Commit graph

656 commits

Author SHA1 Message Date
Ikko Ashimine
108e3e0d51
Update README.md (#1260)
Github -> GitHub

Co-authored-by: Casey Lee <caseypl@amazon.com>
2022-07-25 12:24:40 +00:00
Robert Kowalski
1a71c52ef3
lint: add ReadHeaderTimeout (#1277)
currently build fail with:

```
run golangci-lint
  Running [/home/runner/golangci-lint-1.47.0-linux-amd64/golangci-lint run --out-format=github-actions] in [] ...
  Error: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
```

for example in this PR:
https://github.com/nektos/act/runs/7405009660?check_suite_focus=true

this sets the required ReadHeaderTimeout
2022-07-25 12:12:48 +00:00
Markus Wolf
409446211f
fix: the number in the github event is of type number (#1252)
* fix: the number in the github event is of type number

The go %s formattig option outputs the type if the given
input value is not of type string.

* test: update test data as well

* fix: use floats
2022-07-12 11:36:53 +00:00
John OConnor
a5ceb54caf
only perform chown operation for non root users (#1250) 2022-07-08 22:39:42 +00:00
Hisham Muhammad
91296bd5eb
fix: allow TimeoutMinutes to be expression in Jobs (#1247)
This change stops act from rejecting valid entries such as

```
    timeout-minutes: ${{ matrix.runtime == 'v8' && 30 || 15 }}
```

at the job level.

This change complements the fix that was already in place
for the Step struct, done in #1217. See:

52f5c4592c

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-07-08 00:31:19 +00:00
R
e70b968924
fix: use docker images from dockerhub (#1249) 2022-07-08 00:21:51 +00:00
Eunsub LEE
aea17b1aa6
Improve --eventpath example command (#1243) 2022-07-06 04:38:11 +00:00
Muhammad Hammad
6837307212
Improve docs for events inputs (#1238)
* Added documentation on how to pass inputs for workflows that require them

* Added the correct command to trigger the workflow

Co-authored-by: Casey Lee <caseypl@amazon.com>
2022-07-05 19:05:05 +00:00
dependabot[bot]
4d9d6ecc92
build(deps): bump github.com/rhysd/actionlint from 1.6.14 to 1.6.15 (#1239)
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint) from 1.6.14 to 1.6.15.
- [Release notes](https://github.com/rhysd/actionlint/releases)
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.14...v1.6.15)

---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-07-04 02:23:04 +00:00
dependabot[bot]
50f0b0e7f4
build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (#1240)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 02:14:05 +00:00
dependabot[bot]
9499612b58
build(deps): bump github.com/rhysd/actionlint from 1.6.13 to 1.6.14 (#1234)
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint) from 1.6.13 to 1.6.14.
- [Release notes](https://github.com/rhysd/actionlint/releases)
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.13...v1.6.14)

---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Casey Lee <caseypl@amazon.com>
2022-06-29 19:19:35 -07:00
dependabot[bot]
4deb21344d
build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 (#1233)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-29 19:19:13 -07:00
dependabot[bot]
c67abf2401
build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.5 (#1232)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-27 02:28:30 +00:00
ChristopherHX
f71f2778f0
fix: checkout container path should always use / (#1226)
Container.CopyDir is no longer working with `\` as destpath.
2022-06-21 21:23:49 +00:00
Neo Hsu
de37f75077
feat: add option to bypass GHE for actions checkout (#1162)
* feat(#1161): add --through-action to assigned actions from GitHub

* docs(flags): add --through-action and --through-action-token flags description

* test(action, remote): add test case for ThroughAction

* refactor(command): rename command from --through-action to --actions-from-github

* refactor(command): rename command from --actions-from-github to --replace-ghe-action-with-github-com
2022-06-21 13:52:21 +00:00
Casey Lee
9d7595ab11 revert auto changelog generator 2022-06-20 17:02:49 -07:00
Casey Lee
225405c565 ignore release-notes.md to avoid dirty check in goreleaser 2022-06-20 16:53:20 -07:00
Casey Lee
06bf92c0fc update to use PAT 2022-06-20 16:49:57 -07:00
Casey Lee
d1ca48642e setup git user 2022-06-20 16:39:09 -07:00
Casey Lee
8d74ac8166 allow workflow_dispatch on tag-monthly 2022-06-20 16:33:24 -07:00
Casey Lee
b0ea7a9225 add monthly release 2022-06-20 16:31:51 -07:00
Casey Lee
5fe4c817c0
auto generate changelog (#1225) 2022-06-20 16:25:34 -07:00
Casey Lee
589731f67c
update runc and containerd (#1224) 2022-06-20 16:16:08 -07:00
ChristopherHX
b59e6dee6d
feat: non root user container (#1202)
* feat: non root user container

* Also chown WorkingDir

* .

* .

* Update docker_run.go

* Add Test

* Update runner_test.go

* Update docker_run.go

* Apply suggestions from code review

Co-authored-by: R <me@hackerc.at>

* remove cruft from master merge

Co-authored-by: R <me@hackerc.at>
Co-authored-by: Casey Lee <cplee@nektos.com>
Co-authored-by: Casey Lee <caseypl@amazon.com>
2022-06-20 15:47:39 -07:00
ChristopherHX
c30bc824b2
fix: processing of strategy.matrix.include (#1200)
* Update workflow.go

* Update workflow.go

* Update workflow.go

* Update workflow.go

* Update workflow.go

* Update workflow.go

* Add Tests

* Update workflow.go

* Modify Test

* use tabs

Co-authored-by: Casey Lee <cplee@nektos.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-20 15:33:07 -07:00
ChristopherHX
c3fb6864e8
fix: localcheckout mock (#1198)
* Update run_context.go

* Update step_action_remote.go

* Update step_action_remote.go

* [no ci] eval path

* Update step_action_remote.go

* Update step_action_remote.go

* Update step_action_remote.go

Co-authored-by: Casey Lee <cplee@nektos.com>
2022-06-20 15:14:14 -07:00
Grigory Entin
7105919f0c
Added support for chunked uploads. (#1208)
* Added tests for mid-size and big artifacts, reproducing a problem with chunked uploads.

* Added support for chunked uploads.

* Enforced overwriting uploaded artifacts on receiving the first chunk.

Co-authored-by: Casey Lee <cplee@nektos.com>
2022-06-20 15:06:55 -07:00
Markus Wolf
1d4c2aaa3f
fix: keep action inputs (#1215)
Do not initialize inputs a second time (in pre and main step).
When the action setup already run during pre step, we must not
re-run it during the main step, otherwise the inputs will be
overwritten by possible other action inputs.
2022-06-20 14:58:51 -07:00
Björn Brauer
4391a10d5a
Improve logging (#1171)
* feat: use logger from context wherever possible

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: add step/job id and results to json logs

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* test: value to be masked should not be hard-coded in the action

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* fix: replace values following ::add-mask:: in evaluated strings

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: [DEBUG] identifier for debug logs to distinguish them

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: replace logger with step logger

The container gets injected a job logger, but during the time that steps
are run, we want to use the step logger.
This commit wraps pre/main/post steps in an executor that replaces the
job logger with a step logger.

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: add pre/post stage identifier fields to json log output

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: add job/step result status to skipped steps/jobs

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-17 15:55:21 +00:00
R
52f5c4592c
fix: allow TimeoutMinutes to be expression (#1217) 2022-06-16 20:57:19 +00:00
dependabot[bot]
3415347efc
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (#1213)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-13 02:39:43 +00:00
dependabot[bot]
084c4e61d9
build(deps): bump github.com/AlecAivazis/survey/v2 from 2.3.4 to 2.3.5 (#1214)
Bumps [github.com/AlecAivazis/survey/v2](https://github.com/AlecAivazis/survey) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/AlecAivazis/survey/releases)
- [Commits](https://github.com/AlecAivazis/survey/compare/v2.3.4...v2.3.5)

---
updated-dependencies:
- dependency-name: github.com/AlecAivazis/survey/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-13 02:32:26 +00:00
dependabot[bot]
87d9687716
build(deps): bump github.com/docker/cli (#1211)
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 20.10.16+incompatible to 20.10.17+incompatible.
- [Release notes](https://github.com/docker/cli/releases)
- [Commits](https://github.com/docker/cli/compare/v20.10.16...v20.10.17)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-13 02:24:50 +00:00
dependabot[bot]
63df5ddf42
build(deps): bump github.com/docker/docker (#1212)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.16+incompatible to 20.10.17+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.16...v20.10.17)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 02:17:08 +00:00
R
2aa0699aec
refactor: remove github.com/pkg/errors dependency (#1077)
* refactor: split out common/git

* refactor: move git options to separate func

* refactor: remove github.com/pkg/errors dependency

* fix(golangci-lint): forbid github.com/pkg/errors

* style: fix typo

* style: fix typo

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-10 21:16:42 +00:00
Markus Wolf
8a473943c3
fix: skip local actions pre step in any case (#1204)
* fix: skip local actions pre step in any case

We should skip local actions pre step, as it is not supported by github.
In turn we may need to late prepare remote actions which are run
as steps in a local composite action.

Fixes #1193

* test: remove obsolete test case

Since local actions does not run any pre-step anymore we don't test this case.

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-08 15:36:08 +00:00
André Martins
bf4aad6ad2
pkg/runner: add support to replace GitHub's env (#1197)
There might be use cases where users want to use GitHub's variables in
the environment variables, which is a valid use case.

This commits adds support for replacement of GitHub's env with GitHub's
values.

Signed-off-by: André Martins <aanm90@gmail.com>
2022-06-08 15:25:51 +00:00
ChristopherHX
b7d380b3f0
fix: dryrun skip local actions + enable Tests (#1199)
* Update step_action_local.go

* Enable Tests for DRYRUN

* Update runner_test.go

* Update runner_test.go

* Move DRYRUN Test in it's own function

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-07 14:19:30 +00:00
ChristopherHX
28f5b37fd1
fix: Remove volume with same name as the container again (#1203)
* Update run_context.go

* .
2022-06-07 14:10:43 +00:00
dependabot[bot]
859445fb94
build(deps): bump github.com/go-ini/ini from 1.66.5 to 1.66.6 (#1201)
Bumps [github.com/go-ini/ini](https://github.com/go-ini/ini) from 1.66.5 to 1.66.6.
- [Release notes](https://github.com/go-ini/ini/releases)
- [Commits](https://github.com/go-ini/ini/compare/v1.66.5...v1.66.6)

---
updated-dependencies:
- dependency-name: github.com/go-ini/ini
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 02:17:02 +00:00
dependabot[bot]
64387bcf7b
build(deps): bump github.com/go-ini/ini from 1.66.4 to 1.66.5 (#1189)
Bumps [github.com/go-ini/ini](https://github.com/go-ini/ini) from 1.66.4 to 1.66.5.
- [Release notes](https://github.com/go-ini/ini/releases)
- [Commits](https://github.com/go-ini/ini/compare/v1.66.4...v1.66.5)

---
updated-dependencies:
- dependency-name: github.com/go-ini/ini
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 02:21:00 +00:00
R
8bc3a07dad
governance: fix bug report rendering (#1186) 2022-05-26 21:46:12 +00:00
Jeff Levin
bc0f09b9ea
update docs (#1180)
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-05-24 20:49:12 +00:00
Markus Wolf
4ef50eeae7
feat: handle context cancelation during docker exec (#1170)
* feat: handle context cancelation during docker exec

To allow interrupting docker exec (which could be long running)
we process the log output in a go routine and handle
context cancelation as well as command result.

In case of context cancelation a CTRL+C is written into the docker
container. This should be enough to terminate the running
command.

To make sure we do not get stuck during cleanup, we do
set the cleanup contexts with a timeout of 5 minutes

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
Co-authored-by: Philipp Hinrichsen <philipp.hinrichsen@new-work.se>

* feat: handle SIGTERM signal and abort run

* test: on context cancel, abort running command

This test makes sure that whenever the act Context was canceled, the
currently running docker exec is sent a 0x03 (ctrl+c).

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* test: make sure the exec funcction handles command exit code

This test makes sure that the exec function does handle
docker command error results

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
Co-authored-by: Philipp Hinrichsen <philipp.hinrichsen@new-work.se>
Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
2022-05-24 14:52:25 +00:00
Markus Wolf
943a0e6eea
implement pre and post steps (#1089)
* feat: add post step to actions and add state command

This commit includes requried changes for running post steps
for local and remote actions.
This allows general cleanup work to be done after executing
an action.

Communication is allowed between this steps, by using the
action state.

* feat: collect pre and post steps for composite actions

* refactor: move composite action logic into own file

* refactor: restructure composite handling

* feat: run composite post steps during post step lifecycle

* refactor: remove duplicate log output

* feat: run all composite post actions in a step

Since composite actions could have multiple pre/post steps inside,
we need to run all of them in a single top-level pre/post step.

This PR includes a test case for this and the correct order of steps
to be executed.

* refactor: remove unused lines of code

* refactor: simplify test expression

* fix: use composite job logger

* fix: make step output more readable

* fix: enforce running all post executor

To make sure every post executor/step is executed, it is chained
with it's own Finally executor.

* fix: do not run post step if no step result is available

Having no step result means we do not run any step (neither pre
nor main) and we do not need to run post.

* fix: setup defaults

If no pre-if or post-if is given, it should default to 'always()'.
This could be set even if there is no pre or post step.
In fact this is required for composite actions and included post
steps to run.

* fix: output step related if expression

* test: update expectation

* feat: run pre step from actions (#1110)

This PR implements running pre steps for remote actions.
This includes remote actions using inside local composite actions.

* fix: set correct expr default status checks

For post-if conditions the default status check should be
always(), while for all other if expression the default status
check is success()

References:
https://docs.github.com/en/actions/learn-github-actions/expressions#status-check-functions
https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runspost-if

* fix: remove code added during rebase
2022-05-24 13:36:06 +00:00
R
ebb408f373
fix: remove composite restrictions (#1128)
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-05-23 20:27:12 +00:00
R
7704033ec6
governance: new issue templates (#1048)
Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-05-23 19:13:22 +00:00
R
507ae61d1b
ci(choco): update chocolatey to 1.1.0 (#1164)
* fix(editorconfig,megalinter): enforce space style

* ignore install.sh since it's auto-generated
* simplify editorconfig

* ci(choco): update chocolatey to 1.1.0

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-05-23 19:05:49 +00:00
dependabot[bot]
50544556f8
build(deps): bump goreleaser/goreleaser-action from 2 to 3 (#1179)
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 2 to 3.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-23 02:19:42 +00:00
dependabot[bot]
166d063059
build(deps): bump github.com/rhysd/actionlint from 1.6.12 to 1.6.13 (#1173)
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint) from 1.6.12 to 1.6.13.
- [Release notes](https://github.com/rhysd/actionlint/releases)
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.12...v1.6.13)

---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 11:00:29 +00:00