Update actions to keep permissions (#11289)

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>

.github/actions/build/action.yml

@@ -18,6 +18,6 @@ runs:
     - uses: ./.github/actions/setup_environment
     - run: ~/go/bin/promu crossbuild -v --parallelism ${{ inputs.parallelism }} --parallelism-thread ${{ inputs.thread }} ${{ inputs.promu_opts }}
       shell: bash
-    - uses: ./.github/actions/save_artefacts
+    - uses: ./.github/actions/save_artifacts
       with:
         directory: .build

.github/actions/publish_main/action.yml

@@ -26,10 +26,7 @@ runs:
     - uses: ./.github/actions/setup_environment
       with:
         enable_docker_multibuild: true
-    - name: Download all workflow run artifacts
-      uses: actions/download-artifact@v3
-      with:
-        name: artifact
+    - uses: ./.github/actions/restore_artifacts
     - uses: ./.github/actions/publish_images
       if: inputs.docker_hub_organization != '' && inputs.docker_hub_login != ''
       with:

.github/actions/publish_release/action.yml

@@ -26,10 +26,7 @@ runs:
     - uses: ./.github/actions/setup_environment
       with:
         enable_docker_multibuild: true
-    - name: Download all workflow run artifacts
-      uses: actions/download-artifact@v3
-      with:
-        name: artifact
+    - uses: ./.github/actions/restore_artifacts
     - run: promu crossbuild tarballs
       shell: bash
     - run: promu checksum .tarballs

.github/actions/restore_artifacts/action.yml

@@ -0,0 +1,22 @@
+# Restore artifacts created by save_artifacts.
+# Tar is used because the default actions do not preserve directory structure
+# and file mode.
+name: Restore artifacts
+runs:
+  using: composite
+  steps:
+    - name: Download all workflow run artifacts
+      uses: actions/download-artifact@v3
+      with:
+        name: artifact
+        path: .artifacts
+    - run: |
+        for tar in .artifacts/*.tar
+        do
+          tar xvf $tar
+        done
+        rm -v .artifacts/*.tar
+      shell: bash
+    - uses: actions/upload-artifact@v3
+      with:
+        path: artifact-*.tar

.github/actions/save_artefacts/action.yml

@@ -1,18 +0,0 @@
-# To preserve the directory structure, save an additional empty file at
-# the root of the working directory. GitHub action uses the least common
-# ancestor of all the search paths as the root directory for artefacts.
-name: Save artefacts
-inputs:
-  directory:
-    type: string
-    description: Path of the directory to save
-runs:
-  using: composite
-  steps:
-    - run: touch .keep
-      shell: bash
-    - uses: actions/upload-artifact@v3
-      with:
-        path: |
-          ${{ inputs.directory }}
-          .keep

.github/actions/save_artifacts/action.yml

@@ -0,0 +1,17 @@
+# Tar is used because the default actions do not preserve directory structure
+# and file mode.
+name: Save artifacts
+inputs:
+  directory:
+    type: string
+    description: Path of the directory to save
+runs:
+  using: composite
+  steps:
+    - run: |
+        tar cvf artifact.tar ${{ inputs.directory }}
+        mv artifact.tar artifact-$(sha1sum artifact.tar|awk '{ print $1 }').tar
+      shell: bash
+    - uses: actions/upload-artifact@v3
+      with:
+        path: artifact-*.tar

.github/workflows/ci.yml

@@ -39,7 +39,7 @@ jobs:
       - run: make assets-tarball
       - run: make ui-lint
       - run: make ui-test
-      - uses: ./.github/actions/save_artefacts
+      - uses: ./.github/actions/save_artifacts
         with:
           directory: .tarballs
 
@@ -150,7 +150,7 @@ jobs:
     uses: ./.github/workflows/codeql-analysis.yml
 
   publish_main:
-    name: Publish main branch artefacts
+    name: Publish main branch artifacts
     runs-on: ubuntu-latest
     needs: [test_ui, test_go, test_windows, golangci, codeql, build_all]
     if: github.event_name == 'push' && github.event.ref == 'refs/heads/main'