Commit Graph

240 Commits

Author SHA1 Message Date
Justin Grote
a9295c9db2 Test fixups for Windows/Forks (#681)
* Test fixups for Windows/Forks

* revert change for repo/actor/owner

this is fixed via https://github.com/nektos/act/pull/723

Co-authored-by: Ryan (hackercat) <me@hackerc.at>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-06-10 18:27:35 +00:00
ChristopherHX
e5d4886787 Refactor local, composite actions and run steps (#712)
Skips docker cp for local actions and use their correct path
Defines GITHUB_ACTION_PATH also for nodejs actions
Evaluate Env of composite action
Evaluate Run of composite action correctly
Evaluate Shell of run step
Evaluate WorkingDirectory of run step
Changed tests for behavior change

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-06-10 15:28:23 +00:00
Joseph Benden
003c995b36 Support container removal at exit. Fixes #694 (#714)
This patch adds a new command-line flag (`--rm`) to automatically
stop workflow container(s), just prior to exit. The default
behavior is kept, e.g.: the containers continue running at exit.

Fixes: #694
Signed-off-by: Joseph Benden <joe@benden.us>

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-06-10 15:09:05 +00:00
Ryan (hackercat)
2261204c65 fix: wrong perms (#726)
if someone is using image with a non-root user, they will get a permission denied since only root has write perms
2021-06-09 16:08:39 -07:00
Ryan (hackercat)
96a0564526 fix: don't replace empty secrets (#725) 2021-06-07 13:54:12 +00:00
Ryan (hackercat)
33ccfa6f3b Switch to interface{} instead of map[string]... (#700)
* fix: change `env` to be an interface

allows to use GitHub functions like `fromJson()`

* fix: change matrix to an interface instead of map

This allows to use GitHub functions like `fromJson()` to create dynamic
matrixes

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-06-06 14:53:18 +00:00
Joseph Benden
6b4d359737 Add support for container kernel capabilities (#716)
This patch adds two new command-line flags to specify one or
more kernel capabilities to add or remove from the workflow
containers.

The command-line flag `--container-cap-add` allows for adding
specific capabilities on the workflow containers; where as,

The command-line flag `--container-cap-drop` allows for removing
specific capabilities on the workflow containers.

This was developed to specifically be able to add `SYS_PTRACE`
to a workflow I maintain. It involves using this capability to
monitor a make build, to then build a compilation database.

Signed-off-by: Joseph Benden <joe@benden.us>
2021-06-04 16:06:59 +00:00
Björn Brauer
8a9167da82 fix: avoid race condition by not running exec/start twice (#702)
ContainerExecAttach implicitly runs ContainerExecStart while attaching
to stdout/stderr.
Ref: e02bc91dcb/client/container_exec.go (L40)

Calling both can lead to a race condition as observed in #627

Fixes: #627

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
2021-05-25 12:35:52 +00:00
Ryan (hackercat)
d794e2fe4c Move actions path outside of workdir (#701)
* feat: add option to specify user for exec

* fix: move actions to static path outside workdir

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-05-24 17:09:03 +00:00
Ryan (hackercat)
799098b0e6 feat: add option for custom socket path (#698) 2021-05-23 14:43:09 +00:00
Björn Brauer
60b9606fc6 fix: use github auth token for pulling a repository (#693)
Co-Authored-By: Markus Wolf <markus.wolf@new-work.se>

Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
2021-05-19 13:40:28 +00:00
Josh Soref
29ea8cfc4e Fix: GITHUB_PATH should prepend (#690)
* GITHUB_PATH is prepend

https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#adding-a-system-path

* Check for replacing system binaries

Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2021-05-18 13:22:39 +00:00
Markus Wolf
38f6dfb49a fix: use auth when fetching (same as with cloning) (#687)
Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>

Co-authored-by: Björn Brauer <bjoern.brauer@new-work.se>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-05-18 06:25:07 +00:00
Ryan (hackercat)
f571290b25 refactor: remove gotest.tools (#688)
* refactor: remove `gotest.tools`

* remove all references to `gotest.tools` and replace it with
  `github.com/stretchr/testify` which was originally used for tests
* bump `golangci-lint` version
* add `depguard` and `importas` to prevent import of unwanted packages
* add custom schema and information about config since
  schemastore.org has broken schema for `golangci-lint` config

* fix: handle more error cases
2021-05-17 23:14:49 -07:00
Markus Wolf
3db50376aa fix: hide masked value (#668)
* fix: hide masked value

The ::add-mask:: command output logs the value to be masked.
This does expose critical information which should be hidden from
the output.

* Add test to not output secret in add-mask command

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-05-15 21:11:16 +00:00
Justin Grote
ef0da2ab9e Hotfix: Skip Checkout Regression (#680)
* Fix: Skip Checkout Regression

* Fix test name

* Add newline to end of checkout push test

* Restore .gitignore from node12 test. Todo: Restore that file after the test

* Format workflow

* Test: Fix path slash direction for windows relative source path

* Add explicit nil test for newRemoteAction

* Regress .secrets during tests

Co-authored-by: Ryan (hackercat) <me@hackerc.at>
2021-05-10 15:12:57 +00:00
Ryan (hackercat)
aa68181f6b refactor: return more errors, add more tests (#679)
adding more tests
returns same message for short SHA format like GitHub Actions
refactor error checking
add more errors :)
2021-05-08 03:29:03 +00:00
Josh Soref
a144e71a1b Add various GitHub environment variables (#604)
* define GITHUB_ACTION_PATH #603

* Add more environment variables

* Add job name

Note: the job name gets a suffix for matrix builds, but this is not part of the env var

* fix: remove unnecessary variables

* feat: add `RepositoryOwner`

credit: @KnisterPeter

* feat: add test for `getGithubContext()`

Co-authored-by: Ryan (hackercat) <me@hackerc.at>
2021-05-06 20:02:29 +00:00
Markus Wolf
a07cb440c2 Write git clone progress only if terminal is a TTY (#670) 2021-05-06 06:55:23 -07:00
Torbjørn Vatn
92eec3a526 $GITHUB_PATH support (#566)
* Regression in the .golangci.yml file

* This looks like an even better fix to #451

The previous solution only prevented the `starting container process caused "exec: \"bash\"`
error when someone added an "extra" path in the workflow using `::add-path`

* Add support for >> $GITHUB_PATH

* The newRunCommand has too high cyclomatic complexity

* Add "linux/arm64" to new test

* The cyclop linter was complaining so I extracted some funcs

* Close some readers

* Fix typo

* fix: add missing composite function

* Fix regress from merging

* Keep the error messages as is

* consolidate with master

* Close the tar reader on defer

* New way to get ContainerWorkdir

* Remove arch from runner test

* Separate the UpdateFromEnv and UpdateFromPath

Co-authored-by: hackercat <me@hackerc.at>
2021-05-06 13:30:12 +00:00
Ryan (hackercat)
8153dc92e5 Fix environment variables and move envs.txt/event.json to fixed location (#667)
* fix: environment variables sourcing from `/etc/environment`

* fix: move `envs.txt` & `event.json` to `/tmp/`

Since #635 `envs.txt` is not copying properly when running `act` in WSL2
Moving it to fixed location resolves that.
2021-05-05 23:11:43 +00:00
Renstrom
aba4fec0ee Fixes #598 (#628)
* Potentially solved merge conflict

* Update pkg/model/planner.go

Based on feedback

Co-authored-by: Ryan (hackercat) <me@hackerc.at>

* Fixed compilation error

* added missed test

* Fixed spelling error to work with lint error

Co-authored-by: Ryan (hackercat) <me@hackerc.at>
Co-authored-by: Casey Lee <cplee@nektos.com>
2021-05-05 13:04:03 -07:00
Björn Brauer
0c4374ec41 GitHub Enterprise support (#658)
* Add option to specify custom GitHub instance

* Use correct GHE API endpoint URLs

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

* Extract slug from GitHub Enterprise URLs

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

* Use GITHUB_TOKEN for clone authenticate if provided

This change will allow use authentication for cloning actions
from private repositories or github enterprise instances.

Co-Authored-By: Markus Wolf <knister.peter@shadowrun-clan.de>

* Add section about using act on GitHub Enterprise to README

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

* Set GitHubInstance in runnerConfig in runner_test

Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>

Co-authored-by: hackercat <me@hackerc.at>
Co-authored-by: Markus Wolf <knister.peter@shadowrun-clan.de>
2021-05-05 09:42:34 -07:00
Markus Wolf
710a3ac94c Add custom docker registry authentication (#665)
* Add custom docker registry authentication

Uses DOCKER_USERNAME and DOCKER_PASSWORD as secrets provided into
the act cli.

Closes #527

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>

* Add test to check if pull authentication is filled in

* Update debug message to be more descriptive

Co-authored-by: Ryan (hackercat) <me@hackerc.at>

Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de>
Co-authored-by: Ryan (hackercat) <me@hackerc.at>
2021-05-05 09:37:17 -07:00
Justin Grote
616d7fcaeb Remove pwsh -login and add Pwsh test (#660)
* Remove pwsh -login and add Pwsh test

* Add Shell Command Test for coverage

* 🧪 Move PWSH Platform definition to inline test, it can always be expanded out later

Reference: https://github.com/nektos/act/pull/660#discussion_r626171728

* Test MacOS Build for transient failure

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2021-05-05 05:57:33 +00:00
Justin Grote
0f049426f6 Separate Container Workdir from host Workdir (#635)
* Separate Container Workdir from Host Workdir

* Add delegated component to MacOS Test

* Lint: Remove leading newline

* Fix trailing path issue
2021-05-04 14:50:35 -07:00
Josh Soref
020d6a6083 Composite action (#608)
* Refactor maybeCopyToActionDir

* Use maybeCopyToActionDir for model.ActionRunsUsingComposite
2021-05-03 14:57:46 -07:00
Ryan (hackercat)
cec63488f3 Add super-linter + fix lint issues (#650)
* feat: bump `golangci-lint`, add `super-linter`, replace outdated linter

Bump `golangci-lint` version.
Add `super-linter` to lint other languages.
Go linter is disabled because it's currently broken:
https://github.com/github/super-linter/pull/370
Replacing `scopelint` with `exportloopref`: "[runner] The linter
'scopelint' is deprecated (since v1.39.0) due to: The repository of the
linter has been deprecated by the owner.  Replaced by exportloopref."
Fixed formatting in `.golangci.yml`
Add addtional linters:
  `misspell`: purely style, detects typos in comments
  `whitespace`: detects leading and trailing whitespace
  `goimports`: it's gofmt + checks unused imports

* fix: lint/fix `go` files

* fix: lint with `standardjs`

* fix: lint/fix with `markdownlint`, make template more verbose

* feat: add lint stuff to makefile

* fix: `UseGitIgnore` formatting

* fix: lint/fix `README.md`

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-05-03 09:52:03 -07:00
Renstrom
3db3d416e3 Fixes Issue #597 (#637)
* feat:(Changed order of events, to prevent enviroment to run before if statement is run

* changed issue597 to issue-597

* Added test for linux/amd64
2021-05-03 09:51:48 -07:00
Josh Soref
cc3e7aeaf2 GitHub Event Path #542 (#605)
Co-authored-by: Casey Lee <cplee@nektos.com>
2021-05-03 08:02:26 -07:00
Ryan (hackercat)
806bc4d999 refactor: NewWorkflowPlanner (#648)
feat: add flag `--no-recurse` to disable recursion when reading workflows from directories
feat: added more tests to `TestPlanner`, renamed `TestJobFileInfo` to more appropriate name `WorkflowPlanTest`
style: changed error message to lowercase, added single quotes for better visibility

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-05-03 07:57:24 -07:00
Ryan (hackercat)
7ae9916de0 Add option to allow files/directories in .gitignore to be copied to container (#537)
* disable gitignore for actions

* feat: Add option to allow/disallow paths specified in .gitignore

Co-authored-by: Alan Birtles <alan.birtles@eu.sony.com>
2021-05-03 07:37:20 -07:00
Robert Stupp
ea7503bc25 Prefer go-git to find the reference name (#633)
Walking the directory tree underneath `.git/refs` is not reliable, as it usually does not
return tags, especially for freshly cloned repos and/or tags fetched from a remote.

The go-git library provides an iterator over all git references.

This approach prefers a reference (tag, branch) from go-git, if found. If none is found,
it falls back to the previous implementation.
2021-05-03 07:32:00 -07:00
Ryan (hackercat)
f32babb51d fix: reworked container architecture (#619)
- Don't set architecture, let Docker host decide it's own platform,
  remove `runtime` dependency and don't show default in `--help`
- Remove most tests, we need to check only once if it works on
  different platform
- Rename `DeleteImage` to `RemoveImage` to conform to existing
  function in `docker` cli, added options to specify `force` and
  `pruneChildren`
2021-05-02 08:15:13 -07:00
KADOTA, Kyohei
010e459e95 Clean the repository cache if it is in incomplete state (#595) 2021-04-06 06:43:02 -07:00
hackercat
4125812a63 Refactor .actrc locations and default image survey (#600)
* refactor: move survey/cfgs into own funcs, read XDG base dirs for config

Moved actrc locations to own func since it can be reused.
Moved survey part to own func due to high cyclomatic complexity.
Added XDG config dir to config locations.
Replaced using HOME envvar with go-homedir module since it's already
an indirect dependency and handles home directories better
for each GOOS.

* refactor: use `go-homedir`, check if XDG var is not empty
2021-04-05 08:51:13 -07:00
Mark DeLillo
b9a7bc6202 Add support for composite actions (#514)
* Add support for composite actions

* Fix to make more complex composite actions work

* Fix to make more complex composite actions work

* Let's validate the steps in the composite steps to fail on uses and run's without shell, like the real world

* Add support for composite actions

* Add workflow to test composite actions

* Log instead of panicing when output is mismatched

* Merge maps so environment variables are not lost

* Remove Debug

* Correect merge error

* Remove invalid composite tests.

* Fix composite test

Co-authored-by: Casey Lee <cplee@nektos.com>
Co-authored-by: monkers <mikem@msquaredconsulting.co.uk>
Co-authored-by: Mike Moncrieffe <69815687+mikemonkers@users.noreply.github.com>
2021-04-02 13:40:44 -07:00
hackercat
94d736a602 fix: fail workflow if the job name is invalid (#596) 2021-04-02 07:01:45 -07:00
hackercat
5044ec6c43 fix: remove HOME env var (#594) 2021-04-01 14:01:01 -07:00
hackercat
25779af4bf fix: return error if both run:/uses: keys are used (#593)
fixes https://github.com/nektos/act/issues/536
2021-04-01 11:36:41 -07:00
Josh Soref
5752a03dcd Support running commands in repositories without action.yaml (#293)
* Comment for public function

* Add git describe fallback

* spelling: github

* Set initial branch to satisfy tests for modern git

* Clarify -even- if

* Go 1.16

* Support running commands in repositories without action.yaml

Support runnings commands with only a Docker file

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-03-30 12:26:25 -07:00
Jay Pipes
d67e282f68 use container image platform only on docker 1.41+ (#591)
Commit af5140f13e introduced support for
specifying a container image platform for cross-platform image building.

Unfortunately, attempting to execute a docker command that includes the
`--platform` flag against Docker daemons using API Version 1.40 and
before results in the following error:

```
"specify container image platform" requires API version 1.41, but the Docker daemon API version is 1.40
```

To allow `act` to be used on the 19.03 Docker CE and earlier versions,
this patch simply checks the Docker daemon API version and only
specifies platform specification when the daemon API version is 1.41 or
greater.

Fixes Issue #586
2021-03-30 10:10:42 -07:00
Justin Grote
957b8ad76d Update Shell Tasks to match ScriptHandlerHelpers (#575)
* Update Shell Tasks to match ScriptHandlerHelpers
Code: https://github.com/actions/runner/blob/main/src/Runner.Worker/Handlers/ScriptHandlerHelpers.cs

Docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell

Fixes #467

* 🩹 Remove old ps1 handler

* ♻️ gocritix fix

* 🐛 Powershell command must be a single entry to docker API
Fixes #467

* Remove Act Temp

* Remove additional Act Directories

* remove hard-coded workdir

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-03-29 10:06:51 -07:00
hackercat
29b3d43988 fix: hardcode ubuntu-latest for ImageOS envvar (#579)
Hardcode current `ubuntu-latest` since we have no way to check that 'on the fly'
2021-03-28 21:46:09 -07:00
hackercat
f3b53d8eca fix: pass sc.Env through common.Logger to hide secrets (#578)
Currently all secrets are exposed when running with `--verbose`/`-v` option
2021-03-28 21:45:07 -07:00
hackercat
b438b836ea fix: invoke login shells to source /etc/environment (#570) 2021-03-28 21:35:01 -07:00
rockandska
6cde8f64dc use project dir instead of /github/workspace (#567) 2021-03-28 21:32:45 -07:00
hackercat
6c258cf40d Add option to run custom architecture (container platform) (#525)
* Add QEMU to run different architectures

* Update dependencies in `go.mod`

* Add `--container-architecture` flag to specify custom image architecture

Co-authored-by: Casey Lee <cplee@nektos.com>
2021-03-28 21:08:40 -07:00
hackercat
41b03b581c fix: add ImageOS env var based on running platform (#571) 2021-03-17 17:14:08 -07:00
hackercat
09679f0156 Update test workflows and improve expression_test.go/run_context_test.go (#560)
* fix: give case insensitive secret more meanigful name

* refactor: use `string` in generating `env:` and `steps:` for workflows

Smaller text generation is much better to read with normal strings than
raw string literals.

* feat: sort keys for `env:` so it's always in specific order

* fix: update test workflows
2021-03-12 16:25:10 -08:00