name: Upload artifact description: Upload an encrypted zip archive as a github artifact. inputs: path: description: 'The path(s) that should be uploaded. Paths may contain globs. Only the final component of a path is uploaded.' required: true name: description: 'The name of the artifact.' required: true retention-days: description: 'How long the artifact should be retained for.' default: 60 encryptionSecret: description: 'The secret to use for encrypting the files.' required: true overwrite: description: 'Overwrite an artifact with the same name.' default: false required: false runs: using: "composite" steps: - name: Install 7zip uses: ./.github/actions/setup_bazel_nix with: nixTools: | _7zz - name: Create temporary directory id: tempdir shell: bash run: echo "directory=$(mktemp -d)" >> "$GITHUB_OUTPUT" - name: Create archive shell: bash run: | set -euo pipefail shopt -s extglob paths="${{ inputs.path }}" paths=${paths%$'\n'} # Remove trailing newline # Check if any file matches the given pattern(s). something_exists=false for pattern in ${paths} do if compgen -G "${pattern}" > /dev/null; then something_exists=true fi done # Create an archive if files exist. # Don't create an archive file if no files are found # and warn. if ! ${something_exists} then echo "::warning:: No files/directories found with the provided path(s): ${paths}. No artifact will be uploaded." exit 0 fi for target in ${paths} do if compgen -G "${target}" > /dev/null then pushd "$(dirname "${target}")" 7zz a -p'${{ inputs.encryptionSecret }}' -bso0 -bsp0 -t7z -ms=on -mhe=on "${{ steps.tempdir.outputs.directory }}/archive.7z" "$(basename "${target}")" popd fi done - name: Upload archive as artifact uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: ${{ inputs.name }} path: ${{ steps.tempdir.outputs.directory }}/archive.7z retention-days: ${{ inputs.retention-days }} if-no-files-found: ignore overwrite: ${{ inputs.overwrite }}