Uploaded artifact are not zipped

[toots]

Contributing guidelines

• I've read the contributing guidelines and wholeheartedly agree

I've found a bug, and:

• The documentation does not mention anything about my problem
• There are no open or closed issues that are related to my problem

Description

Hi!

I looked for previous issues and did not find any. Apologies if I missed one.

Our build system had become flakey recently after being rock solid for a while. After tinkering and looking around, I think that I have traced it to this action.

The problem seems to be that the artifact uploaded for the docker build summary are improperly described as zip files but are in fact not compressed.

Here are a couple of breadcrumbs:

• Issue comment explaining that actions/download-artifact fails on non-zip files: [bug] download-artifact errors out downloading artifacts uploaded by upload-artifact actions/download-artifact#328 (comment)
• Relevant code from this action:

          core.info(`Build record written to ${exportRes.dockerbuildFilename} (${Util.formatFileSize(exportRes.dockerbuildSize)})`);

          let uploadRes: UploadArtifactResponse | undefined;
          if (recordUploadEnabled) {
            uploadRes = await GitHub.uploadArtifact({
              filename: exportRes.dockerbuildFilename,
              mimeType: 'application/gzip',
              retentionDays: recordRetentionDays
            });
          }

no trace of any zipping process here.

• Faulty artifact download logs: https://github.com/savonet/liquidsoap/actions/runs/13503019183/job/38070586645

You will find it pretty hard to know which artifact is failing in the last log but here's the final smoking gun:

• Uploaded docker build summary: https://github.com/savonet/liquidsoap/actions/runs/13591496099/attempts/1

Try downloading any of the docker build summary artifact in this page. You get a file named savonet~liquidsoap~1UVFX2.dockerbuild.zip for which:

% unzip savonet\~liquidsoap\~1UVFX2.dockerbuild.zip                                                                                                                                                     18:56:53
Archive:  savonet~liquidsoap~1UVFX2.dockerbuild.zip
  End-of-central-directory signature not found.  Either this file is not
  a zipfile, or it constitutes one disk of a multi-part archive.  In the
  latter case the central directory and zipfile comment will be found on
  the last disk(s) of this archive.
unzip:  cannot find zipfile directory in one of savonet~liquidsoap~1UVFX2.dockerbuild.zip or
        savonet~liquidsoap~1UVFX2.dockerbuild.zip.zip, and cannot find savonet~liquidsoap~1UVFX2.dockerbuild.zip.ZIP, period.

Expected behaviour

Artifact should be zipped before being uploaded.

Additionally, I would suggest to turn off artifact upload by default. It pollutes the build's artifact list and is only useful if the user really wants to process them.

Actual behaviour

Artifacts are not zipped before being uploaded.

Repository URL

https://github.com/savonet/liquidsoap

Workflow run URL

https://github.com/savonet/liquidsoap/actions/runs/13591496099/attempts/1

YAML workflow

name: CI
on:
  merge_group:
  pull_request:
  push:
    branches:
      - main
    tags:
      - rolling-release-*
      - v[0-9]+.[0-9]+.[0-9]+
      - v[0-9]+.[0-9]+.[0-9]+-*
    paths:
      - ".github/**"
      - "**/*.ml*"
      - "**/*.liq"
      - "**/dune"
      - "**/dune.inc"
      - "doc/**"
      - "dune-project"
      - scripts/**"

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  build_details:
    runs-on: depot-ubuntu-24.04-4
    outputs:
      branch: ${{ steps.build_details.outputs.branch }}
      sha: ${{ steps.build_details.outputs.sha }}
      is_release: ${{ steps.build_details.outputs.is_release }}
      is_rolling_release: ${{ steps.build_details.outputs.is_rolling_release }}
      is_fork: ${{ steps.build_details.outputs.is_fork }}
      publish_docker_image: ${{ steps.build_details.outputs.is_fork != 'true' && github.event_name != 'merge_group' }}
      build_os: ${{ steps.build_details.outputs.build_os }}
      build_platform: ${{ steps.build_details.outputs.build_platform }}
      build_include: ${{ steps.build_details.outputs.build_include }}
      docker_release: ${{ steps.build_details.outputs.docker_release }}
      s3-artifact-basepath: ${{ steps.build_details.outputs.s3-artifact-basepath }}
      minimal_exclude_deps: ${{ steps.build_details.outputs.minimal_exclude_deps }}
      save_traces: ${{ steps.build_details.outputs.save_traces }}
      is_snapshot: ${{ steps.build_details.outputs.is_snapshot }}
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Get build details
        env:
          IS_FORK: ${{ github.event.pull_request.head.repo.fork == true }}
        run: .github/scripts/build-details.sh
        id: build_details

  build_no_depopts:
    runs-on: depot-ubuntu-24.04-4
    needs: build_details
    container:
      image: savonet/liquidsoap-ci:debian_bookworm@sha256:c335eb95e0af0f177b790cbe74d3d7eff68546c05c57efe4042b4b4d105dff1a
      options: --user opam
    env:
      HOME: /home/opam
    steps:
      - name: Get number of CPU cores
        uses: savonet/github-actions-cpu-cores-docker@f72bcfaa219a2f60deaf8b26d0707b1d9c67d274 # v1
        id: cpu_cores
      - name: Checkout code
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          git remote set-url origin https://github.com/savonet/liquidsoap.git
          git fetch origin ${{ github.sha }}
          git checkout ${{ github.sha }}
      - name: Build
        run: |
          echo "::group::Preparing build"
          cd /tmp/liquidsoap-full
          git remote set-url origin https://github.com/savonet/liquidsoap-full.git
          git fetch --recurse-submodules=no
          git checkout origin/master -- Makefile.git
          make public
          git reset --hard
          git submodule foreach 'git reset --hard'
          git pull
          cp PACKAGES.minimal PACKAGES
          opam update
          opam pin -yn .
          opam info -f "depopts:" liquidsoap | grep -v osx-secure-transport | xargs opam remove -y inotify ffmpeg-avutil cohttp-lwt-unix prometheus-app ${{ needs.build_details.outputs.minimal_exclude_deps }}
          echo "::endgroup::"
          opam install -y mem_usage
          cd liquidsoap
          ./.github/scripts/build-posix.sh "${{ steps.cpu_cores.outputs.count }}"
        env:
          LIQ_BUILD_MIN: true
      - name: Build doc
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          ./.github/scripts/build-doc.sh

  build_js:
    runs-on: depot-ubuntu-24.04-4
    container:
      image: savonet/liquidsoap-ci:debian_bookworm@sha256:c335eb95e0af0f177b790cbe74d3d7eff68546c05c57efe4042b4b4d105dff1a
      options: --user opam
    env:
      HOME: /home/opam
    steps:
      - name: Checkout code
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          git remote set-url origin https://github.com/savonet/liquidsoap.git
          git fetch origin ${{ github.sha }}
          git checkout ${{ github.sha }}
          mv .git /tmp
          rm -rf ./*
          mv /tmp/.git .
          git reset --hard
      - name: Build JS
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          eval "$(opam config env)"
          opam update
          dune build --profile release ./src/js/interactive_js.bc.js

  tree_sitter_parse:
    runs-on: depot-ubuntu-24.04-4
    needs: build_details
    steps:
      - name: Checkout latest code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Setup node
        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
        with:
          node-version: latest
      - name: Parse using tree-sitter
        run: |
          git clone https://github.com/savonet/tree-sitter-liquidsoap.git
          cd tree-sitter-liquidsoap
          npm install
          npm exec tree-sitter -- parse -q -s ../../**/*.liq

  lezer_parse:
    runs-on: depot-ubuntu-24.04-4
    needs: build_details
    steps:
      - name: Checkout latest code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Setup node
        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
        with:
          node-version: latest
      - name: Parse using liquidsoap-lezer-print-tree
        run: |
          # This one has unicode variable name that isn't supported yet.
          rm -rf src/libs/list.liq
          git clone https://github.com/savonet/codemirror-lang-liquidsoap.git
          cd codemirror-lang-liquidsoap
          npm install
          npm exec liquidsoap-lezer-print-tree -- -q ../../**/*.liq

  update_doc:
    runs-on: depot-ubuntu-24.04-4
    needs: build_details
    if: github.event_name != 'pull_request' && github.repository_owner == 'savonet' && needs.build_details.outputs.branch == 'main'
    container:
      image: savonet/liquidsoap-ci:debian_bookworm@sha256:c335eb95e0af0f177b790cbe74d3d7eff68546c05c57efe4042b4b4d105dff1a
      options: --user root -v ${{ github.workspace }}/${{ github.run_number }}:/tmp/${{ github.run_number }}
    env:
      HOME: /home/opam
    steps:
      - name: Get number of CPU cores
        uses: savonet/github-actions-cpu-cores-docker@f72bcfaa219a2f60deaf8b26d0707b1d9c67d274 # v1
        id: cpu_cores
      - name: Checkout code
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          rm -rf doc/content/build.md doc/content/install.md
          sudo -u opam -E git remote set-url origin https://github.com/savonet/liquidsoap.git
          sudo -u opam -E git fetch origin ${{ github.sha }}
          sudo -u opam -E git checkout ${{ github.sha }}
      - name: Install node
        run: |
          apt-get update
          apt-get install -y npm
      - name: Build doc
        env:
          CPU_CORES: ${{ steps.cpu_cores.outputs.count }}
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          # TMP
          sudo -u opam -E ./.github/scripts/add-local-opam-packages.sh
          sudo -u opam -E ./.github/scripts/build-posix.sh "${{ steps.cpu_cores.outputs.count }}"
          cd /tmp/liquidsoap-full/liquidsoap/
          mkdir -p /tmp/${{ github.run_number }}/odoc
          cp -rf _build/default/_doc/_html/* /tmp/${{ github.run_number }}/odoc
          eval $(opam config env)
          dune build src/js
          cd /tmp/liquidsoap-full/website
          make dist
          mkdir -p /tmp/${{ github.run_number }}/html
          cp -rf html/* /tmp/${{ github.run_number }}/html
      - name: Push doc content
        if: success() && github.repository_owner == 'savonet'
        uses: crazy-max/ghaction-github-pages@fbf0a4fa4e00f45accd6cf3232368436ec06ed59 # v4.1.0
        with:
          repo: savonet/savonet.github.io
          target_branch: master
          build_dir: ${{ github.run_number }}/html
          fqdn: www.liquidsoap.info
        env:
          GH_PAT: ${{ secrets.WEBSITE_TOKEN }}
      - name: Push odoc content
        if: success() && github.repository_owner == 'savonet'
        uses: crazy-max/ghaction-github-pages@fbf0a4fa4e00f45accd6cf3232368436ec06ed59 # v4.1.0
        with:
          repo: savonet/liquidsoap
          target_branch: gh_pages
          build_dir: ${{ github.run_number }}/odoc
        env:
          GH_PAT: ${{ secrets.WEBSITE_TOKEN }}

  run_tests:
    runs-on: depot-ubuntu-24.04-4
    needs: build_details
    container:
      image: savonet/liquidsoap-ci:debian_bookworm@sha256:c335eb95e0af0f177b790cbe74d3d7eff68546c05c57efe4042b4b4d105dff1a
      options: --user root --privileged --ulimit core=-1 --security-opt seccomp=unconfined -v ${{ github.workspace }}/${{ github.run_number }}:/tmp/${{ github.run_number }}
    strategy:
      fail-fast: false
      matrix:
        target: ["@citest", "@doctest", "@mediatest"]
    env:
      HOME: /home/opam
    steps:
      - name: Get number of CPU cores
        uses: savonet/github-actions-cpu-cores-docker@f72bcfaa219a2f60deaf8b26d0707b1d9c67d274 # v1
        id: cpu_cores
      - name: Enable core dump
        run: |
          ulimit -c unlimited
          mkdir -p /tmp/${{ github.run_number }}/core
          chown -R opam /tmp/${{ github.run_number }}/core
          echo /tmp/${{ github.run_number }}/core/core.%h.%e.%t > /proc/sys/kernel/core_pattern
      - name: Checkout code
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          rm -rf doc/content/build.md doc/content/install.md
          sudo -u opam -E git remote set-url origin https://github.com/savonet/liquidsoap.git
          sudo -u opam -E git fetch origin ${{ github.sha }}
          sudo -u opam -E git checkout ${{ github.sha }}
      - name: Build
        env:
          CPU_CORES: ${{ steps.cpu_cores.outputs.count }}
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          # TMP
          sudo -u opam -E ./.github/scripts/add-local-opam-packages.sh
          sudo -u opam -E ./.github/scripts/build-posix.sh "${{ steps.cpu_cores.outputs.count }}"
          cp /tmp/liquidsoap-full/liquidsoap/_build/default/src/bin/liquidsoap.exe /tmp/${{ github.run_number }}/core/liquidsoap
      - name: Compute stats
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          sudo -u opam -E ./.github/scripts/stats-posix.sh
      - name: Install additional packages
        if: matrix.target == '@doctest'
        run: |
          apt-get -y update
          apt-get -y install frei0r-plugins
      - name: Run tests
        env:
          CPU_CORES: ${{ steps.cpu_cores.outputs.count }}
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          sudo -u opam -E ./.github/scripts/test-posix.sh ${{ matrix.target }}
      - name: Finalize metrics
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          mkdir -p "/tmp/${{ github.run_number }}/metrics"
          chown -R opam "/tmp/${{ github.run_number }}/metrics"
          sudo -u opam -E ./.github/scripts/export-metrics.sh "${{ needs.build_details.outputs.branch }}" "/tmp/${{ github.run_number }}/metrics"
      - name: Upload metrics artifact
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
        if: needs.build_details.outputs.is_fork != 'true' && matrix.target == '@citest'
        with:
          name: metrics
          path: ${{ github.workspace }}/${{ github.run_number }}/metrics
      - name: Upload metrics
        if: needs.build_details.outputs.is_fork != 'true' && matrix.target == '@citest'
        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          publish_branch: metrics
          publish_dir: ${{ github.workspace }}/${{ github.run_number }}/metrics
          keep_files: true
      - name: Save traces
        if: (success() || failure()) && ${{ needs.build_details.outputs.save_traces == 'true' }}
        run: |
          mkdir -p /tmp/${{ github.run_number }}/traces/${{ matrix.target }}
          cd /tmp/liquidsoap-full/liquidsoap
          find _build/default/tests | grep '\.trace$' | while read i; do mv "$i" /tmp/${{ github.run_number }}/traces/${{ matrix.target }}; done
      - name: Upload traces
        if: (success() || failure()) && ${{ needs.build_details.outputs.save_traces == 'true' }}
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
        with:
          name: traces-${{ matrix.target }}
          path: ${{ github.workspace }}/${{ github.run_number }}/traces/${{ matrix.target }}
      - name: Export potential core dumps
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
        if: failure()
        with:
          name: core-dump-${{ matrix.os }}-${{ matrix.platform }}-${{ matrix.target }}
          path: ${{ github.workspace }}/${{ github.run_number }}/core
      - name: Cleanup
        if: ${{ always() }}
        run: |
          rm -rf /tmp/${{ github.run_number }}/core

  build_opam:
    runs-on: depot-ubuntu-24.04-4
    strategy:
      fail-fast: false
      matrix:
        ocaml-compiler:
          - 4.14.x
          - 5.3.x
    steps:
      - name: Checkout latest code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Update packages
        run: |
          sudo apt-get update
      - name: Setup OCaml
        uses: ocaml/setup-ocaml@0b8b8c6f352bfdd12fa56b6727eed5990aa22859 # v3.2.10
        with:
          ocaml-compiler: ${{ matrix.ocaml-compiler }}
          opam-pin: false
          opam-depext: false
      - name: Add local packages
        run: |
          ./.github/scripts/add-local-opam-packages.sh
      - name: Install liquidsoap
        run: |
          opam install --cli=2.1 --confirm-level=unsafe-yes .
      - name: Install ocamlformat
        if: matrix.ocaml-compiler == '5.3.x'
        run: |
          opam install ocamlformat=0.27.0
      - name: Set PY env variable.
        if: matrix.ocaml-compiler == '5.3.x'
        run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
      - name: Restore pre-commit cache
        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
        with:
          path: ~/.cache/pre-commit
          key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }}
      - name: Run pre-commit
        if: matrix.ocaml-compiler == '5.3.x'
        uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1

  build_posix:
    runs-on: ${{ matrix.runs-on }}
    needs: build_details
    strategy:
      fail-fast: false
      matrix:
        os: ${{ fromJson(needs.build_details.outputs.build_os) }}
        platform: ${{ fromJson(needs.build_details.outputs.build_platform) }}
        include: ${{ fromJson(needs.build_details.outputs.build_include) }}
    container:
      image: savonet/liquidsoap-ci:${{ matrix.os }}
      options: --user root --privileged -v ${{ github.workspace }}/${{ github.run_number }}:/tmp/${{ github.run_number }}
    env:
      HOME: /home/opam
      IS_SNAPSHOT: ${{ needs.build_details.outputs.is_snapshot == 'true' }}
    steps:
      - name: Get number of CPU cores
        uses: savonet/github-actions-cpu-cores-docker@f72bcfaa219a2f60deaf8b26d0707b1d9c67d274 # v1
        id: cpu_cores
      - name: Checkout code
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          rm -rf doc/content/build.md doc/content/install.md
          sudo -u opam -E git remote set-url origin https://github.com/savonet/liquidsoap.git
          sudo -u opam -E git fetch origin ${{ github.sha }}
          sudo -u opam -E git checkout ${{ github.sha }}
      - name: Build
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          export CPU_CORES=${{ steps.cpu_cores.outputs.count }}
          # TMP
          sudo -u opam -E ./.github/scripts/add-local-opam-packages.sh
          sudo -u opam -E ./.github/scripts/build-posix.sh "${{ steps.cpu_cores.outputs.count }}"
      - name: Build doc
        if: contains(matrix.os, 'debian') || contains(matrix.os, 'ubuntu')
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          sudo -u opam -E ./.github/scripts/build-doc.sh
      - name: Build debian package
        if: contains(matrix.os, 'debian') || contains(matrix.os, 'ubuntu')
        id: build_deb
        run: |
          mkdir -p /tmp/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}/debian
          chown -R opam /tmp/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}/debian
          chown -R opam "${GITHUB_OUTPUT}"
          cd /tmp/liquidsoap-full/liquidsoap
          sudo -u opam -E ./.github/scripts/build-deb.sh ${{ github.sha }} ${{ needs.build_details.outputs.branch }} ${{ matrix.os }} ${{ matrix.platform }} "${{ needs.build_details.outputs.is_rolling_release }}" "${{ needs.build_details.outputs.is_release }}" "${{ needs.build_details.outputs.minimal_exclude_deps }}"
      - name: Upload debian packages artifacts
        if: (contains(matrix.os, 'debian') || contains(matrix.os, 'ubuntu'))
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
        with:
          name: ${{ steps.build_deb.outputs.basename }}
          path: ${{ github.workspace }}/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}/debian
          if-no-files-found: error
      - name: Build alpine package
        if: matrix.os == 'alpine'
        id: build_apk
        run: |
          cd /tmp/liquidsoap-full/liquidsoap
          apk add alpine-sdk
          adduser opam abuild
          mkdir -p /tmp/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}/alpine
          chown -R opam /tmp/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}/alpine
          chown -R opam "${GITHUB_OUTPUT}"
          sudo -u opam -E ./.github/scripts/build-apk.sh ${{ needs.build_details.outputs.branch }} ${{ matrix.os }} ${{ matrix.platform }} ${{ matrix.alpine-arch }} "${{ needs.build_details.outputs.is_rolling_release }}" "${{ needs.build_details.outputs.is_release }}" "${{ needs.build_details.outputs.minimal_exclude_deps }}"
      - name: Upload alpine packages artifacts
        if: needs.build_details.outputs.is_fork != 'true' && matrix.os == 'alpine'
        uses: savonet/aws-s3-docker-action@master
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          SOURCE: ${{ github.workspace }}/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}/alpine
          TARGET: ${{ needs.build_details.outputs.s3-artifact-basepath }}
      - name: Cleanup
        if: ${{ always() }}
        run: |
          rm -rf /tmp/${{ github.run_number }}/${{ matrix.os }}_${{ matrix.platform }}

  fetch_s3_artifacts:
    runs-on: depot-ubuntu-24.04-4
    needs: [build_details, build_posix]
    steps:
      - name: Prepare directory
        run: |
          rm -rf ${{ github.workspace }}/${{ github.run_number }}/s3-artifacts
          mkdir -p ${{ github.workspace }}/${{ github.run_number }}/s3-artifacts
      - name: Fetch S3 artifacts
        if: needs.build_details.outputs.is_fork != 'true'
        uses: savonet/aws-s3-docker-action@master
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          SOURCE: ${{ needs.build_details.outputs.s3-artifact-basepath }}
          TARGET: ${{ github.workspace }}/${{ github.run_number }}/s3-artifacts
      - name: Upload S3 artifacts
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
        if: needs.build_details.outputs.is_fork != 'true'
        with:
          name: alpine-packages
          path: ${{ github.workspace }}/${{ github.run_number }}/s3-artifacts

  build_win32:
    runs-on: depot-ubuntu-24.04-4
    needs: build_details
    strategy:
      fail-fast: false
      matrix:
        system: [x64]
    container:
      image: savonet/liquidsoap-win32-${{ matrix.system }}
      options: --user root -v ${{ github.workspace }}/${{ github.run_number }}:/tmp/${{ github.run_number }}
    env:
      OPAM_DEPS: ao-windows,lastfm-windows,camomile-windows,cry-windows,dtools-windows,duppy-windows,ffmpeg-windows,ffmpeg-avutil-windows,mm-windows,re-windows,portaudio-windows,samplerate-windows,sedlex-windows,ssl-windows,srt-windows,winsvc-windows,mem_usage-windows
      IS_SNAPSHOT: ${{ needs.build_details.outputs.is_snapshot == 'true' }}
      TOOLPREF64: /usr/src/mxe/usr/bin/x86_64-w64-mingw32.static-
    steps:
      - name: Get number of CPU cores
        uses: savonet/github-actions-cpu-cores-docker@f72bcfaa219a2f60deaf8b26d0707b1d9c67d274 # v1
        id: cpu_cores
      - name: Checkout code
        run: |
          mkdir -p /tmp/${{ github.run_number }}/win32/liquidsoap
          cd /tmp/${{ github.run_number }}/win32/liquidsoap
          git init
          git remote add origin https://github.com/${{ github.repository }}.git
          git fetch origin ${{ github.sha }}
          git checkout ${{ github.sha }}
          chown -R opam /tmp/${{ github.run_number }}/win32
      - name: Add local packages
        run: |
          cd /tmp/${{ github.run_number }}/win32/liquidsoap/
          gosu opam:root ./.github/scripts/add-local-opam-packages.sh
      - name: Build windows binary
        run: |
          mkdir -p /tmp/${{ github.run_number }}/win32/dist
          chown -R opam /tmp/${{ github.run_number }}/win32/dist
          chown -R opam "${GITHUB_OUTPUT}"
          cd /tmp/${{ github.run_number }}/win32/liquidsoap
          gosu opam:root ./.github/scripts/build-win32.sh ${{ matrix.system }} ${{ needs.build_details.outputs.branch }} "${{ steps.cpu_cores.outputs.count }}" "${{ needs.build_details.outputs.is_rolling_release }}" "${{ needs.build_details.outputs.is_release }}" ${{ github.sha }}
        id: build
      - name: Upload artifact
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
        with:
          name: ${{ steps.build.outputs.basename }}
          path: ${{ github.workspace }}/${{ github.run_number }}/win32/dist
          if-no-files-found: error
      - name: Cleanup
        if: ${{ always() }}
        run: |
          rm -rf /tmp/${{ github.run_number }}/win32

  update_release:
    runs-on: depot-ubuntu-24.04-4
    needs:
      [
        build_details,
        build_no_depopts,
        build_js,
        run_tests,
        build_posix,
        build_win32,
        fetch_s3_artifacts,
      ]
    if: needs.build_details.outputs.is_release
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Download all artifact
        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
        with:
          path: artifacts/${{ needs.build_details.outputs.sha }}
      - name: List assets to upload
        run: |
          echo "RELEASE_ASSETS<<EOF" >> $GITHUB_ENV
          find artifacts/${{ needs.build_details.outputs.sha }} -type f | egrep '\.apk$|\.deb$|\.config|\.zip$' | sort -u >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV
      - name: Generate release notes
        run: |
          echo "RELEASE_NOTES<<EOF" >> $GITHUB_ENV
          if [ ${{ needs.build_details.outputs.is_rolling_release }} = "true" ]; then
            cat doc/content/rolling-release.md >> $GITHUB_ENV
          fi
          echo "EOF" >> $GITHUB_ENV
      - name: Generate changelog
        run: |
          echo "CHANGELOG<<EOF" >> $GITHUB_ENV
          cat CHANGES.md | sed -e "/---/,\$d" >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV
      - name: Delete old release assets
        uses: mknejp/delete-release-assets@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          tag: ${{ needs.build_details.outputs.branch }}
          assets: "*"
          fail-if-no-release: false
          fail-if-no-assets: false
      - name: Upload assets to main repo release
        uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          tag_name: ${{ needs.build_details.outputs.branch }}
          files: ${{ env.RELEASE_ASSETS }}
          prerelease: ${{ needs.build_details.outputs.is_rolling_release }}
          body: "${{ env.RELEASE_NOTES}}\n\n${{ env.CHANGELOG }}"
          draft: true
      - name: Upload assets to release repo
        uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1
        with:
          token: ${{ secrets.LIQUIDSOAP_RELEASE_ASSETS_TOKEN }}
          tag_name: ${{ needs.build_details.outputs.branch }}
          files: ${{ env.RELEASE_ASSETS }}
          repository: savonet/liquidsoap-release-assets
          prerelease: ${{ needs.build_details.outputs.is_rolling_release }}
          body_path: doc/content/release-assets.md
          draft: true

  build_docker:
    runs-on: ${{ matrix.runs-on }}
    needs: [build_details, build_posix, fetch_s3_artifacts]
    strategy:
      fail-fast: false
      matrix:
        platform: ${{ fromJson(needs.build_details.outputs.build_platform) }}
        include: ${{ fromJson(needs.build_details.outputs.build_include) }}
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
      - name: Download all artifact
        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
        with:
          path: artifacts/${{ needs.build_details.outputs.sha }}
      - name: Get debian package
        run: |
          echo "deb-file=$(find artifacts/${{ needs.build_details.outputs.sha }} -type f | grep ${{ matrix.docker-debian-os }} | grep -v minimal | grep '${{ matrix.platform }}\.deb$' | grep -v dbgsym | grep deb)" >> "${GITHUB_OUTPUT}"
        id: debian_package
      - name: Get debian debug package
        run: |
          echo "deb-file=$(find artifacts/${{ needs.build_details.outputs.sha }} -type f | grep ${{ matrix.docker-debian-os }} | grep -v minimal | grep '${{ matrix.platform }}\.deb$' | grep dbgsym | grep deb)" >> "${GITHUB_OUTPUT}"
        id: debian_debug_package
      - name: Login to Docker Hub
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          username: ${{ secrets.DOCKERHUB_USER }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Login to GitHub Container Registry
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push docker image
        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
        env:
          DOCKER_BUILD_RECORD_UPLOAD: false
        with:
          build-args: |
            "DEB_FILE=${{ steps.debian_package.outputs.deb-file }}"
            "DEB_DEBUG_FILE=${{ steps.debian_debug_package.outputs.deb-file }}"
          context: .
          file: .github/docker/debian.dockerfile
          tags: |
            "savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}_${{ matrix.platform }}"
            "ghcr.io/savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}_${{ matrix.platform }}"
          push: ${{ needs.build_details.outputs.publish_docker_image }}
          provenance: false
          sbom: false

  build_docker_alpine:
    runs-on: ${{ matrix.runs-on }}
    needs: [build_details, build_posix, fetch_s3_artifacts]
    if: needs.build_details.outputs.is_fork != 'true'
    strategy:
      fail-fast: false
      matrix:
        platform: ${{ fromJson(needs.build_details.outputs.build_platform) }}
        include: ${{ fromJson(needs.build_details.outputs.build_include) }}
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Download all artifact
        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
        with:
          path: artifacts/${{ needs.build_details.outputs.sha }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
      - name: Get alpine package
        run: |
          echo "apk-file=$(find artifacts/${{ needs.build_details.outputs.sha }} -type f | grep -v minimal | grep 'apk$' | grep -v dbg | grep ${{ matrix.alpine-arch }})" >> "${GITHUB_OUTPUT}"
        id: alpine_package
      - name: Login to Docker Hub
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          username: ${{ secrets.DOCKERHUB_USER }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Login to GitHub Container Registry
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push docker image
        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
        env:
          DOCKER_BUILD_RECORD_UPLOAD: false
        with:
          build-args: |
            "APK_FILE=${{ steps.alpine_package.outputs.apk-file }}"
          context: .
          file: .github/docker/alpine.dockerfile
          tags: |
            "savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}_alpine_${{ matrix.platform }}"
            "ghcr.io/savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}_alpine_${{ matrix.platform }}"
          push: ${{ needs.build_details.outputs.publish_docker_image }}
          provenance: false
          sbom: false

  build_docker_minimal:
    runs-on: ${{ matrix.runs-on }}
    needs: [build_details, build_posix, fetch_s3_artifacts]
    strategy:
      fail-fast: false
      matrix:
        platform: ${{ fromJson(needs.build_details.outputs.build_platform) }}
        include: ${{ fromJson(needs.build_details.outputs.build_include) }}
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
      - name: Download all artifact
        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
        with:
          path: artifacts/${{ needs.build_details.outputs.sha }}
      - name: Get debian package
        run: |
          echo "deb-file=$(find artifacts/${{ needs.build_details.outputs.sha }} -type f | grep ${{ matrix.docker-debian-os }} | grep minimal | grep '${{ matrix.platform }}\.deb$' | grep -v dbgsym | grep deb)" >> "${GITHUB_OUTPUT}"
        id: debian_package
      - name: Get debian debug package
        run: |
          echo "deb-file=$(find artifacts/${{ needs.build_details.outputs.sha }} -type f | grep ${{ matrix.docker-debian-os }} | grep minimal | grep '${{ matrix.platform }}\.deb$' | grep dbgsym | grep deb)" >> "${GITHUB_OUTPUT}"
        id: debian_debug_package
      - name: Login to Docker Hub
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          username: ${{ secrets.DOCKERHUB_USER }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Login to GitHub Container Registry
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push docker image
        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
        env:
          DOCKER_BUILD_RECORD_UPLOAD: false
        with:
          build-args: |
            "DEB_FILE=${{ steps.debian_package.outputs.deb-file }}"
            "DEB_DEBUG_FILE=${{ steps.debian_debug_package.outputs.deb-file }}"
          context: .
          file: .github/docker/debian.dockerfile
          tags: |
            "savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}-minimal_${{ matrix.platform }}"
            "ghcr.io/savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}-minimal_${{ matrix.platform }}"
          push: ${{ needs.build_details.outputs.publish_docker_image }}
          provenance: false
          sbom: false

  build_docker_alpine_minimal:
    runs-on: ${{ matrix.runs-on }}
    needs: [build_details, build_posix, fetch_s3_artifacts]
    if: needs.build_details.outputs.is_fork != 'true'
    strategy:
      fail-fast: false
      matrix:
        platform: ${{ fromJson(needs.build_details.outputs.build_platform) }}
        include: ${{ fromJson(needs.build_details.outputs.build_include) }}
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Download all artifact
        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
        with:
          path: artifacts/${{ needs.build_details.outputs.sha }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
      - name: Get alpine package
        run: |
          echo "apk-file=$(find artifacts/${{ needs.build_details.outputs.sha }} -type f | grep minimal | grep 'apk$' | grep -v dbg | grep ${{ matrix.alpine-arch }})" >> "${GITHUB_OUTPUT}"
        id: alpine_package
      - name: Login to Docker Hub
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          username: ${{ secrets.DOCKERHUB_USER }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Login to GitHub Container Registry
        if: needs.build_details.outputs.publish_docker_image == 'true'
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push docker image
        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
        env:
          DOCKER_BUILD_RECORD_UPLOAD: false
        with:
          build-args: |
            "APK_FILE=${{ steps.alpine_package.outputs.apk-file }}"
          context: .
          file: .github/docker/alpine.dockerfile
          tags: |
            "savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}-minimal_alpine_${{ matrix.platform }}"
            "ghcr.io/savonet/liquidsoap-ci-build:${{ needs.build_details.outputs.branch }}-minimal_alpine_${{ matrix.platform }}"
          push: ${{ needs.build_details.outputs.publish_docker_image }}
          provenance: false
          sbom: false

  build_docker_release:
    runs-on: depot-ubuntu-24.04-4
    needs: [build_details, run_tests, build_docker, build_docker_alpine]
    if: needs.build_details.outputs.docker_release
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Push consolidated manifest
        run: .github/scripts/push-docker.sh ${{ needs.build_details.outputs.branch }} ${{ secrets.DOCKERHUB_USER }} ${{ secrets.DOCKERHUB_PASSWORD }} ${{ github.actor }} ${{ secrets.GITHUB_TOKEN }} ${{ github.sha }}

  build_docker_release-minimal:
    runs-on: depot-ubuntu-24.04-4
    needs:
      [
        build_details,
        run_tests,
        build_docker_minimal,
        build_docker_alpine_minimal,
      ]
    if: needs.build_details.outputs.docker_release
    steps:
      - name: Checkout code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Push consolidated manifest
        run: .github/scripts/push-docker.sh ${{ needs.build_details.outputs.branch }}-minimal ${{ secrets.DOCKERHUB_USER }} ${{ secrets.DOCKERHUB_PASSWORD }} ${{ github.actor }} ${{ secrets.GITHUB_TOKEN }} ${{ github.sha }}-minimal

Workflow logs

No response

BuildKit logs

Additional info

No response

[crazy-max]

Additionally, I would suggest to turn off artifact upload by default. It pollutes the build's artifact list and is only useful if the user really wants to process them.

That would be a breaking change for people relying on the uploaded artifact but you can use the DOCKER_BUILD_RECORD_UPLOAD environment variable in your workflow to disable build record upload if you want to: https://github.com/docker/build-push-action/?tab=readme-ov-file#environment-variables

Artifact should be zipped before being uploaded.

The issue is not that we should use the ZIP format instead of GZIP but that GitHub should fix the problem on their end when downloading an artifact, as explained in actions/toolkit#1874 (comment).

However, we are considering wrapping the build record tarball in a ZIP archive to avoid this issue in the future and support both ZIP and GZIP formats in Docker Desktop for importing builds: https://docs.docker.com/desktop/use-desktop/builds/#import-builds.

[toots]

Thanks for the pointer. I'll close this one as it's clearly already covered. I'll comment there too.

[toots]

Additionally, I would suggest to turn off artifact upload by default. It pollutes the build's artifact list and is only useful if the user really wants to process them.

That would be a breaking change for people relying on the uploaded artifact but you can use the DOCKER_BUILD_RECORD_UPLOAD environment variable in your workflow to disable build record upload if you want to: https://github.com/docker/build-push-action/?tab=readme-ov-file#environment-variables

This is in fact the other way: these artifact assets were added in some recent release by default and that was the breaking change for us and probably many others.

The assets started being uploaded during our workflow and broke the part of it that was downloading all assets.

Even worst, it became a race condition because the download step would fail or pass depending on wether a concurrent docker build had terminated before it.

That was actually pretty hard to debug.

[crazy-max]

these artifact assets were added in some recent release by default and that was the breaking change for us and probably many others.

This was added in major v6.0.0 release which is by the author's design a "breaking change" release: https://github.com/docker/build-push-action/releases/tag/v6.0.0

So unless you're using docker/build-push-action@master in your workflow instead of pinned version as recommended, I'm not sure how this would happen to you. But maybe you bumped to artifact v4 while being on build-push v6?

[toots]

Makes sense