This patch adds two new command-line flags to specify one or
more kernel capabilities to add or remove from the workflow
containers.
The command-line flag `--container-cap-add` allows for adding
specific capabilities on the workflow containers; where as,
The command-line flag `--container-cap-drop` allows for removing
specific capabilities on the workflow containers.
This was developed to specifically be able to add `SYS_PTRACE`
to a workflow I maintain. It involves using this capability to
monitor a make build, to then build a compilation database.
Signed-off-by: Joseph Benden <joe@benden.us>
* define GITHUB_ACTION_PATH #603
* Add more environment variables
* Add job name
Note: the job name gets a suffix for matrix builds, but this is not part of the env var
* fix: remove unnecessary variables
* feat: add `RepositoryOwner`
credit: @KnisterPeter
* feat: add test for `getGithubContext()`
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
* Add option to specify custom GitHub instance
* Use correct GHE API endpoint URLs
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Extract slug from GitHub Enterprise URLs
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Use GITHUB_TOKEN for clone authenticate if provided
This change will allow use authentication for cloning actions
from private repositories or github enterprise instances.
Co-Authored-By: Markus Wolf <knister.peter@shadowrun-clan.de>
* Add section about using act on GitHub Enterprise to README
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Set GitHubInstance in runnerConfig in runner_test
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
Co-authored-by: hackercat <me@hackerc.at>
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* feat: bump `golangci-lint`, add `super-linter`, replace outdated linter
Bump `golangci-lint` version.
Add `super-linter` to lint other languages.
Go linter is disabled because it's currently broken:
https://github.com/github/super-linter/pull/370
Replacing `scopelint` with `exportloopref`: "[runner] The linter
'scopelint' is deprecated (since v1.39.0) due to: The repository of the
linter has been deprecated by the owner. Replaced by exportloopref."
Fixed formatting in `.golangci.yml`
Add addtional linters:
`misspell`: purely style, detects typos in comments
`whitespace`: detects leading and trailing whitespace
`goimports`: it's gofmt + checks unused imports
* fix: lint/fix `go` files
* fix: lint with `standardjs`
* fix: lint/fix with `markdownlint`, make template more verbose
* feat: add lint stuff to makefile
* fix: `UseGitIgnore` formatting
* fix: lint/fix `README.md`
Co-authored-by: Casey Lee <cplee@nektos.com>
* disable gitignore for actions
* feat: Add option to allow/disallow paths specified in .gitignore
Co-authored-by: Alan Birtles <alan.birtles@eu.sony.com>
* Comment for public function
* Add git describe fallback
* spelling: github
* Set initial branch to satisfy tests for modern git
* Clarify -even- if
* Go 1.16
* Support running commands in repositories without action.yaml
Support runnings commands with only a Docker file
Co-authored-by: Casey Lee <cplee@nektos.com>
* Add QEMU to run different architectures
* Update dependencies in `go.mod`
* Add `--container-architecture` flag to specify custom image architecture
Co-authored-by: Casey Lee <cplee@nektos.com>
I got an error like this after hitting `act` command.
> Error: Error response from daemon: cannot share the host's network namespace when user namespaces are enabled
According to the document, when user namespaces are enabled on the Docker daemon,
neither host network mode and --privileged work without --userns=host. Since `act`
uses host network mode to match GitHub Actions runners, it cannot run jobs when
user namespaces are enabled. So I added the flag.
https://docs.docker.com/engine/security/userns-remap/#user-namespace-known-limitations
Co-authored-by: Casey Lee <cplee@nektos.com>
Previously secrets would be shown in log output as provided. This
commit updates the stepLogFormatter to replace any instance of the secret
string with "***", as GitHub Actions would
Known issues: If the secret is a generic string (such as "docker"), all
occurances of that string will be replaced in the output
Co-authored-by: Casey Lee <cplee@nektos.com>
This adds the `-a` flag when running `act` to change the username of the GITHUB_ACTOR environment variable
Co-authored-by: Casey Lee <cplee@nektos.com>
* feat: load every environment from --env-file to workflow
* fix: pass dotenv's environments through by context
* updates to support --secret-file
Co-authored-by: Casey Lee <cplee@nektos.com>