Artifact created in the same workflow not found

[garysassano]

[dawidd6]

Can't help if you don't show us your workflows.

[garysassano]

These are the main steps:

jobs:
  terraform:
    runs-on: codebuild-gha-${{ github.run_id }}-${{ github.run_attempt }}

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Find current PR
        uses: jwalton/gh-find-current-pr@master
        id: find_pr
        with:
          state: all

      - name: Download workers artifact from current PR
        uses: dawidd6/action-download-artifact@v6
        with:
          name: cloudflare-workers-${{ env.PR_NUMBER || 'manual' }}
          path: worker/dist/
        env:
          PR_NUMBER: ${{ steps.find_pr.outputs.pr }}

The issue at hand is a common one: I want to retrieve an artifact associated with the PR that was merged into the default branch (main). However, identifying the specific PR is challenging, as GitHub doesn’t provide ${{ github.event.number }} context in workflows triggered by a push event. Consequently, I need to determine which PR was merged and retrieve the artifact from that PR. I'm unsure if there’s a simpler approach.

In essence, this workflow is triggered on both pull_request events for feature branches and push events for the main branch (upon merging a PR). I want to ensure that when the PR is merged, it utilizes the most recent artifact generated for that PR.

[dawidd6]

Umm, setting PR_NUMBER environment variable will get you nowhere. I don't know how you came up with this, see the usage section in README.
Set pr input instead.

[garysassano]

Umm, setting PR_NUMBER environment variable

Why? Shouldn't it look for an artifact with matching name in current repository?

Set pr input instead.

The PR has multiple artifacts. How does it know which one to download?

Also, is your action smart enough to find out which was the last PR merged into the default branch (main) so that there's no need to use jwalton/gh-find-current-pr@master action?

[dawidd6]

Probably not smart enough for your use case. Maybe you've build the artifact on a fork?

[garysassano]

My use case is a classic Terraform workflow.

Workflow Overview

1. The workflow initially runs on a pull_request event, executing the terraform plan command to generate a GitHub Actions artifact with the plan.
2. Once the PR is merged, the workflow re-runs on a push event, retrieving the Terraform plan artifact from the merged PR workflow and executing the terraform apply command with it.

This solution is implemented by the DevSecTop/TF-via-PR action.

Custom Workflow Requirement

In my workflow, an additional step builds Cloudflare Workers, generating an artifact that is then passed to a Terraform module as an input.

After the PR is approved and merged, there's no need to rebuild the Cloudflare Workers. Instead, we want to:

1. Retrieve the existing Cloudflare Workers artifact from the merged PR workflow.
2. Feed this artifact directly into the devsectop/tf-via-pr action, which will then apply the plan without needing to re-run the build step.

This approach optimizes the workflow by reusing the approved artifact, similar to how the devsectop/tf-via-pr action retrieves the Terraform plan. This is crucial because it ensures that what you deploy is exactly what was approved in the PR. Rebuilding after the merge could introduce unexpected changes or errors.

[dawidd6]

Try allow_forks: true.