Commit graph

9 commits

Author SHA1 Message Date
Casey Lee
724ec918c9
chore: upgrade golangci-lint and address findings (#1904) 2023-07-10 17:12:12 -07:00
Reisen Usagi
ef79bb284d
Normalize path outputs emitted by the artifact server download endpoint (#1898)
Co-authored-by: Casey Lee <cplee@nektos.com>
2023-07-10 16:19:30 -07:00
Jason Song
1316307313
chore: use new style octal (#1630)
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2023-02-16 15:34:51 +00:00
Casey Lee
63ae215071
fix: update artifact server to address GHSL-2023-004 (#1565) 2023-01-16 21:01:54 +00:00
Robin Breathe
d064863f9b
fix: allow override of artifact server bind address (#1560)
* Prior to this change, the artifact server always binds to the detected
  "outbound IP", breaks functionality when that IP is unroutable.
  For example, Zscaler assigns the host a local CGNAT address,
  100.64.0.1, which is unreachable from Docker Desktop.
* Add the `--artifact-server-addr` flag to allow override of the address
  to which the artifact server binds, defaulting to the existing
  behaviour.

Fixes: #1559
2023-01-16 14:12:20 +00:00
Robert Kowalski
1a71c52ef3
lint: add ReadHeaderTimeout (#1277)
currently build fail with:

```
run golangci-lint
  Running [/home/runner/golangci-lint-1.47.0-linux-amd64/golangci-lint run --out-format=github-actions] in [] ...
  Error: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
```

for example in this PR:
https://github.com/nektos/act/runs/7405009660?check_suite_focus=true

this sets the required ReadHeaderTimeout
2022-07-25 12:12:48 +00:00
Grigory Entin
7105919f0c
Added support for chunked uploads. (#1208)
* Added tests for mid-size and big artifacts, reproducing a problem with chunked uploads.

* Added support for chunked uploads.

* Enforced overwriting uploaded artifacts on receiving the first chunk.

Co-authored-by: Casey Lee <cplee@nektos.com>
2022-06-20 15:06:55 -07:00
Björn Brauer
4391a10d5a
Improve logging (#1171)
* feat: use logger from context wherever possible

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: add step/job id and results to json logs

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* test: value to be masked should not be hard-coded in the action

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* fix: replace values following ::add-mask:: in evaluated strings

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: [DEBUG] identifier for debug logs to distinguish them

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: replace logger with step logger

The container gets injected a job logger, but during the time that steps
are run, we want to use the step logger.
This commit wraps pre/main/post steps in an executor that replaces the
job logger with a step logger.

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: add pre/post stage identifier fields to json log output

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* feat: add job/step result status to skipped steps/jobs

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2022-06-17 15:55:21 +00:00
Markus Wolf
11f6ee37a6
Asset server implementation (#677)
* Add asset server and upload handling of binary files

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Add asset download parts to the asset server

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Add artifact-server-path flag

If the flag is not defined, the artifact server isn't started.
This includes the configuration of ACTIONS_RUNTIME_URL and
ACTIONS_RUNTIME_TOKEN which are set if the server is started.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Move ACTIONS_RUNTIME_* vars into the withGithubEnv setup

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* feat: add artifact server port as flag

This commits adds a flag to define the artifact server port.
If not given, the port defaults to 34567.

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* test: add artifact server tests

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* refactor: use fs.FS

This allows to add tests with in-memory file system

* feat: add support for gzip encoded uploads

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* test: add artifact integration test

* chore: run act tests with asset server path

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* docs: add new cli flags

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* test: add test workflow to testdata

* feat: add log output

* refactor: log shutdown error instead of panic

* feat: use outbound ip for the asset server

This change should allow to use the host ip in macos and windows.
Since docker is running in an intermediate vm, localhost is not
sufficient to have the artifacts in the host system.

* fix: do not use canceled context

To shutdown artifact server, we should not use the already canceled
context but the parent context instead.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* feat: shutdown artifact server at end of pipeline

When the pipeline is done the asset server should be shut down
gracefully.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* fix: close server if graceful shutdown failed

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* fix: ignore server closed error from listen call

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
2021-11-10 09:57:22 -08:00