Support artifact URL output

[lelegard]

Hi,

This suggestion has been discussed here in the GitHub community forum.

In a Github Actions job, after an upload-artifact step, I would like to get the URL of the published artifact in a subsequent step.

The idea is a job using the following steps:

• Build a binary.
• Upload the binary as artifact.
• Trigger a REST API in some Web server, passing the URL of the artifact in a POST parameter, so that the remote server can download the artifact.

How would you get the URL of the artifact in a subsequent step?

I know that there is an Actions API currently in development. But, here, the question is about passing information from the upload-artifact step to the next step.

It could be something like this:

    - name: Upload build
      uses: actions/upload-artifact@master
      with:
        name: installer
        path: installer.exe
        env-url: FOOBAR
    - name: Use URL for something
      run: echo "${{ env.FOOBAR }}"

The last command would display something like:

https://github.com/user/repo/suites/123456/artifacts/789123

[erikmd]

@Andre601

Hey everyone. I'm curious to know if there is an easy way to obtain the artifact URL from a former job (Not step) for a job depending on the former? Given the fact that I can download artifacts uploaded in a previous job using the download-artifact action tells me that there is a way to obtain the URL. My question is, if that way is easy to achieve within GitHub Actions...

FWIW, I coded a GHA workflow that gets the perennial url of artifacts & 'pin' them as commit statuses (cf. this stackoverflow post) Not sure if that fits your use case though.

[Andre601]

FWIW, I coded a GHA workflow that gets the perennial url of artifacts & 'pin' them as commit statuses (cf. this stackoverflow post) Not sure if that fits your use case though.

Thanks for the info. Tho, this not only looks over complicated, but also doesn't quite help me understand how to obtain the URL actually... Like my goal is to post a comment containing the URL for it. Nothing more, nothing less. I appreciate the info tho.

To not further off-topic this would I like any further discussions to go into the discussion I still have open on the community repository: https://github.com/orgs/community/discussions/51403

[djthornton1212]

@Andre601 You can use the gh cli to get the url.

gh api "/repos/{owner}/{repo}/actions/artifacts"

In the return json is the key archive_download_url. You can use that to download. If you're using Actions you can also use dawidd6/action-download-artifact. If you use unique names for your artifacts it will find that specific artifact and download it. Note: The dawidd6/action-download-artifact cannot download artifacts from the same run, but can from other runs.

- name: Download PR Workspace
  uses: dawidd6/action-download-artifact@v2.26.0
  with:
    if_no_artifact_found: fail
    github_token: ${{secrets.GITHUB_TOKEN}}
    name: ${{ env.ARTIFACT_NAME }}

You can checkout the action here.

It's not really about the download, but just getting the URL to it...

Got it, then I think using the api to get it will work for you.

[gisheri]

+1 fwiw

[BarNehemia]

+1 any news?

[arlindiDev]

+1

[scuderiaf1]

+1

[Andre601]

(This is a personal thing, so don't take it as anything official or as representation of anyone else)

Rant: [On]

Would apreciate if you wouldn't comment with "+1" here... If you have something important to contribute, do that. But posting just "+1" is not contributing anything. If you want to support this idea, add a +1 reaction to the OP.

Also, I'm sure we would've gotten a reply by a maintainer if there were any updates whatsoever. From what I understand is this feature currently not possible due to lacking API endpoints on GitHub's end (Iirc is the issue, that the (final) download URL for artifacts isn't available/generated until the job has ended, making it not accessible in-between steps).

So, please safe me and probs other peoples time (and storage on the mail inbox) by not replying with "+1" or alike... It doesn't help.

Rant: [Off]

[NJannasch]

It would be great to have this feature available.

[sujanp-kr]

+1 I need. Plus, essentially a necessary feature. When happening :thinking:

[lyskouski]

Thanks to @djthornton1212 https://github.com/orgs/community/discussions/51403#discussioncomment-5515349

I've been able to reproduce the capability of taking artifacts URL [ref] . The main case that artifacts are not accessible via gh api "/repos/${{ github.repository }}/actions/artifacts for ongoing workflows. And the second tip, that referenced pipe should be merged into the targeted branch, otherwise, it won't be recognized by "on: workflow_run:".

[konradpabjan]

So v4 just released today: https://github.blog/changelog/2023-12-14-github-actions-artifacts-v4-is-now-generally-available/

With it there is an artifact ID output that is immediately available and it's the same ID that is used in the current URL: https://github.com/actions/upload-artifact?tab=readme-ov-file#using-outputs So with another API call to get the check suite ID it should be possible to construct an artifact URL.

The current URL that is in the format of https://github.com/user/repo/suites/123456/artifacts/789123 is pretty bad though as it is unintuitive and we're planning on changing it to something like https://github.com/user/repo/actions/runs/123456/artifacts/789123 since the workflow run ID is available in the job and in the UI everywhere. We have an issue internally to change this (the old URLs will continue to work), and once we do that it should be pretty easy. We could have a URL output similar to the ID with V4. No estimate as to when this will come around but at least the artifact ID is immediately available now with v4 and that was the big limitation. Took a lot of work with v4 to make that work. Recommend switching to it as there are a number of big improvements!

Renamed the issue but long term this should look like this:

    - uses: actions/upload-artifact@v4
      id: artifact-upload-step
      with:
        name: my-artifact
        path: path/to/artifact/content/

    - name: Output artifact URL
      run:  echo 'Artifact URL is ${{ steps.artifact-upload-step.outputs.artifact-url }}'

[lukasc-ubc]

Thank you for the improvements to the Artifact upload/download.

I am wondering if it is possible to have the Artifact go into a permanent URL? I would like my GitHub repo Readme.md file have the URL in the main document, so people can download the Artifact directly. Similar to how the Releases / Latest buttom works. But ideally it would be just a fixed URL, and where the latest Artifact always overwrites the fixed URL.

thank you Lukas

[wosc]

Thanks @konradpabjan for the heavy lifting that has gone into v4! I've just tried the following, and that simply worked, I could download the artifact from the URL this generated, no suite-ID or other complications required. So to me this says, the main usecase as outlined in the issue description is now supported by v4 (even if it might be made more convenient to use later on :), which is great news if true! 🎉 (Or did I misunderstand your message, is this a happy accident that is not guaranteed to work, or something else entirely?)

    - uses: actions/upload-artifact@v4
      id: artifact-upload-step
      with:
        name: my-artifact
        path: path/to/artifact/content/

    - name: Output artifact URL
      run:  echo 'Artifact URL is ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts/${{ steps.artifact-upload-step.outputs.artifact-id }}'

[konradpabjan]

@wosc Yeah so another teammate recently made the URL changes I described and the artifact URLs in the UI now doesn't rely on the check suite ID so things are much simpler! 🎉

Creating a URL with the run ID and artifact ID is now reliable and users can use this to potentially embed artifact links in a host of different places such as PR descriptions, READMEs or issues. I've gone ahead and merged in changes that support an artifact-url output: https://github.com/actions/upload-artifact/pull/496

The PR was merged into main and once we cut a new release then it will be accessible via the @v4 tag at which point we can close out this issue as officially done (We're working on a few more fixes/PRs before cutting a new release).

As described in my earlier content, with @main (and soon @v4) you can now get a URL with something like this.

    - uses: actions/upload-artifact@v4 (right now @main but hang tight until the next release)
      id: artifact-upload-step
      with:
        name: my-artifact
        path: path/to/artifact/content/

    - name: Output artifact URL
      run:  echo 'Artifact URL is ${{ steps.artifact-upload-step.outputs.artifact-url }}'

An important thing to keep in mind is that this URL behavior is exactly as if downloading artifacts from the run summary page in the UI. You must be logged into GitHub for it to work (if browsing as incognito than the URL doesn't even show up). If you do get your hands on a URL while not logged in than it will 404 and prompt you to login. This is for a few scenarios i've seen mentioned where if you take this URL and embed it in some external website and a non-GitHub users tries to click it (anonymous request) than it will 404 and prompt for a download. That's the way it is due to bad actors/security. Logs follows the same pattern where anonymous users/bots can't view & download logs as this opens up a DDOS/attack vector that we can protect ourselves by requiring a simple login. If you really need a download URL that works for users/services that are aren't authenticated with GitHub then the existing API that generates a 1 minute download URL is your only option. If you want some download URL for anonymous downloads for an extended period of time than unfortunately we aren't planning on supporting that due to the security concerns outlined earlier.

The plus side of this URL that is now outputted is that it will work as long as the artifact has not expired. The only other caveats are the run must not be deleted alongside the repository. If your artifact has a retention period of 100 days for example than you can add this URL to a README or somewhere in GitHub like an issue and it will work for 100 days until the artifact expires.

[TWiStErRob]

Amazing Konrad, thank you for the update!

---

Friendly reminder for users not to use this new feature for stable releasing... download the artifact from a workflow run and upload the files to the release as (different type of) artifacts for permanent storage on the Releases.

[wosc]

Thank you Konrad and team, that's excellent news!

[pinpox]

What is the correct syntax to include the URL in a markdown README.md file? I tried adding ${{ steps.artifact-upload-step.outputs.artifact-url }} to the markdown, but the variable is not being inserted and the markdown renders as is

[Danstiv]

Hello @konradpabjan Can you please explain the actions/download-artifact strange feature?

If you really need a download URL that works for users/services that are aren't authenticated with GitHub then the existing API that generates a 1 minute download URL is your only option.

I tried to get that url using curl with "token ${{ secrets.GITHUB_TOKEN }}" and got the error "Resource not accessible by integration". After spending some time, I found out that to perform this action permission actions read should be set, and with this permission everything worked. And in this case, I don't understand how actions/download-artifact downloads the artifact with out needed permission? The same api is used there, probably the same request is sent, but for some reason it is completes successfully even without actions read permission. So the question is, why and how does it work? Thanks in advance for your answer.

[TWiStErRob]

at which point we can close out this issue as officially done -- https://github.com/actions/upload-artifact/issues/50#issuecomment-1885368978

@konradpabjan https://github.com/actions/upload-artifact/blob/v4/action.yml#L50

[konradpabjan]

Ah, forgot to close this issue out after https://github.com/actions/upload-artifact/pull/496 went in and the v4 tag was updated. Closing out now

[zmberber]

What is the correct syntax to include the URL in a markdown README.md file? I tried adding ${{ steps.artifact-upload-step.outputs.artifact-url }} to the markdown, but the variable is not being inserted and the markdown renders as is

+1.

This is also what I would wish.