Commit graph

88 commits

Author SHA1 Message Date
Björn Brauer
ed01f464ed
refactor: export and move shared contexts into pkg/model (#931)
This commit moves the githubContext, jobContext and stepResult structs
from the runner package to the model package in preparation for #908
because the expression.go file lives in the runner package and would
introduce cyclic dependencies with the exprparser package.

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-12-22 19:52:09 +00:00
ChristopherHX
9868e13772
Feature: uses in composite (#793)
* Feature: uses in composite

* Negate logic

* Reduce complexity

* Update step_context.go

* Update step_context.go

* Update step_context.go

* Fix syntax error in test

* Bump

* Disable usage of actions/setup-node@v2

* Bump

* Fix step id collision

* Fix output command workaround

* Make secrets context inaccessible in composite

* Fix order after adding a workaround (needs tests)

Fixes https://github.com/nektos/act/pull/793#issuecomment-922329838

* Evaluate env before passing one step deeper

If env would contain any inputs, steps ctx or secrets there was undefined behaviour

* [no ci] prepare secret test

* Initial test pass inputs as env

* Fix syntax error

* extend test also for direct invoke

* Fix passing provided env as composite output

* Fix syntax error

* toUpper 'no such secret', act has a bug

* fix indent

* Fix env outputs in composite

* Test env outputs of composite

* Fix inputs not defined in docker actions

* Fix interpolate args input of docker actions

* Fix lint

* AllowCompositeIf now defaults to true

see https://github.com/actions/runner/releases/tag/v2.284.0

* Fix lint

* Fix env of docker action.yml

* Test calling a local docker action from composite

With input context hirachy

* local-action-dockerfile Test pass on action/runner

It seems action/runner ignores overrides of args,
if the target docker action has the args property set.

* Fix exec permissions of docker-local-noargs

* Revert getStepsContext change

* fix: handle composite action on error and continue

This change is a follow up of https://github.com/nektos/act/pull/840
and integrates with https://github.com/nektos/act/pull/793

There are two things included here:

- The default value for a step.if in an action need to be 'success()'
- We need to hand the error from a composite action back to the
  calling executor

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* Patch inputs can be bool, float64 and string
for workflow_call
Also inputs is now always defined, but may be null

* Simplify cherry-picked commit

* Minor style adjustments

* Remove chmod +x from tests

now fails on windows like before

* Fix GITHUB_ACTION_PATH some action env vars

Fixes GITHUB_ACTION_REPOSITORY, GITHUB_ACTION_REF.

* Add comment to CompositeRestrictions

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
Co-authored-by: Ryan <me@hackerc.at>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-12-22 19:19:50 +00:00
Markus Wolf
1891c72ab1
fix: continue jobs + steps after failure (#840)
* fix: continue jobs + steps after failure

To allow proper if expression handling on jobs and steps (like always,
success, failure, ...) we need to continue running all executors in
the prepared chain.
To keep the error handling intact we add an occurred error to the
go context and handle it later in the pipeline/chain.

Also we add the job result to the needs context to give expressions
access to it.
The needs object, failure and success functions are split between
run context (on jobs) and step context.

Closes #442

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* style: correct linter warnings

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* fix: job if value defaults to success()

As described in the documentation, a default value of "success()" is
applied when no "if" value is present on the job.

https://docs.github.com/en/actions/learn-github-actions/expressions#job-status-check-functions

Co-authored-by: Markus Wolf <mail@markus-wolf.de>

* fix: check job needs recursively

Ensure job result includes results of previous jobs

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* test: add runner test for job status check functions

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* test: add unit tests for run context if evaluation

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* refactor: move if expression evaluation

Move if expression evaluation into own function (step context) to
better support unit testing.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* test: add unit tests for step context if evaluation

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

* fix: handle job error more resilient

The job error is not stored in a context map instead of a context
added value.
Since context values are immutable an added value requires to keep
the new context in all cases. This is fragile since it might slip
unnoticed to other parts of the code.

Storing the error of a job in the context map will make it more stable,
since the map is always there and the context of the pipeline is stable
for the whole run.

* feat: steps should use a default if expression of success()

* test: add integration test for if-expressions

* chore: disable editorconfig-checker for yaml multiline string

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
2021-12-08 20:57:42 +00:00
Ryan
8ad6c07083
feat: add option for docker image rebuild (#878)
Adds option to rebuild local action docker images

Fixed up README due to missing flags after
PR #714 and #716

Signed-off-by: hackercat <me@hackerc.at>

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-11-24 07:51:37 -08:00
Markus Wolf
11f6ee37a6
Asset server implementation (#677)
* Add asset server and upload handling of binary files

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Add asset download parts to the asset server

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Add artifact-server-path flag

If the flag is not defined, the artifact server isn't started.
This includes the configuration of ACTIONS_RUNTIME_URL and
ACTIONS_RUNTIME_TOKEN which are set if the server is started.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Move ACTIONS_RUNTIME_* vars into the withGithubEnv setup

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* feat: add artifact server port as flag

This commits adds a flag to define the artifact server port.
If not given, the port defaults to 34567.

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* test: add artifact server tests

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* refactor: use fs.FS

This allows to add tests with in-memory file system

* feat: add support for gzip encoded uploads

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* test: add artifact integration test

* chore: run act tests with asset server path

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* docs: add new cli flags

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

* test: add test workflow to testdata

* feat: add log output

* refactor: log shutdown error instead of panic

* feat: use outbound ip for the asset server

This change should allow to use the host ip in macos and windows.
Since docker is running in an intermediate vm, localhost is not
sufficient to have the artifacts in the host system.

* fix: do not use canceled context

To shutdown artifact server, we should not use the already canceled
context but the parent context instead.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* feat: shutdown artifact server at end of pipeline

When the pipeline is done the asset server should be shut down
gracefully.

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* fix: close server if graceful shutdown failed

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* fix: ignore server closed error from listen call

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
2021-11-10 09:57:22 -08:00
Ryan
4d552e65ce
fix: add simple concurrency limit (#823)
Co-authored-by: Casey Lee <cplee@nektos.com>
2021-09-26 16:21:12 +00:00
Joseph Benden
003c995b36
Support container removal at exit. Fixes #694 (#714)
This patch adds a new command-line flag (`--rm`) to automatically
stop workflow container(s), just prior to exit. The default
behavior is kept, e.g.: the containers continue running at exit.

Fixes: #694
Signed-off-by: Joseph Benden <joe@benden.us>

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-06-10 15:09:05 +00:00
Joseph Benden
6b4d359737
Add support for container kernel capabilities (#716)
This patch adds two new command-line flags to specify one or
more kernel capabilities to add or remove from the workflow
containers.

The command-line flag `--container-cap-add` allows for adding
specific capabilities on the workflow containers; where as,

The command-line flag `--container-cap-drop` allows for removing
specific capabilities on the workflow containers.

This was developed to specifically be able to add `SYS_PTRACE`
to a workflow I maintain. It involves using this capability to
monitor a make build, to then build a compilation database.

Signed-off-by: Joseph Benden <joe@benden.us>
2021-06-04 16:06:59 +00:00
Ryan (hackercat)
799098b0e6
feat: add option for custom socket path (#698) 2021-05-23 14:43:09 +00:00
Josh Soref
a144e71a1b
Add various GitHub environment variables (#604)
* define GITHUB_ACTION_PATH #603

* Add more environment variables

* Add job name

Note: the job name gets a suffix for matrix builds, but this is not part of the env var

* fix: remove unnecessary variables

* feat: add `RepositoryOwner`

credit: @KnisterPeter

* feat: add test for `getGithubContext()`

Co-authored-by: Ryan (hackercat) <me@hackerc.at>
2021-05-06 20:02:29 +00:00
Björn Brauer
0c4374ec41
GitHub Enterprise support (#658)
* Add option to specify custom GitHub instance

* Use correct GHE API endpoint URLs

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

* Extract slug from GitHub Enterprise URLs

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

* Use GITHUB_TOKEN for clone authenticate if provided

This change will allow use authentication for cloning actions
from private repositories or github enterprise instances.

Co-Authored-By: Markus Wolf <knister.peter@shadowrun-clan.de>

* Add section about using act on GitHub Enterprise to README

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

* Set GitHubInstance in runnerConfig in runner_test

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

Co-authored-by: hackercat <me@hackerc.at>
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
2021-05-05 09:42:34 -07:00
Justin Grote
0f049426f6
Separate Container Workdir from host Workdir (#635)
* Separate Container Workdir from Host Workdir

* Add delegated component to MacOS Test

* Lint: Remove leading newline

* Fix trailing path issue
2021-05-04 14:50:35 -07:00
Ryan (hackercat)
cec63488f3
Add super-linter + fix lint issues (#650)
* feat: bump `golangci-lint`, add `super-linter`, replace outdated linter

Bump `golangci-lint` version.
Add `super-linter` to lint other languages.
Go linter is disabled because it's currently broken:
https://github.com/github/super-linter/pull/370
Replacing `scopelint` with `exportloopref`: "[runner] The linter
'scopelint' is deprecated (since v1.39.0) due to: The repository of the
linter has been deprecated by the owner.  Replaced by exportloopref."
Fixed formatting in `.golangci.yml`
Add addtional linters:
  `misspell`: purely style, detects typos in comments
  `whitespace`: detects leading and trailing whitespace
  `goimports`: it's gofmt + checks unused imports

* fix: lint/fix `go` files

* fix: lint with `standardjs`

* fix: lint/fix with `markdownlint`, make template more verbose

* feat: add lint stuff to makefile

* fix: `UseGitIgnore` formatting

* fix: lint/fix `README.md`

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-05-03 09:52:03 -07:00
Ryan (hackercat)
7ae9916de0
Add option to allow files/directories in .gitignore to be copied to container (#537)
* disable gitignore for actions

* feat: Add option to allow/disallow paths specified in .gitignore

Co-authored-by: Alan Birtles <alan.birtles@eu.sony.com>
2021-05-03 07:37:20 -07:00
Josh Soref
5752a03dcd
Support running commands in repositories without action.yaml (#293)
* Comment for public function

* Add git describe fallback

* spelling: github

* Set initial branch to satisfy tests for modern git

* Clarify -even- if

* Go 1.16

* Support running commands in repositories without action.yaml

Support runnings commands with only a Docker file

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-03-30 12:26:25 -07:00
hackercat
6c258cf40d
Add option to run custom architecture (container platform) (#525)
* Add QEMU to run different architectures

* Update dependencies in `go.mod`

* Add `--container-architecture` flag to specify custom image architecture

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-03-28 21:08:40 -07:00
Hibariya
8de7b956b7
Add --userns flag to support Docker daemon that enables user namespace (#533)
I got an error like this after hitting `act` command.

> Error: Error response from daemon: cannot share the host's network namespace when user namespaces are enabled

According to the document, when user namespaces are enabled on the Docker daemon,
neither host network mode and --privileged work without --userns=host. Since `act`
uses host network mode to match GitHub Actions runners, it cannot run jobs when
user namespaces are enabled. So I added the flag.

https://docs.docker.com/engine/security/userns-remap/#user-namespace-known-limitations

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-02-27 08:31:25 -08:00
Cat™
80a245652e
Add option to disable hiding of secrets (#460) 2021-01-11 22:28:45 -08:00
Tom Lazar
7d443c6520
Set the default branch inside the event data (#354)
* set ${{github.event.repository.default_branch}}

* change `ok == false` to `!ok`

Co-authored-by: Casey Lee <cplee@nektos.com>
2020-09-02 07:56:44 -07:00
whywaita
24bdb024bf
add flag of privileged mode 2020-08-02 05:21:49 +09:00
Michael Heap
d3f25bac79
Mask secrets in job output (#231)
Previously secrets would be shown in log output as provided. This
commit updates the stepLogFormatter to replace any instance of the secret
string with "***", as GitHub Actions would

Known issues: If the secret is a generic string (such as "docker"), all
occurances of that string will be replaced in the output

Co-authored-by: Casey Lee <cplee@nektos.com>
2020-05-13 15:22:31 -07:00
Michael Heap
a5e86bd024
Add support for changing the GITHUB_ACTOR (#229)
This adds the `-a` flag when running `act` to change the username of the GITHUB_ACTOR environment variable

Co-authored-by: Casey Lee <cplee@nektos.com>
2020-05-12 00:14:56 -07:00
jony montana
2f395475b0
feat: load every environment from --env-file to workflow (#184)
* feat: load every environment from --env-file to workflow

* fix: pass dotenv's environments through by context

* updates to support --secret-file

Co-authored-by: Casey Lee <cplee@nektos.com>
2020-04-17 10:04:40 -07:00
Casey Lee
59b9b8e97a
fix #108 - ensure container names are unique for matrix runs 2020-03-04 16:24:14 -08:00
Casey Lee
21e2bb8657
fix #108 - support matrix expressions in job name (#109) 2020-02-26 23:29:43 -08:00
Casey Lee
1121f6e132
run with copy of workingdir 2020-02-24 17:48:21 -08:00
Casey Lee
01876438c2
shared container for job 2020-02-23 15:01:25 -08:00
Casey Lee
543501a36a
add support to override platform
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:06:15 -05:00
Casey Lee
573f78e1b4
support for secrets
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:06:09 -05:00
Casey Lee
9651992584
code complexity of NewPlanExecutor
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:06:07 -05:00
Casey Lee
60be2d67c1
align name of job in output
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:06:05 -05:00
Casey Lee
f8fb88816a
matrix is done
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:06:03 -05:00
Casey Lee
5b7019cd0b
skip unsupported platforms
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:06:01 -05:00
Casey Lee
73559207c7
initial support for expressons
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:05:59 -05:00
Casey Lee
64562d41ab
test updates
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:05:44 -05:00
Casey Lee
033168228b
cleanup logging
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:05:40 -05:00
Casey Lee
532af98aef
successfully able to run simple workflows
Signed-off-by: Casey Lee <cplee@nektos.com>
2020-02-20 21:05:25 -05:00
Casey Lee
8c49ba0cec
initial load of yaml working 2020-02-04 16:38:41 -08:00