toolkit
toolkit copied to clipboard
actions
Support hashing files outside the workspace directory
Currently hashFiles ignores files outside the workspace. This means that it cannot be used to hash files which appear within an Action. In turn this means that packages such as actions/setup-python cannot be used with files from the Action (see for example https://github.com/actions/setup-python/issues/361), making them hard to use within composite Actions.
It would be great if hashFiles could support these files as it would enable more powerful composite Actions.
I also would like to see this issue resolved. I am also having issues with caching with actions/setup-python#361 in a composite action. The maintainer of that action says that this bug can't be fixed until the issue in this repository is resolved.
Same scenario for me: actions/setup-python inside a composite action.
As a workaround I have to copy the scripts to the workspace directory. Not a super nice solution tho (there might already be a directory with the same name and so on..):
- name: Set up Scripts
id: setup-scripts
shell: bash
run: |
SCRIPTS_PATH="$GITHUB_WORKSPACE/scripts"
cp -r "${{ github.action_path }}/../../scripts" "$SCRIPTS_PATH"
echo "SCRIPTS_PATH=$SCRIPTS_PATH" >> $GITHUB_ENV
echo "::set-output name=scripts-path::$(echo $SCRIPTS_PATH)"
Perhaps I am missing something but this feature is already implemented?
https://github.com/actions/toolkit/blob/45c49b09df04cff84c5f336f07d5232fa7103761/packages/glob/src/internal-hash-files.ts#L9-L13
Initially, when I used the function with just globber parameter, I got exactly the same behaviour as described above. But after specifying currentWorkspace parameter, I was able to hash files outside of GITHUB_WORKSPACE.
Huh, it looks like that changed since this was reported. The originally linked code was https://github.com/actions/toolkit/blob/b4639928698a6bfe1c4bdae4b2bfdad1cb75016d/packages/glob/src/internal-hash-files.ts#L16-L19
It seems that the equivalent check is still present https://github.com/actions/toolkit/blob/45c49b09df04cff84c5f336f07d5232fa7103761/packages/glob/src/internal-hash-files.ts#L23-L26
Though as @alexkuc notes there is now a way to set what the "workspace" is. This could potentially be used by other Actions to specify themselves as the "workspace", though seems perhaps an unintended consequence. (The change was in https://github.com/actions/toolkit/pull/1318).
Curiously enough, there is no official documentation for hashFiles(). Although, there is a closed issue and a closed PR that adds this function.
Until hashFiles works outside of the workspace (in a composite), here's an example of the work-around I came up with:
runs:
steps:
- uses: actions/setup-python@v5
id: setup-python
with:
python-version: '3.10'
update-environment: false
- uses: actions/github-script@v7
id: requirements-hash
with:
script: return require('fs').createReadStream(require('path').join(process.env.GITHUB_ACTION_PATH, 'requirements.txt')).pipe(require('crypto').createHash('sha1').setEncoding('hex'), 'finish').digest('hex')
result-encoding: string
- uses: actions/cache@v4
with:
key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ steps.requirements-hash.outputs.result }}
restore-keys: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-
path: ${{ github.action_path }}/venv
- name: Setup python venv
shell: bash
run: |
${{ steps.setup-python.outputs.python-path }} -m venv "$GITHUB_ACTION_PATH/venv"
source "$GITHUB_ACTION_PATH/venv/bin/activate"
pip install -r "$GITHUB_ACTION_PATH/requirements.txt"
