- do not override username and password when looping over services
- split prepareJobContainer out of startJobContainer
- split getNetworkName out as it is used by both
- add unit tests for prepareJobContainer
- make containre.NewContainer mockable
- add MockVariable helper
Closesforgejo/runner#575
---
Note to reviewers: do not show whitespace change, the refactor will show in a minimal way. When the fix is reverted the tests fail as follows:
```
Diff:
--- Expected
+++ Actual
@@ -81,4 +81,4 @@
Image: (string) (len=10) "some:image",
- Username: (string) (len=17) "containerusername",
- Password: (string) (len=17) "containerpassword",
+ Username: (string) (len=16) "service2username",
+ Password: (string) (len=16) "service2password",
Entrypoint: ([]string) (len=3) {
Test: TestStartJobContainer/Overlapping
```
Reviewed-on: https://code.forgejo.org/forgejo/act/pulls/181
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
testutils.MockVariable must be in a defer to restore the previous value.
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/701
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
- report back to the Forgejo instance
- log Forgejo runner side in debug mode
- display the workflow with line number to facilitate matching with errors
- split the error into multiple lines if possible
Refs forgejo/act#170
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/666
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
- rc.getToolCache(ctx) is used to figure out RUNNER_TOOL_CACHE and returns RUNNER_TOOL_CACHE if it is found in the runner config, e.g.
```yaml
container:
env:
RUNNER_TOOL_CACHE: /srv/toolcache
```
- store the value in the new `toolCache` data member for containers, in the same way it is done for host
- GetRunnerContext for containers return `toolCache` instead of a hard coded string
- add integration test
Closesforgejo/runner#184
Reviewed-on: https://code.forgejo.org/forgejo/act/pulls/178
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
It is a breaking change because it changes how the shell is
determined.
Before, if `jobs.<job_id>.container.image` is set and the shell is not
specified, it defaults to `sh` instead of `bash`.
After, regardless of `jobs.<job_id>.container.image`, if the shell is
not specified, it defaults to `bash` if available, otherwise it
defaults to `sh`.
Rework the shell integration tests:
- Remove container specific tests because the special behavior related
to shell being set differently when a container image is present is
removed
- Modify the defaults test case to verify the fallback logic
- Use container images from code.forgejo.org to escape rate limiting
in the CI
- Add the missing node test
- Use
container:
image: code.forgejo.org/oci/node:22-bookworm
instead of
container: code.forgejo.org/oci/node:22-bookworm
because it silently failed to run (with no exit code)
- Prefer `-z "${BASH}"` because `-z ${BASH+x}` reads obscure
Closesforgejo/runner#150
Before migrating to v8.0.0 with schema validation, existing workflows can be verified to pass with `forgejo-runner exec`.
Refs forgejo/act#170
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/693
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
Otherwise act would reject such workflows right away
(cherry picked from commit efc95959aca96034426dcb93275eede5a3f47b83)
Conflicts:
pkg/schema/workflow_schema.json
trivial context conflict
- has_with had undetected structure error now failing the schema
- empty_step and has_secrets are invalid and caught by the schema
there no longer is a need for them
* fix: use non strict schema to allow some undefined behavior
* GitHub Actions doesn't use the newer strict schema in the service
* Tolerate more hallucinations
* Update workflow.go
* Update workflow.go
* Update pkg/model/workflow.go
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
---------
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
(cherry picked from commit b52da6190c971733cdf3ffcef97cdbdce4ba42e5)
So it does not panic if one is nil.
Closesforgejo/runner#146
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/684
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [go](https://go.dev/) ([source](https://github.com/golang/go)) | toolchain | patch | `1.23.10` -> `1.23.11` |
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4yMy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/681
Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org>
Co-authored-by: Renovate Bot <bot@kriese.eu>
Co-committed-by: Renovate Bot <bot@kriese.eu>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [https://data.forgejo.org/actions/setup-forgejo](https://code.forgejo.org/actions/setup-forgejo) | action | patch | `v3.0.0` -> `v3.0.1` |
---
### Release Notes
<details>
<summary>actions/setup-forgejo (https://data.forgejo.org/actions/setup-forgejo)</summary>
### [`v3.0.1`](https://code.forgejo.org/actions/setup-forgejo/compare/v3.0.0...v3.0.1)
[Compare Source](https://code.forgejo.org/actions/setup-forgejo/compare/v3.0.0...v3.0.1)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4yMy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/676
Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org>
Co-authored-by: Renovate Bot <bot@kriese.eu>
Co-committed-by: Renovate Bot <bot@kriese.eu>
go test -cover -coverprofile coverage.txt -v ./internal/pkg/report/...
go tool cover -html=coverage.txt -o coverage.html
xdg-open coverage.html
$ go run github.com/gregoryv/uncover/cmd/uncover@latest coverage.txt ReportLog
total: (statements) 100.0%
- do not try to mask a secret when a log line is received
- try to mask secrets before before sending a batch of log
lines to the Forgejo instance (every second)
- if masking a multiline secret needs more log lines to decide
if it needs to be masked, do not attempt to send anything to
the Forgejo instance, just wait until there are more log lines
Closesforgejo/runner#57
r.logOffset = ack
ack < r.logOffset+len(rows)
can be simplified as
len(rows) > 0
which is only false if there were no rows to send. It follows
that
if noMore && ack < r.logOffset+len(rows) {
is can be simplified as
if noMore {
is always true if rows were sent.
The intent was apparently to return on error and retry if only
part of the rows were sent but not all of them. To achieve that
the expression is replaced with:
if noMore && len(r.logRows) > 0 {
- the longest secret is masked first
- multiline secrets are masked before single line secrets
- O(multiline * log rows) to not degrade performances when there are
no multiline secrets
