - uses: release-drafter/release-drafter@09c613e259eb8d4e7c81c2cb00618eb5fc4575a7 # v5.25.0
+      - uses: release-drafter/release-drafter@65c5fb495d1e69aa8c08a3317bc44ff8aabe9772 # v5.24.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/rebuild-dependabot-prs.yml

@@ -22,12 +22,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
         with:
           token: ${{ secrets.PAGES_AUTOMATION_PAT }}
 
       - name: Setup Node.JS
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v3
         with:
           node-version-file: '.node-version'
           cache: npm

.github/workflows/test.yml

@@ -14,10 +14,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Setup Node.JS
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v3
         with:
           node-version-file: '.node-version'
           cache: npm

README.md

@@ -6,11 +6,11 @@ This action is used to deploy [Actions artifacts][artifacts] to [GitHub Pages](h
 
 ## Usage
 
-See [action.yml](action.yml) for the various `inputs` this action supports.
+See [action.yml](action.yml) for the various `inputs` this action supports (or [below](#inputs-📥)).
 
 For examples that make use of this action, check out our [starter-workflows][starter-workflows] in a variety of frameworks.
 
-This action expects an artifact named `github-pages` to have been created prior to execution. This is done automatically when using [`actions/upload-pages-artifact`][upload-pages-artifact].
+This action deploys a Pages site previously uploaded as an artifact (e.g. using [`actions/upload-pages-artifact`][upload-pages-artifact]).
 
 We recommend this action to be used in a dedicated job:
 
@@ -71,7 +71,7 @@ jobs:
 
 There are a few important considerations to be aware of:
 
-1. The artifact being deployed must have been uploaded in a previous step, either in the same job or a separate job that doesn't execute until the upload is complete.
+1. The artifact being deployed must have been uploaded in a previous step, either in the same job or a separate job that doesn't execute until the upload is complete. See [`actions/upload-pages-artifact`][upload-pages-artifact] for more information about the format of the artifact we expect.
 
 2. The job that executes the deployment must at minimum have the following permissions:
    - `pages: write`

dist/licenses.txt

@@ -47,28 +47,6 @@ WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 
-@fastify/busboy
-MIT
-Copyright Brian White. All rights reserved.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to
-deal in the Software without restriction, including without limitation the
-rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-sell copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
-IN THE SOFTWARE.
-
 @octokit/auth-token
 MIT
 The MIT License
@@ -475,8 +453,6 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
 IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 
-http-status-messages
-
 is-plain-object
 MIT
 The MIT License (MIT)
@@ -575,31 +551,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 
 
-undici
-MIT
-MIT License
-
-Copyright (c) Matteo Collina and Undici contributors
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-
 universal-user-agent
 ISC
 # [ISC License](https://spdx.org/licenses/ISC)

package.json

@@ -5,20 +5,17 @@
   "main": "./dist/index.js",
   "dependencies": {
     "@actions/core": "^1.10.0",
-    "@actions/github": "^5.1.1",
+    "@actions/github": "^5.1.1"
-    "@actions/http-client": "^2.2.0",
-    "@octokit/request-error": "^5.0.1",
-    "http-status-messages": "^1.1.0"
   },
   "devDependencies": {
-    "@vercel/ncc": "^0.38.1",
+    "@vercel/ncc": "^0.36.1",
-    "eslint": "^8.54.0",
+    "eslint": "^8.44.0",
-    "eslint-config-prettier": "^9.0.0",
+    "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-github": "^4.10.1",
+    "eslint-plugin-github": "^4.8.0",
-    "jest": "^29.7.0",
+    "jest": "^29.6.1",
-    "nock": "^13.3.8",
+    "make-coverage-badge": "^1.2.0",
-    "prettier": "^3.1.0",
+    "nock": "^13.3.1",
-    "make-coverage-badge": "^1.2.0"
+    "prettier": "^3.0.0"
   },
   "scripts": {
     "all": "npm run format && npm run lint && npm run prepare && npm run test && npm run coverage-badge",

src/__tests__/index.test.js

@@ -4,9 +4,7 @@ const path = require('path')
 
 describe('with all environment variables set', () => {
   beforeEach(() => {
-    process.env.ACTIONS_RUNTIME_URL = 'http://my-url'
     process.env.GITHUB_RUN_ID = '123'
-    process.env.ACTIONS_RUNTIME_TOKEN = 'a-token'
     process.env.GITHUB_REPOSITORY = 'actions/is-awesome'
     process.env.GITHUB_TOKEN = 'gha-token'
     process.env.GITHUB_SHA = '123abc'
@@ -26,7 +24,7 @@ describe('with all environment variables set', () => {
 
 describe('with variables missing', () => {
   it('execution fails if there are missing variables', done => {
-    delete process.env.ACTIONS_RUNTIME_URL
+    delete process.env.GITHUB_RUN_ID
     const ip = path.join(__dirname, '../index.js')
     cp.exec(`node ${ip}`, { env: process.env }, (err, stdout) => {
       expect(stdout).toBe('')

src/__tests__/internal/deployment.test.js

@@ -9,9 +9,7 @@ const fakeJwt =
 describe('Deployment', () => {
   beforeEach(() => {
     jest.clearAllMocks()
-    process.env.ACTIONS_RUNTIME_URL = 'http://my-url/'
     process.env.GITHUB_RUN_ID = '123'
-    process.env.ACTIONS_RUNTIME_TOKEN = 'a-token'
     process.env.GITHUB_REPOSITORY = 'actions/is-awesome'
     process.env.GITHUB_TOKEN = 'gha-token'
     process.env.GITHUB_SHA = '123abc'
@@ -53,18 +51,18 @@ describe('Deployment', () => {
     it('can successfully create a deployment', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -84,25 +82,25 @@ describe('Deployment', () => {
         expect.stringMatching(new RegExp(`^Created deployment for ${process.env.GITHUB_SHA}`))
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
     it('can successfully create a preview deployment', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt,
           preview: true
@@ -127,36 +125,44 @@ describe('Deployment', () => {
         expect.stringMatching(new RegExp(`^Created deployment for ${process.env.GITHUB_SHA}`))
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
-    it('reports errors with failed artifact exchange', async () => {
+    it('reports errors with failed artifact metadata exchange', async () => {
       process.env.GITHUB_SHA = 'invalid-build-version'
-      const artifactExchangeScope = nock(`http://my-url`)
+
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .reply(400, {})
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(400, { message: 'Bad request' })
 
       // Create the deployment
       const deployment = new Deployment()
       await expect(deployment.create()).rejects.toEqual(
         new Error(
-          `Failed to create deployment (status: 400) with build version ${process.env.GITHUB_SHA}. Responded with: Bad Request`
+          `Failed to create deployment (status: 400) with build version ${process.env.GITHUB_SHA}. Responded with: Bad request`
         )
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
     })
 
     it('reports errors with a failed 500 in a deployment', async () => {
       process.env.GITHUB_SHA = 'build-version'
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
-        .reply(200, { value: [{ url: 'https://invalid-artifact.com', name: 'github-pages' }] })
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(200, {
+          total_count: 1,
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
+        })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://invalid-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA
         })
         .reply(500, { message: 'oh no' })
@@ -169,19 +175,24 @@ describe('Deployment', () => {
         )
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
     it('reports errors with an unexpected 403 during deployment', async () => {
       process.env.GITHUB_SHA = 'build-version'
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
-        .reply(200, { value: [{ url: 'https://invalid-artifact.com', name: 'github-pages' }] })
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(200, {
+          total_count: 1,
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
+        })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://invalid-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA
         })
         .reply(403, { message: 'You are forbidden' })
@@ -194,19 +205,24 @@ describe('Deployment', () => {
         )
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
     it('reports errors with an unexpected 404 during deployment', async () => {
       process.env.GITHUB_SHA = 'build-version'
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
-        .reply(200, { value: [{ url: 'https://invalid-artifact.com', name: 'github-pages' }] })
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(200, {
+          total_count: 1,
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
+        })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://invalid-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA
         })
         .reply(404, { message: 'Not found' })
@@ -219,19 +235,24 @@ describe('Deployment', () => {
         )
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
     it('reports errors with failed deployments', async () => {
       process.env.GITHUB_SHA = 'invalid-build-version'
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
-        .reply(200, { value: [{ url: 'https://invalid-artifact.com', name: 'github-pages' }] })
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(200, {
+          total_count: 1,
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
+        })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://invalid-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA
         })
         .reply(400, { message: 'Bad request' })
@@ -244,26 +265,100 @@ describe('Deployment', () => {
         )
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
+    it('fails if there are multiple artifacts with the same name', async () => {
+      process.env.GITHUB_SHA = 'valid-build-version'
+
+      const artifactMetadataScope = nock(`https://api.github.com`)
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(200, {
+          total_count: 2,
+          artifacts: [
+            {
+              id: 13,
+              name: `github-pages`,
+              size_in_bytes: 1400
+            },
+            {
+              id: 14,
+              name: `github-pages`,
+              size_in_bytes: 1620
+            }
+          ]
+        })
+
+      const deployment = new Deployment()
+      await expect(deployment.create(fakeJwt)).rejects.toThrow(
+        `Multiple artifact unexpectedly found for workflow run ${process.env.GITHUB_RUN_ID}. Artifact count is 2.`
+      )
+
+      artifactMetadataScope.done()
+    })
+
+    it('fails if there are no artifacts found', async () => {
+      process.env.GITHUB_SHA = 'valid-build-version'
+
+      const artifactMetadataScope = nock(`https://api.github.com`)
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(200, {
+          total_count: 0,
+          artifacts: []
+        })
+
+      const deployment = new Deployment()
+      await expect(deployment.create(fakeJwt)).rejects.toThrow(
+        `No artifacts found for workflow run ${process.env.GITHUB_RUN_ID}. Ensure artifacts are uploaded with actions/artifact@v4 or later.`
+      )
+
+      artifactMetadataScope.done()
+    })
+
+    it('fails with error message if list artifact endpoint returns 500', async () => {
+      process.env.GITHUB_SHA = 'valid-build-version'
+
+      const artifactMetadataScope = nock(`https://api.github.com`)
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
+        .reply(500, { message: 'oh no' })
+
+      const deployment = new Deployment()
+      await expect(deployment.create(fakeJwt)).rejects.toThrow(
+        `Failed to create deployment (status: 500) with build version valid-build-version. Server error, is githubstatus.com reporting a Pages outage? Please re-run the deployment at a later time.`
+      )
+
+      artifactMetadataScope.done()
+    })
+
     it('warns if the artifact size is bigger than maximum', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
       const artifactSize = ONE_GIGABYTE + 1
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://fake-artifact.com', name: 'github-pages', size: `${artifactSize}` },
+          artifacts: [
-            { url: 'https://another-artifact.com', name: 'another-artifact' }
+            {
+              id: 12,
+              name: `github-pages`,
+              size_in_bytes: `${artifactSize}`
+            }
           ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 12,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -283,25 +378,25 @@ describe('Deployment', () => {
         expect.stringMatching(new RegExp(`^Created deployment for ${process.env.GITHUB_SHA}`))
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
     it('warns when the timeout is greater than the maximum allowed', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -332,7 +427,7 @@ describe('Deployment', () => {
         `Warning: timeout value is greater than the allowed maximum - timeout set to the maximum of ${MAX_TIMEOUT} milliseconds.`
       )
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
   })
@@ -341,18 +436,18 @@ describe('Deployment', () => {
     it('sets output to success when deployment is successful', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -377,7 +472,7 @@ describe('Deployment', () => {
       expect(core.setOutput).toBeCalledWith('status', 'succeed')
       expect(core.info).toHaveBeenLastCalledWith('Reported success!')
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
       deploymentStatusScope.done()
     })
@@ -392,18 +487,18 @@ describe('Deployment', () => {
     it('exits early when deployment is not in progress', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -420,25 +515,25 @@ describe('Deployment', () => {
       await deployment.check()
       expect(core.setFailed).toBeCalledWith('Unable to get deployment status.')
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
     })
 
     it('enforces max timeout', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -485,7 +580,7 @@ describe('Deployment', () => {
       expect(core.error).toBeCalledWith('Timeout reached, aborting!')
       expect(core.setFailed).toBeCalledWith('Timeout reached, aborting!')
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
       cancelDeploymentScope.done()
     })
@@ -493,18 +588,18 @@ describe('Deployment', () => {
     it('sets timeout to user timeout if user timeout is less than max timeout', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -551,7 +646,7 @@ describe('Deployment', () => {
       expect(core.error).toBeCalledWith('Timeout reached, aborting!')
       expect(core.setFailed).toBeCalledWith('Timeout reached, aborting!')
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
       cancelDeploymentScope.done()
     })
@@ -559,18 +654,18 @@ describe('Deployment', () => {
     it('sets output to success when timeout is set but not reached', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -620,7 +715,7 @@ describe('Deployment', () => {
       expect(core.setOutput).toBeCalledWith('status', 'succeed')
       expect(core.info).toHaveBeenLastCalledWith('Reported success!')
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
       deploymentStatusScope.done()
     })
@@ -630,18 +725,18 @@ describe('Deployment', () => {
     it('can successfully cancel a deployment', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -665,7 +760,7 @@ describe('Deployment', () => {
 
       expect(core.info).toHaveBeenLastCalledWith(`Canceled deployment with ID ${process.env.GITHUB_SHA}`)
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
       cancelDeploymentScope.done()
     })
@@ -686,18 +781,18 @@ describe('Deployment', () => {
     it('catches an error when trying to cancel a deployment', async () => {
       process.env.GITHUB_SHA = 'valid-build-version'
 
-      const artifactExchangeScope = nock(`http://my-url`)
+      const artifactMetadataScope = nock(`https://api.github.com`)
-        .get('/_apis/pipelines/workflows/123/artifacts?api-version=6.0-preview')
+        .get(
+          `/repos/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}/artifacts?name=github-pages`
+        )
         .reply(200, {
-          value: [
+          total_count: 1,
-            { url: 'https://another-artifact.com', name: 'another-artifact' },
+          artifacts: [{ id: 11, name: `github-pages`, size_in_bytes: 221 }]
-            { url: 'https://fake-artifact.com', name: 'github-pages' }
-          ]
         })
 
       const createDeploymentScope = nock('https://api.github.com')
         .post(`/repos/${process.env.GITHUB_REPOSITORY}/pages/deployments`, {
-          artifact_url: 'https://fake-artifact.com&%24expand=SignedContent',
+          artifact_id: 11,
           pages_build_version: process.env.GITHUB_SHA,
           oidc_token: fakeJwt
         })
@@ -722,7 +817,7 @@ describe('Deployment', () => {
 
       expect(core.error).toHaveBeenCalledWith(`Canceling Pages deployment failed`, expect.anything())
 
-      artifactExchangeScope.done()
+      artifactMetadataScope.done()
       createDeploymentScope.done()
       cancelDeploymentScope.done()
     })

src/internal/api-client.js

@@ -1,119 +1,61 @@
 const core = require('@actions/core')
 const github = require('@actions/github')
-const hc = require('@actions/http-client')
-const { RequestError } = require('@octokit/request-error')
-const HttpStatusMessages = require('http-status-messages')
 
-// All variables we need from the runtime are loaded here
+async function getArtifactMetadata({ githubToken, runId, artifactName }) {
-const getContext = require('./context')
+  const octokit = github.getOctokit(githubToken)
-
-async function processRuntimeResponse(res, requestOptions) {
-  // Parse the response body as JSON
-  let obj = null
-  try {
-    const contents = await res.readBody()
-    if (contents && contents.length > 0) {
-      obj = JSON.parse(contents)
-    }
-  } catch (error) {
-    // Invalid resource (contents not json); leaving resulting obj as null
-  }
-
-  // Specific response shape aligned with Octokit
-  const response = {
-    url: res.message?.url || requestOptions.url,
-    status: res.message?.statusCode || 0,
-    headers: {
-      ...res.message?.headers
-    },
-    data: obj
-  }
-
-  // Forcibly throw errors for negative HTTP status codes!
-  // @actions/http-client doesn't do this by default.
-  // Mimic the errors thrown by Octokit for consistency.
-  if (response.status >= 400) {
-    // Try to get an error message from the response body
-    const errorMsg =
-      (typeof response.data === 'string' && response.data) ||
-      response.data?.error ||
-      response.data?.message ||
-      // Try the Node HTTP IncomingMessage's statusMessage property
-      res.message?.statusMessage ||
-      // Fallback to the HTTP status message based on the status code
-      HttpStatusMessages[response.status] ||
-      // Or if the status code is unexpected...
-      `Unknown error (${response.status})`
-
-    throw new RequestError(errorMsg, response.status, {
-      response,
-      request: requestOptions
-    })
-  }
-
-  return response
-}
-
-async function getSignedArtifactMetadata({ runtimeToken, workflowRunId, artifactName }) {
-  const { runTimeUrl: RUNTIME_URL } = getContext()
-  const artifactExchangeUrl = `${RUNTIME_URL}_apis/pipelines/workflows/${workflowRunId}/artifacts?api-version=6.0-preview`
-
-  const httpClient = new hc.HttpClient()
-  let data = null
 
   try {
-    const requestHeaders = {
+    core.info(`Fetching artifact metadata for ${artifactName} in run ${runId}`)
-      accept: 'application/json',
+
-      authorization: `Bearer ${runtimeToken}`
+    const response = await octokit.request(
-    }
+      'GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts?name={artifactName}',
-    const requestOptions = {
+      {
-      method: 'GET',
+        owner: github.context.repo.owner,
-      url: artifactExchangeUrl,
+        repo: github.context.repo.repo,
-      headers: {
+        run_id: runId,
-        ...requestHeaders
+        artifactName: artifactName
-      },
+      }
-      body: null
+    )
+
+    const artifactCount = response.data.total_count
+    core.debug(`List artifact count: ${artifactCount}`)
+
+    if (artifactCount === 0) {
+      throw new Error(
+        `No artifacts found for workflow run ${runId}. Ensure artifacts are uploaded with actions/artifact@v4 or later.`
+      )
+    } else if (artifactCount > 1) {
+      throw new Error(
+        `Multiple artifact unexpectedly found for workflow run ${runId}. Artifact count is ${artifactCount}.`
+      )
     }
 
-    core.info(`Artifact exchange URL: ${artifactExchangeUrl}`)
+    const artifact = response.data.artifacts[0]
-    const res = await httpClient.get(artifactExchangeUrl, requestHeaders)
+    core.debug(`Artifact: ${JSON.stringify(artifact)}`)
 
-    // May throw a RequestError (HttpError)
+    const artifactSize = artifact.size_in_bytes
-    const response = await processRuntimeResponse(res, requestOptions)
+    if (!artifactSize) {
+      core.warning('Artifact size was not found. Unable to verify if artifact size exceeds the allowed size.')
+    }
 
-    data = response.data
+    return {
-    core.debug(JSON.stringify(data))
+      id: artifact.id,
+      size: artifactSize
+    }
   } catch (error) {
-    core.error('Getting signed artifact URL failed', error)
+    core.error(
+      'Fetching artifact metadata failed. Is githubstatus.com reporting issues with API requests, Pages or Actions? Please re-run the deployment at a later time.',
+      error
+    )
     throw error
   }
-
-  const artifact = data?.value?.find(artifact => artifact.name === artifactName)
-  const artifactRawUrl = artifact?.url
-  if (!artifactRawUrl) {
-    throw new Error(
-      'No uploaded artifact was found! Please check if there are any errors at build step, or uploaded artifact name is correct.'
-    )
-  }
-
-  const signedArtifactUrl = `${artifactRawUrl}&%24expand=SignedContent`
-
-  const artifactSize = artifact?.size
-  if (!artifactSize) {
-    core.warning('Artifact size was not found. Unable to verify if artifact size exceeds the allowed size.')
-  }
-
-  return {
-    url: signedArtifactUrl,
-    size: artifactSize
-  }
 }
 
-async function createPagesDeployment({ githubToken, artifactUrl, buildVersion, idToken, isPreview = false }) {
+async function createPagesDeployment({ githubToken, artifactId, buildVersion, idToken, isPreview = false }) {
   const octokit = github.getOctokit(githubToken)
 
   const payload = {
-    artifact_url: artifactUrl,
+    artifact_id: artifactId,
     pages_build_version: buildVersion,
     oidc_token: idToken
   }
@@ -173,7 +115,7 @@ async function cancelPagesDeployment({ githubToken, deploymentId }) {
 }
 
 module.exports = {
-  getSignedArtifactMetadata,
+  getArtifactMetadata,
   createPagesDeployment,
   getPagesDeploymentStatus,
   cancelPagesDeployment

src/internal/context.js

@@ -3,9 +3,7 @@ const core = require('@actions/core')
 // Load variables from Actions runtime
 function getRequiredVars() {
   return {
-    runTimeUrl: process.env.ACTIONS_RUNTIME_URL,
     workflowRun: process.env.GITHUB_RUN_ID,
-    runTimeToken: process.env.ACTIONS_RUNTIME_TOKEN,
     repositoryNwo: process.env.GITHUB_REPOSITORY,
     buildVersion: process.env.GITHUB_SHA,
     buildActor: process.env.GITHUB_ACTOR,

src/internal/deployment.js

@@ -3,7 +3,7 @@ const core = require('@actions/core')
 // All variables we need from the runtime are loaded here
 const getContext = require('./context')
 const {
-  getSignedArtifactMetadata,
+  getArtifactMetadata,
   createPagesDeployment,
   getPagesDeploymentStatus,
   cancelPagesDeployment
@@ -17,7 +17,7 @@ const temporaryErrorStatus = {
 
 const finalErrorStatus = {
   deployment_failed: 'Deployment failed, try again later.',
-  deployment_perms_error: 'Deployment failed. Please ensure that the file permissions are correct.',
+  deployment_perms_error: 'Deployment failed, Please ensure that the file permissions are correct.',
   deployment_content_failed:
     'Artifact could not be deployed. Please ensure the content does not contain any hard links, symlinks and total size is less than 10GB.',
   deployment_cancelled: 'Deployment cancelled.',
@@ -31,9 +31,7 @@ const SIZE_LIMIT_DESCRIPTION = '1 GB'
 class Deployment {
   constructor() {
     const context = getContext()
-    this.runTimeUrl = context.runTimeUrl
     this.repositoryNwo = context.repositoryNwo
-    this.runTimeToken = context.runTimeToken
     this.buildVersion = context.buildVersion
     this.buildActor = context.buildActor
     this.actionsId = context.actionsId
@@ -48,8 +46,8 @@ class Deployment {
     this.startTime = null
   }
 
-  // Ask the runtime for the unsigned artifact URL and deploy to GitHub Pages
+  // Call GitHub api to fetch artifacts matching the provided name and deploy to GitHub Pages
-  // by creating a deployment with that artifact
+  // by creating a deployment with that artifact id
   async create(idToken) {
     if (Number(core.getInput('timeout')) > MAX_TIMEOUT) {
       core.warning(
@@ -65,9 +63,9 @@ class Deployment {
       core.debug(`Action ID: ${this.actionsId}`)
       core.debug(`Actions Workflow Run ID: ${this.workflowRun}`)
 
-      const artifactData = await getSignedArtifactMetadata({
+      const artifactData = await getArtifactMetadata({
-        runtimeToken: this.runTimeToken,
+        githubToken: this.githubToken,
-        workflowRunId: this.workflowRun,
+        runId: this.workflowRun,
         artifactName: this.artifactName
       })
 
@@ -79,7 +77,7 @@ class Deployment {
 
       const deployment = await createPagesDeployment({
         githubToken: this.githubToken,
-        artifactUrl: artifactData.url,
+        artifactId: artifactData.id,
         buildVersion: this.buildVersion,
         idToken,
         isPreview: this.isPreview