Remove trailing slash from instance address (#197 )

Related #136 Co-authored-by: harryzcy <harry@harryzheng.com> Reviewed-on: https://gitea.com/gitea/act_runner/pulls/197 Reviewed-by: Jason Song <i@wolfogre.com> Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: harryzcy <harryzcy@noreply.gitea.io> Co-committed-by: harryzcy <harryzcy@noreply.gitea.io>
Add exec command flag of network (#192 )
2025-12-17 03:24:53 +00:00 · 2023-05-22 23:50:29 +08:00 · 2023-05-18 15:01:43 +08:00 · 2023-05-17 14:13:38 +08:00 · 2023-05-16 14:46:59 +08:00 · 2023-05-13 23:51:22 +08:00
10 changed files with 50 additions and 13 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,16 @@
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+tab_width = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.{go}]
+indent_style = tab
+
+[Makefile]
+indent_style = tab
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1 @@
+* text=auto eol=lf
--- a/README.md
+++ b/README.md
@@ -85,7 +85,7 @@ You can specify the configuration file path with `-c`/`--config` argument.

 ```bash
 ./act_runner -c config.yaml register # register with config file
-./act_runner -c config.yaml deamon # run with config file
+./act_runner -c config.yaml daemon # run with config file
 ```

 ### Run a docker container
--- a/go.mod
+++ b/go.mod
@@ -87,4 +87,4 @@ require (
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )

-replace github.com/nektos/act => gitea.com/gitea/act v0.245.1
+replace github.com/nektos/act => gitea.com/gitea/act v0.245.2-0.20230516060355-9283cfc9b166
--- a/go.sum
+++ b/go.sum
@@ -2,8 +2,8 @@ code.gitea.io/actions-proto-go v0.2.1 h1:ToMN/8thz2q10TuCq8dL2d8mI+/pWpJcHCvG+TE
 code.gitea.io/actions-proto-go v0.2.1/go.mod h1:00ys5QDo1iHN1tHNvvddAcy2W/g+425hQya1cCSvq9A=
 code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5 h1:daBEK2GQeqGikJESctP5Cu1i33z5ztAD4kyQWiw185M=
 code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE=
-gitea.com/gitea/act v0.245.1 h1:mibEHQzIn+2ehaxj3yC3AAFgegiEpC9MP1ZjjI6e3D8=
-gitea.com/gitea/act v0.245.1/go.mod h1:1ffiGQZAZCLuk9QEBDdbRuQj1GL4uAQk6GNNtcEnPmI=
+gitea.com/gitea/act v0.245.2-0.20230516060355-9283cfc9b166 h1:hvyzFmxDmdSZBd8S2+r8VqPSK9eihTD2SrTBAvwgYsA=
+gitea.com/gitea/act v0.245.2-0.20230516060355-9283cfc9b166/go.mod h1:1ffiGQZAZCLuk9QEBDdbRuQj1GL4uAQk6GNNtcEnPmI=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
--- a/internal/app/cmd/exec.go
+++ b/internal/app/cmd/exec.go
@@ -13,6 +13,7 @@ import (
 	"strings"
 	"time"

+	"github.com/docker/docker/api/types/container"
 	"github.com/joho/godotenv"
 	"github.com/nektos/act/pkg/artifactcache"
 	"github.com/nektos/act/pkg/artifacts"
@@ -56,6 +57,7 @@ type executeArgs struct {
 	dryrun                bool
 	image                 string
 	cacheHandler          *artifactcache.Handler
+	network               string
 }

 // WorkflowsPath returns path to workflow file(s)
@@ -384,7 +386,7 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command
 			// EventJSON:             string(eventJSON),
 			ContainerNamePrefix:   fmt.Sprintf("GITEA-ACTIONS-TASK-%s", eventName),
 			ContainerMaxLifetime:  maxLifetime,
-			ContainerNetworkMode:  "bridge",
+			ContainerNetworkMode:  container.NetworkMode(execArgs.network),
 			DefaultActionInstance: execArgs.defaultActionsUrl,
 			PlatformPicker: func(_ []string) string {
 				return execArgs.image
@@ -463,6 +465,7 @@ func loadExecCmd(ctx context.Context) *cobra.Command {
 	execCmd.PersistentFlags().BoolVarP(&execArg.debug, "debug", "d", false, "enable debug log")
 	execCmd.PersistentFlags().BoolVarP(&execArg.dryrun, "dryrun", "n", false, "dryrun mode")
 	execCmd.PersistentFlags().StringVarP(&execArg.image, "image", "i", "node:16-bullseye", "docker image to use")
+	execCmd.PersistentFlags().StringVarP(&execArg.network, "network", "", "", "Specify the network to which the container will connect")

 	return execCmd
 }
--- a/internal/app/run/runner.go
+++ b/internal/app/run/runner.go
@@ -13,6 +13,7 @@ import (
 	"time"

 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
+	"github.com/docker/docker/api/types/container"
 	"github.com/nektos/act/pkg/artifactcache"
 	"github.com/nektos/act/pkg/common"
 	"github.com/nektos/act/pkg/model"
@@ -183,14 +184,14 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
 		JSONLogger:            false,
 		Env:                   r.envs,
 		Secrets:               task.Secrets,
-		GitHubInstance:        r.client.Address(),
+		GitHubInstance:        strings.TrimSuffix(r.client.Address(), "/"),
 		AutoRemove:            true,
 		NoSkipCheckout:        true,
 		PresetGitHubContext:   preset,
 		EventJSON:             string(eventJSON),
 		ContainerNamePrefix:   fmt.Sprintf("GITEA-ACTIONS-TASK-%d", task.Id),
 		ContainerMaxLifetime:  maxLifetime,
-		ContainerNetworkMode:  r.cfg.Container.NetworkMode,
+		ContainerNetworkMode:  container.NetworkMode(r.cfg.Container.Network),
 		ContainerOptions:      r.cfg.Container.Options,
 		Privileged:            r.cfg.Container.Privileged,
 		DefaultActionInstance: taskContext["gitea_default_actions_url"].GetStringValue(),
--- a/internal/pkg/config/config.example.yaml
+++ b/internal/pkg/config/config.example.yaml
@@ -42,8 +42,10 @@ cache:
  port: 0

 container:
-  # Which network to use for the job containers. Could be bridge, host, none, or the name of a custom network.
-  network_mode: bridge
+  # Specifies the network to which the container will connect.
+  # Could be host, bridge or the name of a custom network.
+  # If it's empty, act_runner will create a network automatically.
+  network: ""
  # Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
  privileged: false
  # And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
--- a/internal/pkg/config/config.go
+++ b/internal/pkg/config/config.go
@@ -10,6 +10,7 @@ import (
 	"time"

 	"github.com/joho/godotenv"
+	log "github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v3"
 )

@@ -34,7 +35,8 @@ type Config struct {
 		Port    uint16 `yaml:"port"`
 	} `yaml:"cache"`
 	Container struct {
-		NetworkMode   string `yaml:"network_mode"`
+		Network       string `yaml:"network"`
+		NetworkMode   string `yaml:"network_mode"` // Deprecated: use Network instead. Could be removed after Gitea 1.20
 		Privileged    bool   `yaml:"privileged"`
 		Options       string `yaml:"options"`
 		WorkdirParent string `yaml:"workdir_parent"`
@@ -92,9 +94,6 @@ func LoadDefault(file string) (*Config, error) {
 			cfg.Cache.Dir = filepath.Join(home, ".cache", "actcache")
 		}
 	}
-	if cfg.Container.NetworkMode == "" {
-		cfg.Container.NetworkMode = "bridge"
-	}
 	if cfg.Container.WorkdirParent == "" {
 		cfg.Container.WorkdirParent = "workspace"
 	}
@@ -105,5 +104,18 @@ func LoadDefault(file string) (*Config, error) {
 		cfg.Runner.FetchInterval = 2 * time.Second
 	}

+	// although `container.network_mode` will be deprecated, but we have to be compatible with it for now.
+	if cfg.Container.NetworkMode != "" && cfg.Container.Network == "" {
+		log.Warn("You are trying to use deprecated configuration item of `container.network_mode`, please use `container.network` instead.")
+		if cfg.Container.NetworkMode == "bridge" {
+			// Previously, if the value of `container.network_mode` is `bridge`, we will create a new network for job.
+			// But “bridge” is easily confused with the bridge network created by Docker by default.
+			// So we set the value of `container.network` to empty string to make `act_runner` automatically create a new network for job.
+			cfg.Container.Network = ""
+		} else {
+			cfg.Container.Network = cfg.Container.NetworkMode
+		}
+	}
+
 	return cfg, nil
 }
--- a/run.sh
+++ b/run.sh
@@ -41,5 +41,7 @@ if [[ ! -s .runner ]]; then
    fi
  done
 fi
+# Prevent reading the token from the act_runner process
+unset GITEA_RUNNER_REGISTRATION_TOKEN

 act_runner daemon ${CONFIG_ARG}
Author	SHA1	Message	Date
harryzcy	e3271d8469	Remove trailing slash from instance address (#197 ) Related #136 Co-authored-by: harryzcy <harry@harryzheng.com> Reviewed-on: https://gitea.com/gitea/act_runner/pulls/197 Reviewed-by: Jason Song <i@wolfogre.com> Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: harryzcy <harryzcy@noreply.gitea.io> Co-committed-by: harryzcy <harryzcy@noreply.gitea.io>	2023-05-22 23:50:29 +08:00
sillyguodong	84386c1b16	Add exec command flag of `network` (#192 ) Related to #184 Add command flag of `network` for `exec`, the default value of `--network` is empty string. Valid values are: `host `, `bridge`, `<custom_network>` and empty string. Co-authored-by: Jason Song <i@wolfogre.com> Reviewed-on: https://gitea.com/gitea/act_runner/pulls/192 Reviewed-by: a1012112796 <1012112796@qq.com> Reviewed-by: Jason Song <i@wolfogre.com> Co-authored-by: sillyguodong <gedong_1994@163.com> Co-committed-by: sillyguodong <gedong_1994@163.com>	2023-05-18 15:01:43 +08:00
ChristopherHX	fd7c8580af	Prevent exposing GITEA_RUNNER_REGISTRATION_TOKEN to act (#188 ) You can currently expose the token to jobs even while using docker in docker `-e GITEA_RUNNER_REGISTRATION_TOKEN` tells the docker client of act to read GITEA_RUNNER_REGISTRATION_TOKEN from the process and now it can be stolen. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/188 Reviewed-by: Jason Song <i@wolfogre.com> Co-authored-by: ChristopherHX <christopherhx@noreply.gitea.io> Co-committed-by: ChristopherHX <christopherhx@noreply.gitea.io>	2023-05-17 14:13:38 +08:00
sillyguodong	35596a182b	Add configuration item of `container.network` (#184 ) Close https://gitea.com/gitea/act_runner/issues/177 Related https://gitea.com/gitea/act/pulls/56 ### ⚠️ Breaking The `container.network_mode` is a deprecated configuration item. It may be removed after Gitea 1.20 released. Previously, if the value of `container.network_mode` is `bridge`, it means that `act_runner` will create a new network for job.But `bridge` is easily confused with the bridge network created by Docker by default. We recommand that using `container.network` to specify the network to which containers created by `act_runner` connect. ### 🆕 container.network The configuration file of `act_runner` add a new item of `contianer.network`. In `config.example.yaml`: ```yaml container: # Specifies the network to which the container will connect. # Could be host, bridge or the name of a custom network. # If it's empty, act_runner will create a network automatically. network: "" ``` As the comment in the example above says, the purpose of the `container.network` is specifying the network to which containers created by `act_runner` will connect. `container.network` accepts the following valid values: - `host`: All of containers (including job containers and service contianers) created by `act_runner` will be connected to the network named `host` which is created automatically by Docker. Containers will share the host’s network stack and all interfaces from the host will be available to these containers. - `bridge`: It is similar to `host`. All of containers created by `act_runner` will be connected to the network named `bridge` which is created automatically by Docker. All containers connected to the `bridge` (Perhaps there are containers that are not created by `act_runner`) are allowed to communicate with each other, while providing isolation from containers which are not connected to that `bridge` network. - `<custom_network>`: Please make sure that the `<custom_network>` network already exists firstly (`act_runner` does not detect whether the specified network exists currently. If not exists yet, will return error in the stage of `docker create`). All of containers created by `act_runner` will be connected to `<custom_network>`. After the job is executed, containers are removed and automatically disconnected from the `<custom_network>`. - empty: `act_runner` will create a new network for each job container and their service containers (if defined in workflow). So each job container and their service containers share a network environment, but are isolated from others container and the Docker host. Of course, these networks created by `act_runner` will be removed at last. ### Others - If you do not have special needs, we highly recommend that setting `container.network` to empty string (and do not use `container.network_mode` any more). Because the containers created by `act_runner` will connect to the networks that are created by itself. This point will provide better isolation. - If you set `contianer.network` to empty string or `<custom_network>`, we can be access to service containers by `<service-id>:<port>` in the steps of job. Because we added an alias to the service container when connecting to the network. Co-authored-by: Jason Song <i@wolfogre.com> Reviewed-on: https://gitea.com/gitea/act_runner/pulls/184 Reviewed-by: Jason Song <i@wolfogre.com> Co-authored-by: sillyguodong <gedong_1994@163.com> Co-committed-by: sillyguodong <gedong_1994@163.com>	2023-05-16 14:46:59 +08:00
silverwind	c9d3f67264	Add .editorconfig and .gitattributes (#186 ) Add some files that belong in every repo. - `.editorconfig` is based on `gitea` repo. - `.gitattributes` is useful for Windows users. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/186 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-by: delvh <dev.lh@web.de> Co-authored-by: silverwind <me@silverwind.io> Co-committed-by: silverwind <me@silverwind.io>	2023-05-13 23:51:22 +08:00
Alex Lau (AvengerMoJo)	94031fc198	Fix README.md typo on daemon (#183 ) It is just a typo fix. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/183 Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io> Reviewed-by: Jason Song <i@wolfogre.com> Co-authored-by: Alex Lau (AvengerMoJo) <avengermojo@gmail.com> Co-committed-by: Alex Lau (AvengerMoJo) <avengermojo@gmail.com>	2023-05-11 14:25:39 +08:00