fix: prevent unintended input replacement in reusable workflows with workflow_dispatch when using workflow_call (#833)

Refs https://github.com/nektos/act/pull/2349

---

See: https://github.com/nektos/act/issues/2464#issuecomment-2430903650

* Add condition to prevent replacing inputs in reusable workflows with workflow_dispatch inputs

---------

Co-authored-by: ChristopherHX <christopher.homberger@web.de>
(cherry picked from commit f4f4265e977a760e0637a65b1554af2cada034cc)

<!--start release-notes-assistant-->
<!--URL:https://code.forgejo.org/forgejo/runner-->
- bug fixes
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/833): <!--number 833 --><!--line 0 --><!--description Zml4OiBwcmV2ZW50IHVuaW50ZW5kZWQgaW5wdXQgcmVwbGFjZW1lbnQgaW4gcmV1c2FibGUgd29ya2Zsb3dzIHdpdGggd29ya2Zsb3dfZGlzcGF0Y2ggd2hlbiB1c2luZyB3b3JrZmxvd19jYWxs-->fix: prevent unintended input replacement in reusable workflows with workflow_dispatch when using workflow_call<!--description-->
<!--end release-notes-assistant-->

Co-authored-by: S. M. Mahmudul Haque (Yamin) <haque@campus.tu-berlin.de>
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/833
Reviewed-by: Mathieu Fenniak <mfenniak@noreply.code.forgejo.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>

act/runner/expression.go

@@ -497,7 +497,7 @@ func getEvaluatorInputs(ctx context.Context, rc *RunContext, step step, ghc *mod
 		}
 	}
 
-	if ghc.EventName == "workflow_dispatch" {
+	if rc.caller == nil && ghc.EventName == "workflow_dispatch" {
 		config := rc.Run.Workflow.WorkflowDispatchConfig()
 		if config != nil && config.Inputs != nil {
 			for k, v := range config.Inputs {

act/runner/runner_test.go

@@ -314,6 +314,7 @@ func TestRunner_RunEvent(t *testing.T) {
 		{workdir, "workflow_dispatch_no_inputs_mapping", "workflow_dispatch", "", platforms, secrets},
 		{workdir, "workflow_dispatch-scalar", "workflow_dispatch", "", platforms, secrets},
 		{workdir, "workflow_dispatch-scalar-composite-action", "workflow_dispatch", "", platforms, secrets},
+		{workdir, "uses-workflow-defaults", "workflow_dispatch", "", platforms, secrets},
 		{workdir, "job-needs-context-contains-result", "push", "", platforms, secrets},
 		{"../model/testdata", "strategy", "push", "", platforms, secrets}, // TODO: move all testdata into pkg so we can validate it with planner and runner
 		{workdir, "path-handling", "push", "", platforms, secrets},

act/runner/testdata/.github/workflows/local-reusable-and-dispatch.yml

@@ -0,0 +1,30 @@
+name: reuse
+
+on:
+  workflow_dispatch:
+    inputs:
+      my-val:
+        type: string
+        required: true
+        default: "default_value_reuse_workflow_dispatch_call"
+      dispatch-val:
+        type: string
+        default: "I am a dispatch var for checking if I am being used in workflow_call"
+
+  workflow_call:
+    inputs:
+      my-val:
+        type: string
+        required: true
+        default: "default_value_reuse_workflow_call"
+
+jobs:
+  reusable_workflow_job:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: https://data.forgejo.org/actions/checkout@v4
+      - name: Run a one-line script
+        run: echo "✅ 🚀 ✅ hello this is from workflow reuse. Value - " ${{ inputs.my-val }} ${{ github.event_name }} ${{ inputs.dispatch-val }}
+      - name: Assert
+        run: |
+          exit ${{ ( inputs.my-val == 'default_value_reuse_workflow_call' || inputs.my-val == 'passed value from main' ) && !inputs.dispatch-val && '0' || '1' }}

act/runner/testdata/uses-workflow-defaults/workflow_dispatch.yml

@@ -0,0 +1,21 @@
+name: CI
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: https://data.forgejo.org/actions/checkout@v4
+      - name: Run a one-line script
+        run: echo "✅ 🚀 ✅ hello this is from workflow main" ${{ github.event_name }}
+  call-reuse-w-val:
+    uses: ./testdata/.github/workflows/local-reusable-and-dispatch.yml
+    with:
+      my-val: "passed value from main"