* fix: align other Docker executors to print action
* fix: formatting
* fix: add proper workdir support
* fix: replace script filepath after slice creation
* fix: match substring so it works for pwsh
+ rename containerPath to scriptPath to reflect what value it contains
* Fix local Docker actions: invalid reference format
* Create Dockerfile
* Create Dockerfile
* Update push.yml
* Revert "Create Dockerfile"
This reverts commit 9d1dbbc2c7fdf52963e55feb4148ac2b14d639d0.
* Fix lint
* fix: re-use image that is already present in repo
ubuntu:latest would pull unnecessary blobs from registry and count toward API limit
* fix: revert change
reverting due to issue in image deletion that will have to be investigated separately
Co-authored-by: Ryan <me@hackerc.at>
* fix[workflow]: multiple fixes for workflow/matrix
fix[workflow]: default `max-parallel`
fix[workflow]: default `fail-fast`, it's `true`, not `false`
fix[workflow]: skipping over the job when `strategy:` is defined but `matrix:` isn't (fixes#625)
fix[workflow]: skip non-existing includes keys and hard fail on non-existing excludes keys
fix[workflow]: simplify Matrix decode (because I "think" I know how `yaml` works) (fixes#760)
fix[tests]: add test for planner and runner
* fix(workflow): use yaml node for env key
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* Fix defaults (composite)
* uses-composite: rely on defaults to pass
* Add test_input_required back, needs more tests
* Update Tests to test defaults carefully
* Add outputs field to job model
* Add output interpolation for jobs
* Add otto config reference for interpolated job output values into 'needs' context
* Add output interpolation call after job has completed.
* gofmt
* Remove whitespace
* goimports
Co-authored-by: Casey Lee <cplee@nektos.com>
* fix: typo
* fix: remove debug for git references
it generates a massive amount of logs
* feat: read values from env
allows to test act on GHA when it's not a main repo
* fix: merge extrapath with PATH
* fix(tests): add additional shells for testing
* fix(image): update images
pin node to major version only, current node version: 12.22.1
replace most images with `node:12-buster-slim` to prevent
errors on macOS runner due to DockerHub pull limit
replace ocaml image
Co-authored-by: Casey Lee <cplee@nektos.com>
* Test fixups for Windows/Forks
* revert change for repo/actor/owner
this is fixed via https://github.com/nektos/act/pull/723
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Skips docker cp for local actions and use their correct path
Defines GITHUB_ACTION_PATH also for nodejs actions
Evaluate Env of composite action
Evaluate Run of composite action correctly
Evaluate Shell of run step
Evaluate WorkingDirectory of run step
Changed tests for behavior change
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This patch adds a new command-line flag (`--rm`) to automatically
stop workflow container(s), just prior to exit. The default
behavior is kept, e.g.: the containers continue running at exit.
Fixes: #694
Signed-off-by: Joseph Benden <joe@benden.us>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* fix: change `env` to be an interface
allows to use GitHub functions like `fromJson()`
* fix: change matrix to an interface instead of map
This allows to use GitHub functions like `fromJson()` to create dynamic
matrixes
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This patch adds two new command-line flags to specify one or
more kernel capabilities to add or remove from the workflow
containers.
The command-line flag `--container-cap-add` allows for adding
specific capabilities on the workflow containers; where as,
The command-line flag `--container-cap-drop` allows for removing
specific capabilities on the workflow containers.
This was developed to specifically be able to add `SYS_PTRACE`
to a workflow I maintain. It involves using this capability to
monitor a make build, to then build a compilation database.
Signed-off-by: Joseph Benden <joe@benden.us>
ContainerExecAttach implicitly runs ContainerExecStart while attaching
to stdout/stderr.
Ref: e02bc91dcb/client/container_exec.go (L40)
Calling both can lead to a race condition as observed in #627Fixes: #627
Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
* refactor: remove `gotest.tools`
* remove all references to `gotest.tools` and replace it with
`github.com/stretchr/testify` which was originally used for tests
* bump `golangci-lint` version
* add `depguard` and `importas` to prevent import of unwanted packages
* add custom schema and information about config since
schemastore.org has broken schema for `golangci-lint` config
* fix: handle more error cases
* fix: hide masked value
The ::add-mask:: command output logs the value to be masked.
This does expose critical information which should be hidden from
the output.
* Add test to not output secret in add-mask command
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* Fix: Skip Checkout Regression
* Fix test name
* Add newline to end of checkout push test
* Restore .gitignore from node12 test. Todo: Restore that file after the test
* Format workflow
* Test: Fix path slash direction for windows relative source path
* Add explicit nil test for newRemoteAction
* Regress .secrets during tests
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
* define GITHUB_ACTION_PATH #603
* Add more environment variables
* Add job name
Note: the job name gets a suffix for matrix builds, but this is not part of the env var
* fix: remove unnecessary variables
* feat: add `RepositoryOwner`
credit: @KnisterPeter
* feat: add test for `getGithubContext()`
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
* Regression in the .golangci.yml file
* This looks like an even better fix to #451
The previous solution only prevented the `starting container process caused "exec: \"bash\"`
error when someone added an "extra" path in the workflow using `::add-path`
* Add support for >> $GITHUB_PATH
* The newRunCommand has too high cyclomatic complexity
* Add "linux/arm64" to new test
* The cyclop linter was complaining so I extracted some funcs
* Close some readers
* Fix typo
* fix: add missing composite function
* Fix regress from merging
* Keep the error messages as is
* consolidate with master
* Close the tar reader on defer
* New way to get ContainerWorkdir
* Remove arch from runner test
* Separate the UpdateFromEnv and UpdateFromPath
Co-authored-by: hackercat <me@hackerc.at>
* fix: environment variables sourcing from `/etc/environment`
* fix: move `envs.txt` & `event.json` to `/tmp/`
Since #635 `envs.txt` is not copying properly when running `act` in WSL2
Moving it to fixed location resolves that.
* Potentially solved merge conflict
* Update pkg/model/planner.go
Based on feedback
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
* Fixed compilation error
* added missed test
* Fixed spelling error to work with lint error
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
Co-authored-by: Casey Lee <cplee@nektos.com>
* Add option to specify custom GitHub instance
* Use correct GHE API endpoint URLs
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Extract slug from GitHub Enterprise URLs
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Use GITHUB_TOKEN for clone authenticate if provided
This change will allow use authentication for cloning actions
from private repositories or github enterprise instances.
Co-Authored-By: Markus Wolf <knister.peter@shadowrun-clan.de>
* Add section about using act on GitHub Enterprise to README
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Set GitHubInstance in runnerConfig in runner_test
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
Co-authored-by: hackercat <me@hackerc.at>
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
* Add custom docker registry authentication
Uses DOCKER_USERNAME and DOCKER_PASSWORD as secrets provided into
the act cli.
Closes#527
Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
* Add test to check if pull authentication is filled in
* Update debug message to be more descriptive
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
* Remove pwsh -login and add Pwsh test
* Add Shell Command Test for coverage
* 🧪 Move PWSH Platform definition to inline test, it can always be expanded out later
Reference: https://github.com/nektos/act/pull/660#discussion_r626171728
* Test MacOS Build for transient failure
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* feat: bump `golangci-lint`, add `super-linter`, replace outdated linter
Bump `golangci-lint` version.
Add `super-linter` to lint other languages.
Go linter is disabled because it's currently broken:
https://github.com/github/super-linter/pull/370
Replacing `scopelint` with `exportloopref`: "[runner] The linter
'scopelint' is deprecated (since v1.39.0) due to: The repository of the
linter has been deprecated by the owner. Replaced by exportloopref."
Fixed formatting in `.golangci.yml`
Add addtional linters:
`misspell`: purely style, detects typos in comments
`whitespace`: detects leading and trailing whitespace
`goimports`: it's gofmt + checks unused imports
* fix: lint/fix `go` files
* fix: lint with `standardjs`
* fix: lint/fix with `markdownlint`, make template more verbose
* feat: add lint stuff to makefile
* fix: `UseGitIgnore` formatting
* fix: lint/fix `README.md`
Co-authored-by: Casey Lee <cplee@nektos.com>
feat: add flag `--no-recurse` to disable recursion when reading workflows from directories
feat: added more tests to `TestPlanner`, renamed `TestJobFileInfo` to more appropriate name `WorkflowPlanTest`
style: changed error message to lowercase, added single quotes for better visibility
Co-authored-by: Casey Lee <cplee@nektos.com>
* disable gitignore for actions
* feat: Add option to allow/disallow paths specified in .gitignore
Co-authored-by: Alan Birtles <alan.birtles@eu.sony.com>
Walking the directory tree underneath `.git/refs` is not reliable, as it usually does not
return tags, especially for freshly cloned repos and/or tags fetched from a remote.
The go-git library provides an iterator over all git references.
This approach prefers a reference (tag, branch) from go-git, if found. If none is found,
it falls back to the previous implementation.
- Don't set architecture, let Docker host decide it's own platform,
remove `runtime` dependency and don't show default in `--help`
- Remove most tests, we need to check only once if it works on
different platform
- Rename `DeleteImage` to `RemoveImage` to conform to existing
function in `docker` cli, added options to specify `force` and
`pruneChildren`
* refactor: move survey/cfgs into own funcs, read XDG base dirs for config
Moved actrc locations to own func since it can be reused.
Moved survey part to own func due to high cyclomatic complexity.
Added XDG config dir to config locations.
Replaced using HOME envvar with go-homedir module since it's already
an indirect dependency and handles home directories better
for each GOOS.
* refactor: use `go-homedir`, check if XDG var is not empty
* Add support for composite actions
* Fix to make more complex composite actions work
* Fix to make more complex composite actions work
* Let's validate the steps in the composite steps to fail on uses and run's without shell, like the real world
* Add support for composite actions
* Add workflow to test composite actions
* Log instead of panicing when output is mismatched
* Merge maps so environment variables are not lost
* Remove Debug
* Correect merge error
* Remove invalid composite tests.
* Fix composite test
Co-authored-by: Casey Lee <cplee@nektos.com>
Co-authored-by: monkers <mikem@msquaredconsulting.co.uk>
Co-authored-by: Mike Moncrieffe <69815687+mikemonkers@users.noreply.github.com>
* Comment for public function
* Add git describe fallback
* spelling: github
* Set initial branch to satisfy tests for modern git
* Clarify -even- if
* Go 1.16
* Support running commands in repositories without action.yaml
Support runnings commands with only a Docker file
Co-authored-by: Casey Lee <cplee@nektos.com>
Commit af5140f13e introduced support for
specifying a container image platform for cross-platform image building.
Unfortunately, attempting to execute a docker command that includes the
`--platform` flag against Docker daemons using API Version 1.40 and
before results in the following error:
```
"specify container image platform" requires API version 1.41, but the Docker daemon API version is 1.40
```
To allow `act` to be used on the 19.03 Docker CE and earlier versions,
this patch simply checks the Docker daemon API version and only
specifies platform specification when the daemon API version is 1.41 or
greater.
Fixes Issue #586
* Add QEMU to run different architectures
* Update dependencies in `go.mod`
* Add `--container-architecture` flag to specify custom image architecture
Co-authored-by: Casey Lee <cplee@nektos.com>
* fix: give case insensitive secret more meanigful name
* refactor: use `string` in generating `env:` and `steps:` for workflows
Smaller text generation is much better to read with normal strings than
raw string literals.
* feat: sort keys for `env:` so it's always in specific order
* fix: update test workflows
* fix: replace `\` with `/` in git ref to fix `git_test.go` on windows
Paths on Windows use backslash (`\`) as directory separator and this breaks `TestGitFindRef()`.
Replacing `\` with `/` in git ref fixes that issue.
* fix: replace `gopkg.in/godo.v2/glob` with std library `path/filepath`
`github.com/go-godo/godo` lib has been last updated in 2016 and it also
depends on another outdated lib `github.com/MichaelTJones/walk` with
last update in 2016. This also fixes `permission_denied` errors on
Windows (and perhaps Linux in some specific cases). I'm not aware of
any performance improvement or drawback because of that change.
I got an error like this after hitting `act` command.
> Error: Error response from daemon: cannot share the host's network namespace when user namespaces are enabled
According to the document, when user namespaces are enabled on the Docker daemon,
neither host network mode and --privileged work without --userns=host. Since `act`
uses host network mode to match GitHub Actions runners, it cannot run jobs when
user namespaces are enabled. So I added the flag.
https://docs.docker.com/engine/security/userns-remap/#user-namespace-known-limitations
Co-authored-by: Casey Lee <cplee@nektos.com>
This fixes#499, where a matrix strategy with only include keys ends up
causing multiple builds. This bugs appears to have been introduced in #415,
when extra include keys are added in the matrix strategy. The cause
seems to be because the CartesianProduct function returns an item with
empty keys, instead of return an empty set.
Co-authored-by: Ed Tan <edtan@users.noreply.github.com>
* Update flags in README
* Add secrets and `.env` files examples
* Fix typo: environment
* Fix typo: returned
* Add --version back, since I've built act without ldflags
This is a solution to issue #416 where environment variables created or
changed in the previous step are not usable in the next step because
the rc.ExprEval is from the beginning of the previous step.
This change refactors setupEnv so that before interpolating the environment
variables a NewExpressionEvaluator is created.
Fixes: 416
If an action uses the branch to pin the major version, `- use: user/action@v1`
will stop with an error: "v1: reference not found."
In this case `act` should use refs/remotes/origin/v1 as a name to resolve v1 revision.
Co-authored-by: Casey Lee <cplee@nektos.com>
* Upgrade to the official golangci-lint action and fix some issues it found
* Update deps
* Remove a shadow warning
* Initialize the splitPattern only once
* Initial attempt at supporting $GITHUB_ENV
Needs some polishing and tests
* Now it's actually working
* Replace golang.org/x/crypto/ssh/terminal with golang.org/x/term
* Disable the issue-228 test again
* The linter is picky
* Discovered that the workflow/envs.txt had to exist in certain cases
* Fix small linter issue
* fixes include directive of strategy build.
* Adds test for include and exclude in matrix builds.
* ubuntu-16.04 instead of 20.04
* Adds more platforms for runner_test
Prevent most "skipping unsupported platform messages".
* correct printing for unsupported platform
* fix merge
* Test more if env variants
* The correct negation syntax is !=
* Make the Interpolate function support negated booleans from envs
* Move assert := a.New(t) into t.Run
This uncovered that some of the test premisses was wrong and the
Eval Bool function also had flaws
* Remove a stray logrus import
* Add an ACT env set to true
This can be used to skip certain steps that you don't want to run locally
when testing. E.g. steps that sends messages to Slack channels on successful
builds etc.
* Add a description about env.ACT to the readme
* A new attempt at Interpolation and EvalBool
* One small merge fix
* Remove some fmt.Printfs
* Fix some merge conflicts
* Test more if env variants
* The correct negation syntax is !=
* Make the Interpolate function support negated booleans from envs
* Move assert := a.New(t) into t.Run
This uncovered that some of the test premisses was wrong and the
Eval Bool function also had flaws
* Remove a stray logrus import
* When running on Windows the correct path separator must be used. filePath.join is OS aware, so when we want to use forward slash use path.join instead.
on windows docker cp should end with \. when copying a directory
when running npm modules we should pass in path with all forward slashes
This fixes#331
* When calculating relative folders on Windows for destination path on Linux, we need to change \ for /
* Reduce complexity by extracting methods
* V1 does not point to a file that does not exist
* Looks like something else is the cause of this test breaking. Last successful build is #371, builds after that are failing
* Rewrite contexts before evaluating them
* Precompile context and expression patterns
* Test trim before rewrite
The current contextPattern is quite constraining and would fail the
rewrite of a context with trailing spaces. Triming happens during the
execution of Interpolate, and these tests aim to detect future breaking
changes on this behavior.
Co-authored-by: Casey Lee <cplee@nektos.com>
* Pull latest changes from ref using cached repo
Act switched from checking out a branch to checking out
a hash in order to resolve#24 - see
bc5c23e8e4
This had a side effect of preventing `w.Pull()` from updating
to the latest commit if a ref was a branch/tag and the repo
already exists on disk.
This commit checks if input.Ref is equivalent to the resolved
hash, and runs `r.Fetch()` and checks out the branch for input.Ref
if it is different. `w.Pull()` can then pull the latest changes
before we checkout `*hash` again like normal
* Extract CloneIfRequired to reduce cyclomatic complexity
Co-authored-by: Casey Lee <cplee@nektos.com>
Currently setting workflows with the -W (--workflows) flag only accepts
a folder. It is not possible to run a single workflow.yml file.
This commit allows either a single file or a directory to be passed into
the workflows flag.
Previously secrets would be shown in log output as provided. This
commit updates the stepLogFormatter to replace any instance of the secret
string with "***", as GitHub Actions would
Known issues: If the secret is a generic string (such as "docker"), all
occurances of that string will be replaced in the output
Co-authored-by: Casey Lee <cplee@nektos.com>
This adds the `-a` flag when running `act` to change the username of the GITHUB_ACTOR environment variable
Co-authored-by: Casey Lee <cplee@nektos.com>
* Ignore .idea
* Add Env to the RunContext vm so we can Evaluate and Interpolate `env.xx`
* Make EvalBool support expressions more in line with the github runner
* Turns out Boolean(value) is what github is doing after all
* Add test for github context as well
In #222 I added case normalisation to ReadAction() to ensure that Docker and docker are interpreted the same way.
I realised that this was being done at the wrong level and required multiple type conversions. By implementing `func (a ActionRunsUsing) UnmarshalYAML` we can lowercase the string as it's being unserialized
This has an added benefit that any time this type is hydrated the `runs.using` key will be lowercased, rather than relying on `ReadAction()`
Currently, providing `using: Docker` is an error as the switch statement in `step_context.go` is case sensitive.
Actions run successfully on GitHub with `using: Docker` leading me to believe that they're case insensitive. This commit updates `act` to match
Co-authored-by: Casey Lee <cplee@nektos.com>
The string comparison in `step_context.go` is currently case sensitive. This commit adds an error that returns the valid options and tells the user what value they passed
* feat: load every environment from --env-file to workflow
* fix: pass dotenv's environments through by context
* updates to support --secret-file
Co-authored-by: Casey Lee <cplee@nektos.com>