setup/evaluate env context after setup steps context. (#309)

.github/workflows/release.yml

@@ -70,15 +70,7 @@ jobs:
 
     runs-on: ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v1
-
-    # Set Path workaround for https://github.com/actions/virtual-environments/issues/263
-    - run: |
-        echo "::add-path::C:\Program Files\Git\mingw64\bin"
-        echo "::add-path::C:\Program Files\Git\usr\bin"
-        echo "::add-path::C:\Program Files\Git\bin"
-      if: matrix.os == 'windows-latest'
-      name: "Temp step to Set Path for Windows"
 
     # Build runner layout
     - name: Build & Layout Release
@@ -200,4 +192,4 @@ jobs:
         upload_url: ${{ steps.createRelease.outputs.upload_url }}
         asset_path: ${{ github.workspace }}/actions-runner-linux-arm64-${{ steps.releaseNote.outputs.version }}.tar.gz
         asset_name: actions-runner-linux-arm64-${{ steps.releaseNote.outputs.version }}.tar.gz
-        asset_content_type: application/octet-stream
+        asset_content_type: application/octet-stream

releaseNote.md

@@ -17,13 +17,14 @@
   - Trace javascript action exit code to debug instead of user logs (#290)
   - Change prompt message when removing a runner to lines up with GitHub.com UI (#303) 
   - Include step.env as part of env context. (#300)
+  - Update Base64 Encoders to deal with suffixes (#284)
 
 ## Misc
   - Move .sln file under ./src (#238)
   - Treat warnings as errors during compile (#249) 
 
 ## Windows x64
-We recommend configuring the runner under "<DRIVE>:\actions-runner". This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows
+We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows
 ``` 
 // Create a folder under the drive root
 mkdir \actions-runner ; cd \actions-runner
@@ -31,7 +32,7 @@ mkdir \actions-runner ; cd \actions-runner
 Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v<RUNNER_VERSION>/actions-runner-win-x64-<RUNNER_VERSION>.zip -OutFile actions-runner-win-x64-<RUNNER_VERSION>.zip
 // Extract the installer
 Add-Type -AssemblyName System.IO.Compression.FileSystem ; 
-[System.IO.Compression.ZipFile]::ExtractToDirectory("$HOME\Downloads\actions-runner-win-x64-<RUNNER_VERSION>.zip", "$PWD")
+[System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD\actions-runner-win-x64-<RUNNER_VERSION>.zip", "$PWD")
 ```
 
 ## OSX

releaseVersion

@@ -1 +1 @@
-2.165.2
+2.164.0

src/Runner.Common/HostContext.cs

@@ -83,6 +83,7 @@ namespace GitHub.Runner.Common
             _loadContext.Unloading += LoadContext_Unloading;
 
             this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscape);
+            this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeTrimmed);
             this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift1);
             this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift2);
             this.SecretMasker.AddValueEncoder(ValueEncoders.ExpressionStringEscape);

src/Sdk/DTLogging/Logging/ValueEncoders.cs

@@ -16,6 +16,11 @@ namespace GitHub.DistributedTask.Logging
         {
             return Convert.ToBase64String(Encoding.UTF8.GetBytes(value));
         }
+        
+        public static String Base64StringEscapeTrimmed(String value)
+        {
+            return TrimBase64End(Convert.ToBase64String(Encoding.UTF8.GetBytes(value)));
+        }
 
         // Base64 is 6 bits -> char
         // A byte is 8 bits
@@ -67,15 +72,15 @@ namespace GitHub.DistributedTask.Logging
             {
                 var shiftArray = new byte[bytes.Length - shift];
                 Array.Copy(bytes, shift, shiftArray, 0, bytes.Length - shift);
-                return Convert.ToBase64String(shiftArray);
+                return TrimBase64End(Convert.ToBase64String(shiftArray));
             }
             else
             {
-                return Convert.ToBase64String(bytes);
+                return TrimBase64End(Convert.ToBase64String(bytes));
             }
         }
 
-        private static String UriDataEscape(
+        public static String UriDataEscape(
             String value,
             Int32 maxSegmentSize)
         {
@@ -103,5 +108,26 @@ namespace GitHub.DistributedTask.Logging
 
             return result.ToString();
         }
+
+        private static String TrimBase64End(String value)
+        {
+            if (String.IsNullOrEmpty(value))
+            {
+                return String.Empty;
+            }
+            if (value.EndsWith('='))
+            {
+                var trimmed = value.TrimEnd('=');
+                if (trimmed.Length > 1)
+                {
+                    // If a base64 string ends in '=' it indicates that the base 64 character is only using 2 or 4 of the six bytes and will change if another character is added
+                    // For example 'ab' is 'YWI=' in base 64
+                    // 'abc' is 'YWJj'
+                    // We need to detect YW, not YWI so we trim the last character ('I')
+                    return trimmed.Substring(0, trimmed.Length - 1);
+                }
+            }
+            return value;
+        }
     }
 }

src/Test/L0/HostContextL0.cs

@@ -93,12 +93,21 @@ namespace GitHub.Runner.Common.Tests
                 Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass%20word%20123%21123"));
                 Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass<word>123!123"));
                 Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass''word''123!123"));
-                Assert.Equal("OlBh***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($":Password123!"))));
+                Assert.Equal("OlBh***Q==", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($":Password123!"))));
-                Assert.Equal("YTpQ***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"a:Password123!"))));
+                Assert.Equal("YTpQ***E=", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"a:Password123!"))));
                 Assert.Equal("YWI6***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"ab:Password123!"))));
-                Assert.Equal("YWJjOlBh***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abc:Password123!"))));
+                Assert.Equal("YWJjOlBh***Q==", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abc:Password123!"))));
-                Assert.Equal("YWJjZDpQ***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcd:Password123!"))));
+                Assert.Equal("YWJjZDpQ***E=", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcd:Password123!"))));
                 Assert.Equal("YWJjZGU6***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcde:Password123!"))));
+                Assert.Equal("***Og==", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"Password123!:"))));
+                Assert.Equal("***OmE=", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"Password123!:a"))));
+                Assert.Equal("***OmFi", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"Password123!:ab"))));
+                Assert.Equal("***OmFiYw==", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"Password123!:abc"))));
+                Assert.Equal("***OmFiY2Q=", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"Password123!:abcd"))));
+                Assert.Equal("***OmFiY2Rl", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"Password123!:abcde"))));
+                Assert.Equal("OlBh***To=", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($":Password123!:"))));
+                Assert.Equal("YTpQ***E6YQ==", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"a:Password123!:a"))));
+                Assert.Equal("YWJjOlBh***Tph", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abc:Password123!:a"))));
             }
             finally
             {

src/runnerversion

@@ -1 +1 @@
-2.165.2
+2.165.0