feat: use download-artifact instead of manually downloading it

This should hopefully work on private repos too!

.forgejo/workflows/check.yml

@@ -35,6 +35,7 @@ jobs:
           comment-on-pr: ${{ github.ref_name != 'main' }}
           # Generate artifacts on main (to speed up comparisons)
           generate-artifact: ${{ github.ref_name == 'main' }}
+          github-token: ${{ secrets.ARTIFACT_TOKEN }}
           # Generate comparisons to main
           do-comparison: 'true'
           # This job's name (so we can find the artifacts)

action.yml

@@ -39,6 +39,8 @@ inputs:
   artifact-name:
     description: The name of the generated artifact.
     default: report.json
+  github-token:
+    description: A github token with read permissions for this repository, required if do-comparison is 'true'
   # Comparison Report (comment only)
   do-comparison:
     description: |
@@ -110,6 +112,46 @@ runs:
         issue-number: ${{ steps.pr-number.outputs.pr-number }}
         direction: first
         body-includes: "<!-- AUTOGENERATED by nix-flake-outputs-size action -->"
+    - name: Find previous run on base-branch
+      # Only run when doing comparisons
+      if: inputs.do-comparison == 'true'
+      id: previous-report
+      continue-on-error: true
+      env:
+        BASE_BRANCH: ${{ inputs.base-branch }}
+        JOB_NAME: ${{ inputs.job-name }}
+        ARTIFACT_NAME: ${{ inputs.artifact-name }}
+      run: |
+        . "${GITHUB_ACTION_PATH}/utils.sh"
+
+        # Determine the default branch of this repo
+        default_branch() {
+          curl -X GET \
+            -H "Authorization: token $GITHUB_TOKEN" \
+            -H 'Accept: application/json' \
+            "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY" |
+            jq --raw-output '.default_branch'
+        }
+
+        run_id=$(curl -X 'GET' \
+          "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/actions/tasks" \
+          -H "Authorization: token $GITHUB_TOKEN" \
+          -H 'Accept: application/json' |
+          jq --raw-output \
+            --arg name "$JOB_NAME" \
+            --arg head_branch "${BASE_BRANCH:-$(default_branch)}" \
+            '[.workflow_runs[] | select(.name == $name and .head_branch == $head_branch)] | first | .id')
+
+        echo "run-id=$run_id" >> "$GITHUB_OUTPUT"
+        log Would try to download "$ARTIFACT_NAME" from "$run_id"
+    - name: Download previous report
+      uses: https://git.salame.cl/actions/download-artifact@d8d0a99033603453ad2255e58720b460a0555e1e # v4
+      # Ensure the previous step succeeded
+      if: steps.previous-report.outcome == 'success'
+      with:
+        name: ${{ inputs.artifact-name }}
+        github-token: ${{ inputs.github-token }}
+        run-id: ${{ steps.previous-report.run-id }}
     - name: Create report
       if: inputs.comment-on-pr == 'true' || inputs.generate-artifact == 'true'
       env:
@@ -129,6 +171,9 @@ runs:
           exit 1
         fi
 
+        # move old report so it doesn't clash with the new report
+        [ -f report.json ] && mv report.json old-report.json
+
         # Create Size Report
         "$GITHUB_ACTION_PATH/create-report.sh" > report.json
 
@@ -137,7 +182,7 @@ runs:
 
         # Try to do a comparison report
         if [ "$DO_COMPARISON" = 'true' ]; then
-          if "$GITHUB_ACTION_PATH/retrieve-old-report.sh" && [ -f old-report.json ]; then
+          if [ -f old-report.json ]; then
             log "Reporting on sizes and comparing to sizes in $HEAD_BRANCH"
 
             "$GITHUB_ACTION_PATH/comment_on_pr.sh" report.json old-report.json

retrieve-old-report.sh

@@ -1,79 +0,0 @@
-#!/bin/sh
-
-. "${GITHUB_ACTION_PATH}/utils.sh"
-
-repo_info() {
-  curl -X GET \
-    -H "Authorization: token $GITHUB_TOKEN" \
-    -H 'Accept: application/json' \
-    "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY"
-}
-
-in_private_repo() {
-  test "$(repo_info | jq --raw-output '.private')" = 'true'
-}
-
-default_branch() {
-  repo_info | jq --raw-output '.default_branch'
-}
-
-# USAGE: base_report_url <BASE_BRANCH>
-base_report_url() {
-  curl -X 'GET' \
-    "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/actions/tasks" \
-    -H "Authorization: token $GITHUB_TOKEN" \
-    -H 'Accept: application/json' |
-    jq --raw-output \
-      --arg name "$JOB_NAME" \
-      --arg head_branch "$1" \
-      '[.workflow_runs[] | select(.name == $name and .head_branch == $head_branch)] | first | .url'
-}
-
-# USAGE: has_report <REPORT_URL>
-has_report() {
-  http_code=$(curl -X 'GET' -o /dev/null --silent -Iw '%{http_code}' \
-    "$1" -H "Authorization: token $GITHUB_TOKEN")
-  log "Got code $http_code for $1"
-  test "$http_code" = '200'
-}
-
-# If a base branch is not provided, use the default branch
-base_branch=${BASE_BRANCH:-$(default_branch)}
-
-if [ "$(in_private_repo)" != 'true' ] && [ "$JOB_NAME" ]; then
-  url=$(base_report_url "$base_branch")
-
-  log "Found previous run at: $url"
-  report_url="$url/artifacts/$ARTIFACT_NAME"
-
-  if has_report "$report_url"; then
-    log 'Found previous report, downloading...'
-    curl -X 'GET' \
-      "$report_url" \
-      -H "Authorization: token $GITHUB_TOKEN" |
-      gunzip >old-report.json
-    log "Reporting on sizes and comparing to sizes in $base_branch"
-    exit 0
-  fi
-  error "Failed to find previous report, expected at: $report_url"
-fi
-
-warn "Couldn't retrieve old report:"
-warn '    This usuially happens when running on private repos'
-warn '    or when job-name is not set.'
-warn
-warn '    See the README for more details'
-
-error "Falling back to slow method (checkout $base_branch and generate the report)"
-
-old=$(mktemp -d)
-group "Download files from $base_branch"
-curl -X 'GET' \
-  "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/archive/$base_branch.tar.gz" \
-  -H "Authorization: token $GITHUB_TOKEN" |
-  tar -zvx --strip-components=1 -C "$old"
-endgroup
-
-(cd "$old" && "$GITHUB_ACTION_PATH/create-report.sh") >old-report.json
-
-exit 0