GitHub Workflow Actions Workaround Explained

This article delves into a workaround for limitations encountered with GitHub workflow actions, specifically addressing the issue discussed in GitHub Community Discussions #38659. This workaround is implemented in the hoverkraft-tech/ci-github-container repository, version 6.0.0, and is crucial for managing job outputs within matrix builds. Let's explore the problem, the solution, and the code involved.

Understanding the Challenge with Workflow Actions

When working with GitHub Actions, particularly in complex workflows involving matrices, a common challenge arises when trying to pass outputs between jobs. GitHub Actions' native job outputs are not designed to handle the dynamic nature of matrix builds effectively. This means that if you have a matrix strategy that generates multiple jobs, each producing its own outputs, aggregating and using these outputs in subsequent jobs can become problematic. This limitation is a significant hurdle for workflows that require collecting information from multiple parallel jobs and using it in a consolidated manner.

GitHub Discussions #38659 highlights this issue, where developers have expressed the need for a more robust mechanism to handle job outputs in matrix scenarios. The core problem is that the standard outputs feature in GitHub Actions is not well-suited for dynamic and variable outputs generated by matrix jobs. Each job in a matrix might produce a different set of outputs, and there's no built-in way to easily collect and process these diverse outputs. This lack of native support necessitates workarounds to achieve the desired outcome.

For instance, consider a workflow that builds Docker images for multiple architectures using a matrix strategy. Each job in the matrix builds an image for a specific architecture, and we need to collect the information about all built images to push them to a registry in a final job. Without a proper mechanism to handle matrix job outputs, this becomes a cumbersome task. The workaround described in this article addresses this specific use case, providing a practical solution to the problem.

The Workaround: A Deep Dive

To circumvent the limitations of GitHub Actions' job outputs in matrix builds, the hoverkraft-tech/ci-github-container repository employs a clever workaround. This approach involves writing the outputs of each matrix job to a file, which is then uploaded as an artifact. Subsequent jobs can download this artifact and read the file to access the aggregated outputs. This method provides a reliable way to pass information between jobs, even in complex matrix scenarios.

The workaround can be broken down into the following key steps:

1. Set Matrix Output: In each matrix job, the hoverkraft-tech/ci-github-common/actions/set-matrix-output action is used to write the job's output to a file. This action takes two main inputs:

   • artifact-name: The name of the artifact to which the output will be associated.
   • value: The output value that needs to be stored.

   This step is crucial as it ensures that each job's output is captured and stored in a persistent manner.

2. Upload Artifact: The file containing the job outputs is uploaded as an artifact. Artifacts are files that can be associated with a workflow run and downloaded by other jobs or users. By uploading the output file as an artifact, it becomes accessible to subsequent jobs in the workflow.

3. Download Artifact: In a subsequent job that needs to access the aggregated outputs, the artifact is downloaded. GitHub Actions provides actions for downloading artifacts, making this step straightforward.

4. Read Output File: Once the artifact is downloaded, the job can read the file to retrieve the outputs from all the matrix jobs. This typically involves parsing the file content, which might be in JSON or another structured format.

This entire process allows for effective communication between jobs in a matrix build, overcoming the limitations of native job outputs. The next section will examine the specific code snippet that implements this workaround in the hoverkraft-tech/ci-github-container repository.

Code Walkthrough: Implementing the Workaround

Let's examine the code snippet from hoverkraft-tech/ci-github-container that implements the workflow actions workaround. This snippet is taken from the docker-build-images.yml workflow file, specifically lines 439-440:

# FIXME: Set built images infos in file to be uploaded as artifacts, because github action does not handle job outputs for matrix
# https://github.com/orgs/community/discussions/26639
- uses: hoverkraft-tech/ci-github-common/actions/set-matrix-output@1127e708e4072515056a4b0d26bcb0653646cedc # 0.30.0
  with:
    artifact-name: ${{ needs.prepare-variables.outputs.artifact-name }}
    value: ${{ steps.build.outputs.built-image }}

# FIXME: This is a workaround for having workflow actions. See https://github.com/orgs/community/discussions/38659
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
  if: always() && steps.oidc.outputs.job_workflow_repo_name_and_owner
  with:
    path: ./self-workflow

The first block of code addresses the matrix output issue directly. It uses the hoverkraft-tech/ci-github-common/actions/set-matrix-output action to store the output of a job in a file that will be uploaded as an artifact. Let's break down the key components:

• uses: hoverkraft-tech/ci-github-common/actions/set-matrix-output@1127e708e4072515056a4b0d26bcb0653646cedc: This line specifies the action being used. It references a custom action (set-matrix-output) from the hoverkraft-tech/ci-github-common repository at a specific commit (1127e708e4072515056a4b0d26bcb0653646cedc). Pinning actions to specific commits is a best practice for ensuring workflow stability and reproducibility.
• with:: This section defines the inputs to the action.
  • artifact-name: ${{ needs.prepare-variables.outputs.artifact-name }}: This sets the name of the artifact. It uses the output artifact-name from the prepare-variables job (specified using needs.prepare-variables.outputs.artifact-name). This dynamic naming allows for flexibility in how artifacts are organized and managed.
  • value: ${{ steps.build.outputs.built-image }}: This sets the value to be stored in the artifact. It uses the output built-image from the build step within the current job. This is where the actual output of the matrix job (in this case, information about the built Docker image) is captured.

This code snippet effectively captures the output of each matrix job and stores it in a file associated with a dynamically named artifact. Subsequent jobs can then download this artifact to access the output. This is the core of the workaround for the GitHub Actions matrix output limitation.

The second block of code addresses a different aspect of workflow actions, specifically the ability to trigger workflows from within other workflows. This is a workaround for a limitation in GitHub Actions related to triggering workflows based on events within the workflow itself. The code snippet checks out the repository containing the workflow definition:

• uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3: This line uses the standard actions/checkout action to checkout the repository. The action is pinned to version v6.0.0 for stability.
• if: always() && steps.oidc.outputs.job_workflow_repo_name_and_owner: This condition ensures that the checkout happens only if the oidc step has successfully determined the repository name and owner. The always() condition ensures that the checkout happens even if previous steps have failed, which is important for debugging and cleanup.
• with:: This section defines the inputs to the action.
  • path: ./self-workflow: This specifies the path where the repository should be checked out. In this case, it's checked out to the ./self-workflow directory. This allows the workflow to access its own definition, which can be useful for triggering other workflows or performing other self-referential operations.

This second part of the workaround is less directly related to the matrix output issue but addresses another limitation in GitHub Actions. By checking out the workflow repository, the workflow can interact with its own definition and potentially trigger other workflows based on events within the current workflow.

Implications and Best Practices

The workaround implemented in hoverkraft-tech/ci-github-container provides a valuable solution to the limitations of GitHub Actions job outputs in matrix builds. However, it's essential to consider the implications and best practices when using this approach.

• Artifact Management: Artifacts consume storage space, and it's crucial to manage them effectively. Consider setting appropriate retention policies for artifacts to prevent excessive storage usage. Regularly review and delete old artifacts that are no longer needed.
• Data Serialization: The output values stored in the artifact need to be serialized into a format that can be written to a file and parsed by subsequent jobs. JSON is a common choice for this, but other formats like YAML or even simple text files can be used. Choose a format that is efficient and easy to work with in your workflow.
• Error Handling: Ensure that your workflow includes proper error handling for scenarios where the artifact might not be available or the output file cannot be read. Implement checks and fallback mechanisms to handle these situations gracefully.
• Alternative Solutions: While this workaround is effective, it's worth considering alternative solutions if the complexity of your workflow increases significantly. GitHub Actions is continuously evolving, and new features or actions might provide more native ways to handle matrix outputs in the future. Stay updated with the latest developments in GitHub Actions.

Conclusion

The workaround implemented in hoverkraft-tech/ci-github-container demonstrates a practical approach to overcoming the limitations of GitHub Actions job outputs in matrix builds. By writing outputs to files and using artifacts, workflows can effectively communicate between jobs and aggregate information from parallel tasks. This technique is particularly valuable in scenarios where matrix builds generate dynamic and variable outputs that need to be processed in subsequent steps.

By understanding the problem, the solution, and the code involved, developers can leverage this workaround to build more robust and flexible GitHub Actions workflows. However, it's crucial to consider the implications and best practices to ensure efficient artifact management, proper data serialization, and effective error handling. As GitHub Actions continues to evolve, it's also essential to stay informed about alternative solutions that might provide more native ways to handle matrix outputs.

For more information on GitHub Actions and workflow best practices, visit the official GitHub Actions documentation. This resource provides comprehensive guidance on using GitHub Actions effectively and staying up-to-date with the latest features and capabilities.