Merge pull request #404 from salmanmkc/node24

Update Node.js version to 24.x

.github/dependabot.yml

@@ -4,8 +4,14 @@ updates:
     directory: '/'
     schedule:
       interval: 'weekly'
+    groups:
+      non-breaking-changes:
+        update-types: [minor, patch]
 
   - package-ecosystem: 'npm'
     directory: '/'
     schedule:
       interval: 'weekly'
+    groups:
+      non-breaking-changes:
+        update-types: [minor, patch]

.github/release-drafter.yml

@@ -10,7 +10,7 @@ template: |
 
   See details of [all code changes](https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION) since previous release.
 
-  :warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the [compatibility table](https://github.com/$OWNER/$REPOSITORY/#compatibilty).
+  :warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the [compatibility table](https://github.com/$OWNER/$REPOSITORY/#compatibility).
 categories:
   - title: '🚀 Features'
     labels:

.github/workflows/check-dist.yml

@@ -46,7 +46,7 @@ jobs:
           fi
 
       # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/codeql-analysis.yml

@@ -42,7 +42,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -53,7 +53,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v3
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -67,4 +67,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3

.github/workflows/draft-release.yml

@@ -11,6 +11,6 @@ jobs:
   draft-release:
     runs-on: ubuntu-latest
     steps:
-      - uses: release-drafter/release-drafter@09c613e259eb8d4e7c81c2cb00618eb5fc4575a7 # v5.25.0
+      - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/publish-immutable-actions.yml

@@ -0,0 +1,20 @@
+name: 'Publish Immutable Action Version'
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+
+    steps:
+      - name: Checking out
+        uses: actions/checkout@v4
+      - name: Publish
+        id: publish
+        uses: actions/publish-immutable-action@0.0.3

.github/workflows/rebuild-dependabot-prs.yml

@@ -45,7 +45,7 @@ jobs:
             git add dist/
             git config --local user.name "github-actions[bot]"
             git config --local user.email "github-actions[bot]@users.noreply.github.com"
-            git commit -m "Update distributables after Dependabot 🤖"
+            git commit -m "[dependabot skip] Update distributables after Dependabot 🤖"
             echo "Pushing branch ${{ github.ref_name }}"
             git push origin ${{ github.ref_name }}
           fi

.github/workflows/release.yml

@@ -24,7 +24,7 @@ jobs:
     steps:
       - name: Update the ${{ env.TAG_NAME }} tag
         id: update-major-tag
-        uses: actions/publish-action@v0.2.2
+        uses: actions/publish-action@v0.3.0
         with:
           source-tag: ${{ env.TAG_NAME }}
           slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.node-version

@@ -1 +1 @@
-18.9.0
+24.4.0

README.md

@@ -6,11 +6,11 @@ This action is used to deploy [Actions artifacts][artifacts] to [GitHub Pages](h
 
 ## Usage
 
-See [action.yml](action.yml) for the various `inputs` this action supports.
+See [action.yml](action.yml) for the various `inputs` this action supports (or [below](#inputs-📥)).
 
 For examples that make use of this action, check out our [starter-workflows][starter-workflows] in a variety of frameworks.
 
-This action expects an artifact named `github-pages` to have been created prior to execution. This is done automatically when using [`actions/upload-pages-artifact`][upload-pages-artifact].
+This action deploys a Pages site previously uploaded as an artifact (e.g. using [`actions/upload-pages-artifact`][upload-pages-artifact]).
 
 We recommend this action to be used in a dedicated job:
 
@@ -41,7 +41,7 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v2 # or the latest "vX.X.X" version tag for this action
+        uses: actions/deploy-pages@v4 # or specific "vX.X.X" version tag for this action
 ```
 
 ### Inputs 📥
@@ -51,7 +51,7 @@ jobs:
 | `token` | `true` | `${{ github.token }}` | The GitHub token used to create an authenticated client - Provided for you by default! |
 | `timeout` | `false` | `"600000"` | Time in milliseconds after which to timeout and cancel the deployment (default: 10 minutes) |
 | `error_count` | `false` | `"10"` | Maximum number of status report errors before cancelling a deployment (default: 10) |
-| `reporting_interval` | `false` | `"5000"` | Time in milliseconds between two deployment status report (default: 5 seconds) |
+| `reporting_interval` | `false` | `"5000"` | Time in milliseconds between two deployment status reports (default: 5 seconds) |
 | `artifact_name` | `false` | `"github-pages"` | The name of the artifact to deploy |
 | `preview` | `false` | `"false"` | Is this attempting to deploy a pull request as a GitHub Pages preview site? (NOTE: This feature is only in alpha currently and is not available to the public!) |
 
@@ -71,7 +71,7 @@ jobs:
 
 There are a few important considerations to be aware of:
 
-1. The artifact being deployed must have been uploaded in a previous step, either in the same job or a separate job that doesn't execute until the upload is complete.
+1. The artifact being deployed must have been uploaded in a previous step, either in the same job or a separate job that doesn't execute until the upload is complete. See [`actions/upload-pages-artifact`][upload-pages-artifact] for more information about the format of the artifact we expect.
 
 2. The job that executes the deployment must at minimum have the following permissions:
    - `pages: write`
@@ -83,12 +83,21 @@ There are a few important considerations to be aware of:
 
 5. If your Pages site is using GitHub Actions as the source, while not required we highly recommend you also [protect your environment][environment-protection] (we will configure it by default for you).
 
+## OIDC
+When we invoke a job using GitHub Actions the job requests an OIDC token from GitHub's OIDC provider which responds with a JSON web token (JWT). Each token is unique to each workflow job [learn more about OIDC tokens](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token).
+
+OIDC tokens are minted within the context of a single job, and are used to form a trust relationship which validates properties of the workflow run against a third-party (e.g. cloud providers such as AWS or Azure). In the context of GitHub Pages, this is most relevant to ensure a workflow respects branch protection settings. To do this, the OIDC token includes a claim about which branch/ref is executing the workflow. The token is passed to the pages deployment API as part of the request payload, where it's decoded internally to validate the claims and verify if that workflow is allowed to deploy to pages.
+A common question regarding OIDC tokens is the need to use both `pages:write` and `id-token:write`. The pages permission relates to the `GITHUB_TOKEN` by giving it the permissions to create pages deployments when calling the GitHub API. The id-token permission is necessary to request the OIDC JWT token. For more information on the id-token, check the docs on [adding permissions settings](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#adding-permissions-settings).
+
 ## Compatibility
 
-This action is primarily design for use with GitHub.com's Actions workflows and Pages deployments. However, certain releases should also be compatible with GitHub Enterprise Server (GHES) `3.7` and above.
+This action is primarily designed for use with GitHub.com's Actions workflows and Pages deployments. However, certain releases should also be compatible with GitHub Enterprise Server (GHES) `3.7` and above.
 
 | Release | GHES Compatibility |
 |:---|:---|
+| [`v4`](https://github.com/actions/deploy-pages/releases/tag/v4) | :warning: Incompatible at this time |
+| [`v3`](https://github.com/actions/deploy-pages/releases/tag/v3) | `>= 3.9` |
+| `v3.x.x` | `>= 3.9` |
 | [`v2`](https://github.com/actions/deploy-pages/releases/tag/v2) | `>= 3.9` |
 | `v2.x.x` | `>= 3.9` |
 | [`v1`](https://github.com/actions/deploy-pages/releases/tag/v1) | `>= 3.7` |
@@ -105,7 +114,7 @@ In order to release a new version of this Action:
 
 2. Publish the draft release from the `main` branch with semantic version as the tag name, _with_ the checkbox to publish to the GitHub Marketplace checked. :ballot_box_with_check:
 
-3. After publishing the release, the [`release` workflow][release] will automatically run to create/update the corresponding the major version tag such as `v1`.
+3. After publishing the release, the [`release` workflow][release] will automatically run to create/update the corresponding major version tag such as `v1`.
 
    ⚠️ Environment approval is required. Check the [Release workflow run list][release-workflow-runs].
 

action.yml

@@ -2,7 +2,7 @@ name: 'Deploy GitHub Pages site'
 description: 'A GitHub Action to deploy an artifact as a GitHub Pages site'
 author: 'GitHub'
 runs:
-  using: 'node20'
+  using: 'node24'
   main: 'dist/index.js'
 inputs:
   token:

coverage_badge.svg

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="116" height="20" role="img" aria-label="Coverage: 79.53%"><title>Coverage: 79.53%</title><linearGradient id="s" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="r"><rect width="116" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#r)"><rect width="63" height="20" fill="#555"/><rect x="63" width="53" height="20" fill="#e05d44"/><rect width="116" height="20" fill="url(#s)"/></g><g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="110"><text aria-hidden="true" x="325" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="530">Coverage</text><text x="325" y="140" transform="scale(.1)" fill="#fff" textLength="530">Coverage</text><text aria-hidden="true" x="885" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="430">79.53%</text><text x="885" y="140" transform="scale(.1)" fill="#fff" textLength="430">79.53%</text></g></svg>
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="116" height="20" role="img" aria-label="Coverage: 80.84%"><title>Coverage: 80.84%</title><linearGradient id="s" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="r"><rect width="116" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#r)"><rect width="63" height="20" fill="#555"/><rect x="63" width="53" height="20" fill="#dfb317"/><rect width="116" height="20" fill="url(#s)"/></g><g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="110"><text aria-hidden="true" x="325" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="530">Coverage</text><text x="325" y="140" transform="scale(.1)" fill="#fff" textLength="530">Coverage</text><text aria-hidden="true" x="885" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="430">80.84%</text><text x="885" y="140" transform="scale(.1)" fill="#fff" textLength="430">80.84%</text></g></svg>

package.json

@@ -4,21 +4,22 @@
   "description": "Deploy an actions artifact to GitHub Pages",
   "main": "./dist/index.js",
   "dependencies": {
-    "@actions/core": "^1.10.0",
+    "@actions/artifact": "^2.1.8",
-    "@actions/github": "^5.1.1",
+    "@actions/core": "^1.10.1",
-    "@actions/http-client": "^2.2.0",
+    "@actions/github": "^6.0.0",
     "@octokit/request-error": "^5.0.1",
     "http-status-messages": "^1.1.0"
   },
   "devDependencies": {
     "@vercel/ncc": "^0.38.1",
-    "eslint": "^8.54.0",
+    "eslint": "^8.57.0",
-    "eslint-config-prettier": "^9.0.0",
+    "eslint-config-prettier": "^9.1.0",
-    "eslint-plugin-github": "^4.10.1",
+    "eslint-plugin-github": "^4.10.2",
     "jest": "^29.7.0",
-    "nock": "^13.3.8",
+    "make-coverage-badge": "^1.2.0",
-    "prettier": "^3.1.0",
+    "nock": "^13.5.4",
-    "make-coverage-badge": "^1.2.0"
+    "prettier": "^3.3.3",
+    "undici": "^6.19.2"
   },
   "scripts": {
     "all": "npm run format && npm run lint && npm run prepare && npm run test && npm run coverage-badge",

src/__tests__/index.test.js

@@ -4,9 +4,7 @@ const path = require('path')
 
 describe('with all environment variables set', () => {
   beforeEach(() => {
-    process.env.ACTIONS_RUNTIME_URL = 'http://my-url'
     process.env.GITHUB_RUN_ID = '123'
-    process.env.ACTIONS_RUNTIME_TOKEN = 'a-token'
     process.env.GITHUB_REPOSITORY = 'actions/is-awesome'
     process.env.GITHUB_TOKEN = 'gha-token'
     process.env.GITHUB_SHA = '123abc'
@@ -26,7 +24,7 @@ describe('with all environment variables set', () => {
 
 describe('with variables missing', () => {
   it('execution fails if there are missing variables', done => {
-    delete process.env.ACTIONS_RUNTIME_URL
+    delete process.env.GITHUB_RUN_ID
     const ip = path.join(__dirname, '../index.js')
     cp.exec(`node ${ip}`, { env: process.env }, (err, stdout) => {
       expect(stdout).toBe('')

src/internal/api-client.js

@@ -1,119 +1,118 @@
 const core = require('@actions/core')
 const github = require('@actions/github')
-const hc = require('@actions/http-client')
+const { DefaultArtifactClient } = require('@actions/artifact')
 const { RequestError } = require('@octokit/request-error')
 const HttpStatusMessages = require('http-status-messages')
 
-// All variables we need from the runtime are loaded here
+function wrapTwirpResponseLikeOctokit(twirpResponse, requestOptions) {
-const getContext = require('./context')
-
-async function processRuntimeResponse(res, requestOptions) {
-  // Parse the response body as JSON
-  let obj = null
-  try {
-    const contents = await res.readBody()
-    if (contents && contents.length > 0) {
-      obj = JSON.parse(contents)
-    }
-  } catch (error) {
-    // Invalid resource (contents not json); leaving resulting obj as null
-  }
-
   // Specific response shape aligned with Octokit
   const response = {
-    url: res.message?.url || requestOptions.url,
+    url: requestOptions.url,
-    status: res.message?.statusCode || 0,
+    status: 200,
     headers: {
-      ...res.message?.headers
+      ...requestOptions.headers
     },
-    data: obj
+    data: twirpResponse
+  }
+  return response
 }
 
-  // Forcibly throw errors for negative HTTP status codes!
-  // @actions/http-client doesn't do this by default.
 // Mimic the errors thrown by Octokit for consistency.
-  if (response.status >= 400) {
+function wrapTwirpErrorLikeOctokit(twirpError, requestOptions) {
-    // Try to get an error message from the response body
+  const rawErrorMsg = twirpError?.message || twirpError?.toString() || ''
-    const errorMsg =
+  const statusCodeMatch = rawErrorMsg.match(/Failed request: \((?<statusCode>\d+)\)/)
-      (typeof response.data === 'string' && response.data) ||
+  const statusCode = statusCodeMatch?.groups?.statusCode ?? 500
-      response.data?.error ||
-      response.data?.message ||
-      // Try the Node HTTP IncomingMessage's statusMessage property
-      res.message?.statusMessage ||
-      // Fallback to the HTTP status message based on the status code
-      HttpStatusMessages[response.status] ||
-      // Or if the status code is unexpected...
-      `Unknown error (${response.status})`
 
-    throw new RequestError(errorMsg, response.status, {
+  // Try to provide the best error message
-      response,
+  const errorMsg =
+    rawErrorMsg ||
+    // Fallback to the HTTP status message based on the status code
+    HttpStatusMessages[statusCode] ||
+    // Or if the status code is unexpected...
+    `Unknown error (${statusCode})`
+
+  // RequestError is an Octokit-specific class
+  return new RequestError(errorMsg, statusCode, {
+    response: {
+      url: requestOptions.url,
+      status: statusCode,
+      headers: {
+        ...requestOptions.headers
+      },
+      data: rawErrorMsg ? { message: rawErrorMsg } : ''
+    },
     request: requestOptions
   })
 }
 
-  return response
+function getArtifactsServiceOrigin() {
+  const resultsUrl = process.env.ACTIONS_RESULTS_URL
+  return resultsUrl ? new URL(resultsUrl).origin : ''
 }
 
-async function getSignedArtifactMetadata({ runtimeToken, workflowRunId, artifactName }) {
+async function getArtifactMetadata({ artifactName }) {
-  const { runTimeUrl: RUNTIME_URL } = getContext()
+  const artifactClient = new DefaultArtifactClient()
-  const artifactExchangeUrl = `${RUNTIME_URL}_apis/pipelines/workflows/${workflowRunId}/artifacts?api-version=6.0-preview`
 
-  const httpClient = new hc.HttpClient()
+  // Primarily for debugging purposes, accuracy is not critical
-  let data = null
+  const requestOptions = {
+    method: 'POST',
+    url: `${getArtifactsServiceOrigin()}/twirp/github.actions.results.api.v1.ArtifactService/ListArtifacts`,
+    headers: {
+      'content-type': 'application/json'
+    },
+    body: {}
+  }
 
   try {
-    const requestHeaders = {
+    core.info(`Fetching artifact metadata for "${artifactName}" in this workflow run`)
-      accept: 'application/json',
+
-      authorization: `Bearer ${runtimeToken}`
+    let response
-    }
+    try {
-    const requestOptions = {
+      const twirpResponse = await artifactClient.listArtifacts()
-      method: 'GET',
+      response = wrapTwirpResponseLikeOctokit(twirpResponse, requestOptions)
-      url: artifactExchangeUrl,
+    } catch (twirpError) {
-      headers: {
+      core.error('Listing artifact metadata failed', twirpError)
-        ...requestHeaders
+      const octokitError = wrapTwirpErrorLikeOctokit(twirpError, requestOptions)
-      },
+      throw octokitError
-      body: null
     }
 
-    core.info(`Artifact exchange URL: ${artifactExchangeUrl}`)
+    const filteredArtifacts = response.data.artifacts.filter(artifact => artifact.name === artifactName)
-    const res = await httpClient.get(artifactExchangeUrl, requestHeaders)
 
-    // May throw a RequestError (HttpError)
+    const artifactCount = filteredArtifacts.length
-    const response = await processRuntimeResponse(res, requestOptions)
+    core.debug(`List artifact count: ${artifactCount}`)
 
-    data = response.data
+    if (artifactCount === 0) {
-    core.debug(JSON.stringify(data))
-  } catch (error) {
-    core.error('Getting signed artifact URL failed', error)
-    throw error
-  }
-
-  const artifact = data?.value?.find(artifact => artifact.name === artifactName)
-  const artifactRawUrl = artifact?.url
-  if (!artifactRawUrl) {
       throw new Error(
-      'No uploaded artifact was found! Please check if there are any errors at build step, or uploaded artifact name is correct.'
+        `No artifacts named "${artifactName}" were found for this workflow run. Ensure artifacts are uploaded with actions/upload-artifact@v4 or later.`
+      )
+    } else if (artifactCount > 1) {
+      throw new Error(
+        `Multiple artifacts named "${artifactName}" were unexpectedly found for this workflow run. Artifact count is ${artifactCount}.`
       )
     }
 
-  const signedArtifactUrl = `${artifactRawUrl}&%24expand=SignedContent`
+    const artifact = filteredArtifacts[0]
+    core.debug(`Artifact: ${JSON.stringify(artifact)}`)
 
-  const artifactSize = artifact?.size
+    if (!artifact.size) {
-  if (!artifactSize) {
       core.warning('Artifact size was not found. Unable to verify if artifact size exceeds the allowed size.')
     }
 
-  return {
+    return artifact
-    url: signedArtifactUrl,
+  } catch (error) {
-    size: artifactSize
+    core.error(
+      'Fetching artifact metadata failed. Is githubstatus.com reporting issues with API requests, Pages, or Actions? Please re-run the deployment at a later time.',
+      error
+    )
+    throw error
   }
 }
 
-async function createPagesDeployment({ githubToken, artifactUrl, buildVersion, idToken, isPreview = false }) {
+async function createPagesDeployment({ githubToken, artifactId, buildVersion, idToken, isPreview = false }) {
   const octokit = github.getOctokit(githubToken)
 
   const payload = {
-    artifact_url: artifactUrl,
+    artifact_id: artifactId,
     pages_build_version: buildVersion,
     oidc_token: idToken
   }
@@ -173,7 +172,7 @@ async function cancelPagesDeployment({ githubToken, deploymentId }) {
 }
 
 module.exports = {
-  getSignedArtifactMetadata,
+  getArtifactMetadata,
   createPagesDeployment,
   getPagesDeploymentStatus,
   cancelPagesDeployment

src/internal/context.js

@@ -3,9 +3,7 @@ const core = require('@actions/core')
 // Load variables from Actions runtime
 function getRequiredVars() {
   return {
-    runTimeUrl: process.env.ACTIONS_RUNTIME_URL,
     workflowRun: process.env.GITHUB_RUN_ID,
-    runTimeToken: process.env.ACTIONS_RUNTIME_TOKEN,
     repositoryNwo: process.env.GITHUB_REPOSITORY,
     buildVersion: process.env.GITHUB_SHA,
     buildActor: process.env.GITHUB_ACTOR,

src/internal/deployment.js

@@ -3,7 +3,7 @@ const core = require('@actions/core')
 // All variables we need from the runtime are loaded here
 const getContext = require('./context')
 const {
-  getSignedArtifactMetadata,
+  getArtifactMetadata,
   createPagesDeployment,
   getPagesDeploymentStatus,
   cancelPagesDeployment
@@ -17,7 +17,6 @@ const temporaryErrorStatus = {
 
 const finalErrorStatus = {
   deployment_failed: 'Deployment failed, try again later.',
-  deployment_perms_error: 'Deployment failed. Please ensure that the file permissions are correct.',
   deployment_content_failed:
     'Artifact could not be deployed. Please ensure the content does not contain any hard links, symlinks and total size is less than 10GB.',
   deployment_cancelled: 'Deployment cancelled.',
@@ -31,9 +30,7 @@ const SIZE_LIMIT_DESCRIPTION = '1 GB'
 class Deployment {
   constructor() {
     const context = getContext()
-    this.runTimeUrl = context.runTimeUrl
     this.repositoryNwo = context.repositoryNwo
-    this.runTimeToken = context.runTimeToken
     this.buildVersion = context.buildVersion
     this.buildActor = context.buildActor
     this.actionsId = context.actionsId
@@ -48,8 +45,8 @@ class Deployment {
     this.startTime = null
   }
 
-  // Ask the runtime for the unsigned artifact URL and deploy to GitHub Pages
+  // Call GitHub api to fetch artifacts matching the provided name and deploy to GitHub Pages
-  // by creating a deployment with that artifact
+  // by creating a deployment with that artifact id
   async create(idToken) {
     if (Number(core.getInput('timeout')) > MAX_TIMEOUT) {
       core.warning(
@@ -65,11 +62,7 @@ class Deployment {
       core.debug(`Action ID: ${this.actionsId}`)
       core.debug(`Actions Workflow Run ID: ${this.workflowRun}`)
 
-      const artifactData = await getSignedArtifactMetadata({
+      const artifactData = await getArtifactMetadata({ artifactName: this.artifactName })
-        runtimeToken: this.runTimeToken,
-        workflowRunId: this.workflowRun,
-        artifactName: this.artifactName
-      })
 
       if (artifactData?.size > ONE_GIGABYTE) {
         core.warning(
@@ -79,7 +72,7 @@ class Deployment {
 
       const deployment = await createPagesDeployment({
         githubToken: this.githubToken,
-        artifactUrl: artifactData.url,
+        artifactId: artifactData.id,
         buildVersion: this.buildVersion,
         idToken,
         isPreview: this.isPreview
@@ -105,6 +98,9 @@ class Deployment {
       // build customized error message based on server response
       if (error.response) {
         let errorMessage = `Failed to create deployment (status: ${error.status}) with build version ${this.buildVersion}.`
+        if (error.response.headers['x-github-request-id']) {
+          errorMessage += ` Request ID ${error.response.headers['x-github-request-id']}`
+        }
         if (error.status === 400) {
           errorMessage += ` Responded with: ${error.message}`
         } else if (error.status === 403) {