Catch and log unhandled exceptions stemming from closed file descriptor (#596)

This commit applies the suggestion from The Cargo Book:
https://doc.rust-lang.org/cargo/guide/cargo-home.html#caching-the-cargo-home-in-ci

.gitattributes

@@ -0,0 +1 @@
+.licenses/** -diff linguist-generated=true

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @actions/artifacts-actions

.github/workflows/licensed.yml

@@ -0,0 +1,20 @@
+name: Licensed
+
+on:
+  push: {branches: main}
+  pull_request: {branches: main}
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    name: Check licenses
+    steps:
+      - uses: actions/checkout@v2
+      - run: npm ci
+      - name: Install licensed
+        run: |
+          cd $RUNNER_TEMP
+          curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/2.12.2/licensed-2.12.2-linux-x64.tar.gz
+          sudo tar -xzf licensed.tar.gz
+          sudo mv licensed /usr/local/bin/licensed
+      - run: licensed status

.licensed.yml

@@ -0,0 +1,16 @@
+sources:
+  npm: true
+
+allowed:
+  - apache-2.0
+  - bsd-2-clause
+  - bsd-3-clause
+  - isc
+  - mit
+  - cc0-1.0
+  - unlicense
+  - 0bsd
+
+reviewed:
+  npm:
+  - sax

CONTRIBUTING.md

@@ -27,6 +27,10 @@ Here are a few things you can do that will increase the likelihood of your pull
 - Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
 - Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
 
+## Licensed
+
+This repository uses a tool called [Licensed](https://github.com/github/licensed) to verify third party dependencies. You may need to locally install licensed and run `licensed cache` to update the dependency cache if you install or update a production dependency. If licensed cache is unable to determine the dependency, you may need to modify the cache file yourself to put the correct license. You should still verify the dependency, licensed is a tool to help, but is not a substitute for human review of dependencies.
+
 ## Resources
 
 - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)

README.md

@@ -19,7 +19,6 @@ See ["Caching dependencies to speed up workflows"](https://help.github.com/githu
     path: |
       ~/cache
       !~/cache/exclude
-      **/node_modules
     key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
 ```
 
@@ -100,6 +99,7 @@ See [Examples](examples.md) for a list of `actions/cache` implementations for us
 - [OCaml/Reason - esy](./examples.md#ocamlreason---esy)
 - [PHP - Composer](./examples.md#php---composer)
 - [Python - pip](./examples.md#python---pip)
+- [Python - pipenv](./examples.md#python---pipenv)
 - [R - renv](./examples.md#r---renv)
 - [Ruby - Bundler](./examples.md#ruby---bundler)
 - [Rust - Cargo](./examples.md#rust---cargo)

__tests__/actionUtils.test.ts

@@ -17,6 +17,24 @@ afterEach(() => {
     delete process.env[RefKey];
 });
 
+test("isGhes returns true if server url is not github.com", () => {
+    try {
+        process.env["GITHUB_SERVER_URL"] = "http://example.com";
+        expect(actionUtils.isGhes()).toBe(true);
+    } finally {
+        process.env["GITHUB_SERVER_URL"] = undefined;
+    }
+});
+
+test("isGhes returns true when server url is github.com", () => {
+    try {
+        process.env["GITHUB_SERVER_URL"] = "http://github.com";
+        expect(actionUtils.isGhes()).toBe(false);
+    } finally {
+        process.env["GITHUB_SERVER_URL"] = undefined;
+    }
+});
+
 test("isExactKeyMatch with undefined cache key returns false", () => {
     const key = "linux-rust";
     const cacheKey = undefined;
@@ -194,3 +212,23 @@ test("getInputAsArray handles empty lines correctly", () => {
     testUtils.setInput("foo", "\n\nbar\n\nbaz\n\n");
     expect(actionUtils.getInputAsArray("foo")).toEqual(["bar", "baz"]);
 });
+
+test("getInputAsInt returns undefined if input not set", () => {
+    expect(actionUtils.getInputAsInt("undefined")).toBeUndefined();
+});
+
+test("getInputAsInt returns value if input is valid", () => {
+    testUtils.setInput("foo", "8");
+    expect(actionUtils.getInputAsInt("foo")).toBe(8);
+});
+
+test("getInputAsInt returns undefined if input is invalid or NaN", () => {
+    testUtils.setInput("foo", "bar");
+    expect(actionUtils.getInputAsInt("foo")).toBeUndefined();
+});
+
+test("getInputAsInt throws if required and value missing", () => {
+    expect(() =>
+        actionUtils.getInputAsInt("undefined", { required: true })
+    ).toThrowError();
+});

__tests__/restore.test.ts

@@ -32,6 +32,8 @@ beforeAll(() => {
 beforeEach(() => {
     process.env[Events.Key] = Events.Push;
     process.env[RefKey] = "refs/heads/feature-branch";
+
+    jest.spyOn(actionUtils, "isGhes").mockImplementation(() => false);
 });
 
 afterEach(() => {
@@ -53,6 +55,23 @@ test("restore with invalid event outputs warning", async () => {
     expect(failedMock).toHaveBeenCalledTimes(0);
 });
 
+test("restore on GHES should no-op", async () => {
+    jest.spyOn(actionUtils, "isGhes").mockImplementation(() => true);
+
+    const logWarningMock = jest.spyOn(actionUtils, "logWarning");
+    const restoreCacheMock = jest.spyOn(cache, "restoreCache");
+    const setCacheHitOutputMock = jest.spyOn(actionUtils, "setCacheHitOutput");
+
+    await run();
+
+    expect(restoreCacheMock).toHaveBeenCalledTimes(0);
+    expect(setCacheHitOutputMock).toHaveBeenCalledTimes(1);
+    expect(setCacheHitOutputMock).toHaveBeenCalledWith(false);
+    expect(logWarningMock).toHaveBeenCalledWith(
+        "Cache action is not supported on GHES"
+    );
+});
+
 test("restore with no path should fail", async () => {
     const failedMock = jest.spyOn(core, "setFailed");
     const restoreCacheMock = jest.spyOn(cache, "restoreCache");

__tests__/save.test.ts

@@ -27,6 +27,14 @@ beforeAll(() => {
         }
     );
 
+    jest.spyOn(actionUtils, "getInputAsInt").mockImplementation(
+        (name, options) => {
+            return jest
+                .requireActual("../src/utils/actionUtils")
+                .getInputAsInt(name, options);
+        }
+    );
+
     jest.spyOn(actionUtils, "isExactKeyMatch").mockImplementation(
         (key, cacheResult) => {
             return jest
@@ -44,6 +52,8 @@ beforeAll(() => {
 beforeEach(() => {
     process.env[Events.Key] = Events.Push;
     process.env[RefKey] = "refs/heads/feature-branch";
+
+    jest.spyOn(actionUtils, "isGhes").mockImplementation(() => false);
 });
 
 afterEach(() => {
@@ -91,6 +101,20 @@ test("save with no primary key in state outputs warning", async () => {
     expect(failedMock).toHaveBeenCalledTimes(0);
 });
 
+test("save on GHES should no-op", async () => {
+    jest.spyOn(actionUtils, "isGhes").mockImplementation(() => true);
+
+    const logWarningMock = jest.spyOn(actionUtils, "logWarning");
+    const saveCacheMock = jest.spyOn(cache, "saveCache");
+
+    await run();
+
+    expect(saveCacheMock).toHaveBeenCalledTimes(0);
+    expect(logWarningMock).toHaveBeenCalledWith(
+        "Cache action is not supported on GHES"
+    );
+});
+
 test("save with exact match returns early", async () => {
     const infoMock = jest.spyOn(core, "info");
     const failedMock = jest.spyOn(core, "setFailed");
@@ -177,7 +201,11 @@ test("save with large cache outputs warning", async () => {
     await run();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
-    expect(saveCacheMock).toHaveBeenCalledWith([inputPath], primaryKey);
+    expect(saveCacheMock).toHaveBeenCalledWith(
+        [inputPath],
+        primaryKey,
+        expect.anything()
+    );
 
     expect(logWarningMock).toHaveBeenCalledTimes(1);
     expect(logWarningMock).toHaveBeenCalledWith(
@@ -220,7 +248,11 @@ test("save with reserve cache failure outputs warning", async () => {
     await run();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
-    expect(saveCacheMock).toHaveBeenCalledWith([inputPath], primaryKey);
+    expect(saveCacheMock).toHaveBeenCalledWith(
+        [inputPath],
+        primaryKey,
+        expect.anything()
+    );
 
     expect(infoMock).toHaveBeenCalledWith(
         `Unable to reserve cache with key ${primaryKey}, another job may be creating this cache.`
@@ -258,7 +290,11 @@ test("save with server error outputs warning", async () => {
     await run();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
-    expect(saveCacheMock).toHaveBeenCalledWith([inputPath], primaryKey);
+    expect(saveCacheMock).toHaveBeenCalledWith(
+        [inputPath],
+        primaryKey,
+        expect.anything()
+    );
 
     expect(logWarningMock).toHaveBeenCalledTimes(1);
     expect(logWarningMock).toHaveBeenCalledWith("HTTP Error Occurred");
@@ -284,6 +320,7 @@ test("save with valid inputs uploads a cache", async () => {
 
     const inputPath = "node_modules";
     testUtils.setInput(Inputs.Path, inputPath);
+    testUtils.setInput(Inputs.UploadChunkSize, "4000000");
 
     const cacheId = 4;
     const saveCacheMock = jest
@@ -295,7 +332,9 @@ test("save with valid inputs uploads a cache", async () => {
     await run();
 
     expect(saveCacheMock).toHaveBeenCalledTimes(1);
-    expect(saveCacheMock).toHaveBeenCalledWith([inputPath], primaryKey);
+    expect(saveCacheMock).toHaveBeenCalledWith([inputPath], primaryKey, {
+        uploadChunkSize: 4000000
+    });
 
     expect(failedMock).toHaveBeenCalledTimes(0);
 });

action.yml

@@ -11,6 +11,9 @@ inputs:
   restore-keys:
     description: 'An ordered list of keys to use for restoring the cache if no cache hit occurred for key'
     required: false
+  upload-chunk-size:
+    description: 'The chunk size used to split up large files during upload, in bytes'
+    required: false
 outputs:
   cache-hit:
     description: 'A boolean value to indicate an exact match was found for the primary key'

examples.md

@@ -19,12 +19,13 @@
   - [PHP - Composer](#php---composer)
   - [Python - pip](#python---pip)
     - [Simple example](#simple-example)
-    - [Multiple OS's in a workflow](#multiple-oss-in-a-workflow)
+    - [Multiple OSes in a workflow](#multiple-oss-in-a-workflow)
     - [Using pip to get cache location](#using-pip-to-get-cache-location)
     - [Using a script to get cache location](#using-a-script-to-get-cache-location)
+  - [Python - pipenv](#python---pipenv)
   - [R - renv](#r---renv)
     - [Simple example](#simple-example-1)
-    - [Multiple OS's in a workflow](#multiple-oss-in-a-workflow-1)
+    - [Multiple OSes in a workflow](#multiple-oss-in-a-workflow-1)
   - [Ruby - Bundler](#ruby---bundler)
   - [Rust - Cargo](#rust---cargo)
   - [Scala - SBT](#scala---sbt)
@@ -96,11 +97,14 @@ steps:
 ```
 
 ## Elixir - Mix
+
 ```yaml
 - uses: actions/cache@v2
   with:
-    path: deps
-    key: ${{ runner.os }}-mix-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
+    path: |
+      deps
+      _build
+    key: ${{ runner.os }}-mix-${{ hashFiles('**/mix.lock') }}
     restore-keys: |
       ${{ runner.os }}-mix-
 ```
@@ -133,13 +137,15 @@ We cache the elements of the Cabal store separately, as the entirety of `~/.caba
 
 ## Java - Gradle
 
+>Note: Ensure no Gradle daemons are running anymore when your workflow completes. Creating the cache package might fail due to locks being held by Gradle. Refer to the [Gradle Daemon documentation](https://docs.gradle.org/current/userguide/gradle_daemon.html) on how to disable or stop the Gradle Daemons.
+
 ```yaml
 - uses: actions/cache@v2
   with:
     path: |
       ~/.gradle/caches
       ~/.gradle/wrapper
-    key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
+    key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
     restore-keys: |
       ${{ runner.os }}-gradle-
 ```
@@ -194,12 +200,13 @@ If using `npm config` to retrieve the cache directory, ensure you run [actions/s
 
 ```yaml
 - name: Get npm cache directory
-  id: npm-cache
+  id: npm-cache-dir
   run: |
     echo "::set-output name=dir::$(npm config get cache)"
 - uses: actions/cache@v2
+  id: npm-cache # use this to check for `cache-hit` ==> if: steps.npm-cache.outputs.cache-hit != 'true'
   with:
-    path: ${{ steps.npm-cache.outputs.dir }}
+    path: ${{ steps.npm-cache-dir.outputs.dir }}
     key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
     restore-keys: |
       ${{ runner.os }}-node-
@@ -344,6 +351,31 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
       ${{ runner.os }}-pip-
 ```
 
+### Multiple OS's in a workflow with a matrix
+
+``` yaml
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+        include:
+        - os: ubuntu-latest
+          path: ~/.cache/pip
+        - os: macos-latest
+          path: ~/Library/Caches/pip
+        - os: windows-latest
+          path: ~\AppData\Local\pip\Cache
+    steps:
+    - uses: actions/cache@v2
+      with:
+        path: ${{ matrix.path }}
+        key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
+        restore-keys: |
+         ${{ runner.os }}-pip-
+```
+
 ### Using pip to get cache location
 
 > Note: This requires pip 20.1+
@@ -362,21 +394,15 @@ Replace `~/.cache/pip` with the correct `path` if not using Ubuntu.
       ${{ runner.os }}-pip-
 ```
 
-### Using a script to get cache location
+## Python - pipenv
 
-> Note: This uses an internal pip API and may not always work
 ```yaml
-- name: Get pip cache dir
-  id: pip-cache
-  run: |
-    python -c "from pip._internal.locations import USER_CACHE_DIR; print('::set-output name=dir::' + USER_CACHE_DIR)"
-
 - uses: actions/cache@v2
   with:
-    path: ${{ steps.pip-cache.outputs.dir }}
-    key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
+    path: ~/.local/share/virtualenvs
+    key: ${{ runner.os }}-pipenv-${{ hashFiles('Pipfile.lock') }}
     restore-keys: |
-      ${{ runner.os }}-pip-
+      ${{ runner.os }}-pipenv-
 ```
 
 ## R - renv
@@ -430,21 +456,18 @@ Replace `~/.local/share/renv` with the correct `path` if not using Ubuntu.
 
 ## Ruby - Bundler
 
-```yaml
-- uses: actions/cache@v2
-  with:
-    path: vendor/bundle
-    key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
-    restore-keys: |
-      ${{ runner.os }}-gems-
-```
-When dependencies are installed later in the workflow, we must specify the same path for the bundler.
+Caching gems with Bundler correctly is not trivial and just using `actions/cache`
+is [not enough](https://github.com/ruby/setup-ruby#caching-bundle-install-manually).
+
+Instead, it is recommended to use `ruby/setup-ruby`'s
+[`bundler-cache: true` option](https://github.com/ruby/setup-ruby#caching-bundle-install-automatically)
+whenever possible:
 
 ```yaml
-- name: Bundle install
-  run: |
-    bundle config path vendor/bundle
-    bundle install --jobs 4 --retry 3
+- uses: ruby/setup-ruby@v1
+  with:
+    ruby-version: ...
+    bundler-cache: true
 ```
 
 ## Rust - Cargo
@@ -453,9 +476,11 @@ When dependencies are installed later in the workflow, we must specify the same
 - uses: actions/cache@v2
   with:
     path: |
-      ~/.cargo/registry
-      ~/.cargo/git
-      target
+      ~/.cargo/bin/
+      ~/.cargo/registry/index/
+      ~/.cargo/registry/cache/
+      ~/.cargo/git/db/
+      target/
     key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
 ```
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cache",
-  "version": "2.1.1",
+  "version": "2.1.6",
   "private": true,
   "description": "Cache dependencies and build outputs",
   "main": "dist/restore/index.js",
@@ -23,29 +23,29 @@
   "author": "GitHub",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.2.0",
+    "@actions/cache": "^1.0.7",
+    "@actions/core": "^1.2.6",
     "@actions/exec": "^1.0.1",
-    "@actions/io": "^1.0.1",
-    "@actions/cache": "^1.0.2"
+    "@actions/io": "^1.1.0"
   },
   "devDependencies": {
     "@types/jest": "^24.0.13",
     "@types/nock": "^11.1.0",
-    "@types/node": "^12.0.4",
+    "@types/node": "^12.20.7",
     "@typescript-eslint/eslint-plugin": "^2.7.0",
     "@typescript-eslint/parser": "^2.7.0",
     "@zeit/ncc": "^0.20.5",
     "eslint": "^6.6.0",
-    "eslint-config-prettier": "^6.5.0",
-    "eslint-plugin-import": "^2.18.2",
-    "eslint-plugin-jest": "^23.0.3",
-    "eslint-plugin-prettier": "^3.1.1",
+    "eslint-config-prettier": "^6.15.0",
+    "eslint-plugin-import": "^2.22.1",
+    "eslint-plugin-jest": "^23.20.0",
+    "eslint-plugin-prettier": "^3.3.1",
     "eslint-plugin-simple-import-sort": "^5.0.2",
     "jest": "^24.8.0",
     "jest-circus": "^24.7.1",
     "nock": "^11.7.0",
     "prettier": "^1.19.1",
-    "ts-jest": "^24.0.2",
-    "typescript": "^3.7.3"
+    "ts-jest": "^26.5.4",
+    "typescript": "^3.9.9"
   }
 }

src/constants.ts

@@ -1,7 +1,8 @@
 export enum Inputs {
     Key = "key",
     Path = "path",
-    RestoreKeys = "restore-keys"
+    RestoreKeys = "restore-keys",
+    UploadChunkSize = "upload-chunk-size"
 }
 
 export enum Outputs {

src/restore.ts

@@ -6,6 +6,12 @@ import * as utils from "./utils/actionUtils";
 
 async function run(): Promise<void> {
     try {
+        if (utils.isGhes()) {
+            utils.logWarning("Cache action is not supported on GHES");
+            utils.setCacheHitOutput(false);
+            return;
+        }
+
         // Validate inputs, this can cause task failure
         if (!utils.isValidEvent()) {
             utils.logWarning(

src/save.ts

@@ -4,8 +4,18 @@ import * as core from "@actions/core";
 import { Events, Inputs, State } from "./constants";
 import * as utils from "./utils/actionUtils";
 
+// Catch and log any unhandled exceptions.  These exceptions can leak out of the uploadChunk method in
+// @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
+// throw an uncaught exception.  Instead of failing this action, just warn.
+process.on("uncaughtException", e => utils.logWarning(e.message));
+
 async function run(): Promise<void> {
     try {
+        if (utils.isGhes()) {
+            utils.logWarning("Cache action is not supported on GHES");
+            return;
+        }
+
         if (!utils.isValidEvent()) {
             utils.logWarning(
                 `Event Validation Error: The event type ${
@@ -36,7 +46,10 @@ async function run(): Promise<void> {
         });
 
         try {
-            await cache.saveCache(cachePaths, primaryKey);
+            await cache.saveCache(cachePaths, primaryKey, {
+                uploadChunkSize: utils.getInputAsInt(Inputs.UploadChunkSize)
+            });
+            core.info(`Cache saved with key: ${primaryKey}`);
         } catch (error) {
             if (error.name === cache.ValidationError.name) {
                 throw error;

src/utils/actionUtils.ts

@@ -2,6 +2,13 @@ import * as core from "@actions/core";
 
 import { Outputs, RefKey, State } from "../constants";
 
+export function isGhes(): boolean {
+    const ghUrl = new URL(
+        process.env["GITHUB_SERVER_URL"] || "https://github.com"
+    );
+    return ghUrl.hostname.toUpperCase() !== "GITHUB.COM";
+}
+
 export function isExactKeyMatch(key: string, cacheKey?: string): boolean {
     return !!(
         cacheKey &&
@@ -56,3 +63,14 @@ export function getInputAsArray(
         .map(s => s.trim())
         .filter(x => x !== "");
 }
+
+export function getInputAsInt(
+    name: string,
+    options?: core.InputOptions
+): number | undefined {
+    const value = parseInt(core.getInput(name, options));
+    if (isNaN(value) || value < 0) {
+        return undefined;
+    }
+    return value;
+}

src/utils/testUtils.ts

@@ -26,4 +26,5 @@ export function clearInputs(): void {
     delete process.env[getInputName(Inputs.Path)];
     delete process.env[getInputName(Inputs.Key)];
     delete process.env[getInputName(Inputs.RestoreKeys)];
+    delete process.env[getInputName(Inputs.UploadChunkSize)];
 }