prepare 2.262.0 runner release.

* pass -f to docker build

* Wrong place

* build path

* Also pass docker context path

* Tidy up format

* PR Feedback

.github/workflows/codeql.yml

@@ -0,0 +1,35 @@
+name: "Code Scanning - Action"
+
+on:
+  push:
+  schedule:
+    - cron: '0 0 * * 0'
+
+jobs:
+  CodeQL-Build:
+
+    strategy:
+      fail-fast: false
+
+
+    # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      # Override language selection by uncommenting this and choosing your languages
+      # with:
+      #   languages: go, javascript, csharp, python, cpp, java
+
+    - name: Manual build
+      run : | 
+        ./dev.sh layout Release linux-x64
+      working-directory: src
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

docs/automate.md

@@ -0,0 +1,57 @@
+# Automate Configuring Self-Hosted Runners
+
+
+## Export PAT
+
+Before running any of these sample scripts, create a GitHub PAT and export it before running the script
+
+```bash
+export RUNNER_CFG_PAT=yourPAT
+```
+
+## Create running as a service
+
+**Scenario**: Run on a machine or VM (not container) which automates:
+
+ - Resolving latest released runner
+ - Download and extract latest
+ - Acquire a registration token
+ - Configure the runner
+ - Run as a systemd (linux) or Launchd (osx) service
+
+:point_right: [Sample script here](../scripts/create-latest-svc.sh) :point_left:
+
+Run as a one-liner. NOTE: replace with yourorg/yourrepo (repo level) or just yourorg (org level) 
+```bash
+curl -s https://raw.githubusercontent.com/actions/runner/automate/scripts/create-latest-svc.sh | bash -s yourorg/yourrepo
+```
+
+## Uninstall running as service 
+
+**Scenario**: Run on a machine or VM (not container) which automates:
+
+ - Stops and uninstalls the systemd (linux) or Launchd (osx) service
+ - Acquires a removal token
+ - Removes the runner
+
+:point_right: [Sample script here](../scripts/remove-svc.sh) :point_left:
+
+Repo level one liner.  NOTE: replace with yourorg/yourrepo (repo level) or just yourorg (org level) 
+```bash
+curl -s https://raw.githubusercontent.com/actions/runner/automate/scripts/remove-svc.sh | bash -s yourorg/yourrepo
+```
+
+### Delete an offline runner
+
+**Scenario**: Deletes a registered runner that is offline:
+
+ - Ensures the runner is offline
+ - Resolves id from name
+ - Deletes the runner
+
+:point_right: [Sample script here](../scripts/delete.sh) :point_left:
+
+Repo level one-liner.  NOTE: replace with yourorg/yourrepo (repo level) or just yourorg (org level) and replace runnername
+```bash
+curl -s https://raw.githubusercontent.com/actions/runner/automate/scripts/delete.sh | bash -s yourorg/yourrepo runnername
+```

docs/start/envlinux.md

@@ -40,7 +40,7 @@ Debian based OS (Debian, Ubuntu, Linux Mint)
 - libssl1.1, libssl1.0.2 or libssl1.0.0
 - libicu63, libicu60, libicu57 or libicu55
 
-Fedora based OS (Fedora, Redhat, Centos, Oracle Linux 7)
+Fedora based OS (Fedora, Red Hat Enterprise Linux, CentOS, Oracle Linux 7)
 
 - lttng-ust 
 - openssl-libs 

releaseNote.md

@@ -1,20 +1,31 @@
 ## Features
-  - Runner support for GHES Alpha (#381 #386 #390 #393 $401) 
-  - Allow secrets context in Container.env (#388)
+  - Sample scripts to automate scalable runners (#427)
+  - Raise warning when action input does not match action.yml. (#429)
+  - Add secret masker for trimming double quotes. (#440)
+  - Use the API_URL and munge action URLs for GHES (#437 #469)
+  - Help trace worker crash in Kusto. (#450)
+  - update checkout@v1 for GHES (#470)
 ## Bugs
-  - Raise warning when volume mount root. (#413)
-  - Fix typo (#394)
+  - Print node version in debug instead of output. (#433)
+  - Better error when runner removed from service. (#441)
+  - Add help info for '--labels' config option (#472)
+  - Sps/token migration fix, job.status/steps.outcome/steps.conclusion case match with GitHub check suites conclusion. (#462)
+  - Docker build using -f instead of implied default (#471)
 ## Misc
-  - N/A
+  - Make release notes code blocks copy-paste-able (#430)
+  - Fix spelling of RHEL and CentOS. (#436)
+  - Add CodeQL Analysis workflow (#459)
 
 ## Windows x64
-We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows
-``` 
-// Create a folder under the drive root
+We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows.
+
+The following snipped needs to be run on `powershell`:
+``` powershell
+# Create a folder under the drive root
 mkdir \actions-runner ; cd \actions-runner
-// Download the latest runner package
+# Download the latest runner package
 Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v<RUNNER_VERSION>/actions-runner-win-x64-<RUNNER_VERSION>.zip -OutFile actions-runner-win-x64-<RUNNER_VERSION>.zip
-// Extract the installer
+# Extract the installer
 Add-Type -AssemblyName System.IO.Compression.FileSystem ; 
 [System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD\actions-runner-win-x64-<RUNNER_VERSION>.zip", "$PWD")
 ```
@@ -22,44 +33,44 @@ Add-Type -AssemblyName System.IO.Compression.FileSystem ;
 ## OSX
 
 ``` bash
-// Create a folder
+# Create a folder
 mkdir actions-runner && cd actions-runner
-// Download the latest runner package
+# Download the latest runner package
 curl -O -L https://github.com/actions/runner/releases/download/v<RUNNER_VERSION>/actions-runner-osx-x64-<RUNNER_VERSION>.tar.gz
-// Extract the installer
+# Extract the installer
 tar xzf ./actions-runner-osx-x64-<RUNNER_VERSION>.tar.gz
 ```
 
 ## Linux x64
 
 ``` bash
-// Create a folder
+# Create a folder
 mkdir actions-runner && cd actions-runner
-// Download the latest runner package
+# Download the latest runner package
 curl -O -L https://github.com/actions/runner/releases/download/v<RUNNER_VERSION>/actions-runner-linux-x64-<RUNNER_VERSION>.tar.gz
-// Extract the installer
+# Extract the installer
 tar xzf ./actions-runner-linux-x64-<RUNNER_VERSION>.tar.gz
 ```
 
 ## Linux arm64 (Pre-release)
 
 ``` bash
-// Create a folder
+# Create a folder
 mkdir actions-runner && cd actions-runner
-// Download the latest runner package
+# Download the latest runner package
 curl -O -L https://github.com/actions/runner/releases/download/v<RUNNER_VERSION>/actions-runner-linux-arm64-<RUNNER_VERSION>.tar.gz
-// Extract the installer
+# Extract the installer
 tar xzf ./actions-runner-linux-arm64-<RUNNER_VERSION>.tar.gz
 ```
 
 ## Linux arm (Pre-release)
 
 ``` bash
-// Create a folder
+# Create a folder
 mkdir actions-runner && cd actions-runner
-// Download the latest runner package
+# Download the latest runner package
 curl -O -L https://github.com/actions/runner/releases/download/v<RUNNER_VERSION>/actions-runner-linux-arm-<RUNNER_VERSION>.tar.gz
-// Extract the installer
+# Extract the installer
 tar xzf ./actions-runner-linux-arm-<RUNNER_VERSION>.tar.gz
 ```
 

releaseVersion

@@ -1 +1 @@
-2.164.0
+<Update to ./src/runnerversion when creating release>

scripts/README.md

@@ -0,0 +1,4 @@
+# Sample scripts for self-hosted runners
+
+Here are some examples to work from if you'd like to automate your use of self-hosted runners.
+See the docs [here](../docs/automate.md).

scripts/create-latest-svc.sh

@@ -0,0 +1,147 @@
+#/bin/bash
+
+set -e
+
+#
+# Downloads latest releases (not pre-release) runner
+# Configures as a service
+#
+# Examples:
+# RUNNER_CFG_PAT=<yourPAT> ./create-latest-svc.sh myuser/myrepo my.ghe.deployment.net
+# RUNNER_CFG_PAT=<yourPAT> ./create-latest-svc.sh myorg my.ghe.deployment.net
+#
+# Usage:
+#     export RUNNER_CFG_PAT=<yourPAT>
+#     ./create-latest-svc scope [ghe_domain] [name] [user]
+#
+#      scope       required  repo (:owner/:repo) or org (:organization)
+#      ghe_domain  optional  the fully qualified domain name of your GitHub Enterprise Server deployment
+#      name        optional  defaults to hostname
+#      user        optional  user svc will run as. defaults to current
+#
+# Notes:
+# PATS over envvars are more secure
+# Should be used on VMs and not containers
+# Works on OSX and Linux
+# Assumes x64 arch
+#
+
+runner_scope=${1}
+ghe_hostname=${2}
+runner_name=${3:-$(hostname)}
+svc_user=${4:-$USER}
+
+echo "Configuring runner @ ${runner_scope}"
+sudo echo
+
+#---------------------------------------
+# Validate Environment
+#---------------------------------------
+runner_plat=linux
+[ ! -z "$(which sw_vers)" ] && runner_plat=osx;
+
+function fatal()
+{
+   echo "error: $1" >&2
+   exit 1
+}
+
+if [ -z "${runner_scope}" ]; then fatal "supply scope as argument 1"; fi
+if [ -z "${RUNNER_CFG_PAT}" ]; then fatal "RUNNER_CFG_PAT must be set before calling"; fi
+
+which curl || fatal "curl required.  Please install in PATH with apt-get, brew, etc"
+which jq || fatal "jq required.  Please install in PATH with apt-get, brew, etc"
+
+# bail early if there's already a runner there. also sudo early
+if [ -d ./runner ]; then
+    fatal "Runner already exists.  Use a different directory or delete ./runner"
+fi
+
+sudo -u ${svc_user} mkdir runner
+
+# TODO: validate not in a container
+# TODO: validate systemd or osx svc installer
+
+#--------------------------------------
+# Get a config token
+#--------------------------------------
+echo
+echo "Generating a registration token..."
+
+base_api_url="https://api.github.com"
+if [ -n "${ghe_hostname}" ]; then
+    base_api_url="https://${ghe_hostname}/api/v3"
+fi
+
+# if the scope has a slash, it's a repo runner
+orgs_or_repos="orgs"
+if [[ "$runner_scope" == *\/* ]]; then
+    orgs_or_repos="repos"
+fi
+
+export RUNNER_TOKEN=$(curl -s -X POST ${base_api_url}/${orgs_or_repos}/${runner_scope}/actions/runners/registration-token -H "accept: application/vnd.github.everest-preview+json" -H "authorization: token ${RUNNER_CFG_PAT}" | jq -r '.token')
+
+if [ -z "$RUNNER_TOKEN" ]; then fatal "Failed to get a token"; fi
+
+#---------------------------------------
+# Download latest released and extract
+#---------------------------------------
+echo
+echo "Downloading latest runner ..."
+
+# For the GHES Alpha, download the runner from github.com
+latest_version_label=$(curl -s -X GET 'https://api.github.com/repos/actions/runner/releases/latest' | jq -r '.tag_name')
+latest_version=$(echo ${latest_version_label:1})
+runner_file="actions-runner-${runner_plat}-x64-${latest_version}.tar.gz"
+
+if [ -f "${runner_file}" ]; then
+    echo "${runner_file} exists. skipping download."
+else
+    runner_url="https://github.com/actions/runner/releases/download/${latest_version_label}/${runner_file}"
+
+    echo "Downloading ${latest_version_label} for ${runner_plat} ..."
+    echo $runner_url
+
+    curl -O -L ${runner_url}
+fi
+
+ls -la *.tar.gz
+
+#---------------------------------------------------
+# extract to runner directory in this directory
+#---------------------------------------------------
+echo
+echo "Extracting ${runner_file} to ./runner"
+
+tar xzf "./${runner_file}" -C runner
+
+# export of pass
+sudo chown -R $svc_user ./runner
+
+pushd ./runner
+
+#---------------------------------------
+# Unattend config
+#---------------------------------------
+runner_url="https://github.com/${runner_scope}"
+if [ -n "${ghe_hostname}" ]; then
+    runner_url="https://${ghe_hostname}/${runner_scope}"
+fi
+
+echo
+echo "Configuring ${runner_name} @ $runner_url"
+echo "./config.sh --unattended --url $runner_url --token *** --name $runner_name"
+sudo -E -u ${svc_user} ./config.sh --unattended --url $runner_url --token $RUNNER_TOKEN --name $runner_name
+
+#---------------------------------------
+# Configuring as a service
+#---------------------------------------
+echo
+echo "Configuring as a service ..."
+prefix=""
+if [ "${runner_plat}" == "linux" ]; then
+prefix="sudo "
+fi
+
+${prefix}./svc.sh install ${svc_user}
+${prefix}./svc.sh start

scripts/delete.sh

@@ -0,0 +1,83 @@
+#/bin/bash
+
+set -e
+
+#
+# Force deletes a runner from the service
+# The caller should have already ensured the runner is gone and/or stopped
+#
+# Examples:
+# RUNNER_CFG_PAT=<yourPAT> ./delete.sh myuser/myrepo myname
+# RUNNER_CFG_PAT=<yourPAT> ./delete.sh myorg
+#
+# Usage:
+#     export RUNNER_CFG_PAT=<yourPAT>
+#     ./delete.sh scope name
+#
+#      scope required  repo (:owner/:repo) or org (:organization)
+#      name  optional  defaults to hostname.  name to delete
+# 
+# Notes:
+# PATS over envvars are more secure
+# Works on OSX and Linux 
+# Assumes x64 arch
+#
+
+runner_scope=${1}
+runner_name=${2}
+
+echo "Deleting runner ${runner_name} @ ${runner_scope}"
+
+function fatal()
+{
+   echo "error: $1" >&2
+   exit 1
+}
+
+if [ -z "${runner_scope}" ]; then fatal "supply scope as argument 1"; fi
+if [ -z "${runner_name}" ]; then fatal "supply name as argument 2"; fi
+if [ -z "${RUNNER_CFG_PAT}" ]; then fatal "RUNNER_CFG_PAT must be set before calling"; fi
+
+which curl || fatal "curl required.  Please install in PATH with apt-get, brew, etc"
+which jq || fatal "jq required.  Please install in PATH with apt-get, brew, etc"
+
+base_api_url="https://api.github.com/orgs"
+if [[ "$runner_scope" == *\/* ]]; then
+    base_api_url="https://api.github.com/repos"
+fi
+
+
+#--------------------------------------
+# Ensure offline
+#--------------------------------------
+runner_status=$(curl -s -X GET ${base_api_url}/${runner_scope}/actions/runners?per_page=100  -H "accept: application/vnd.github.everest-preview+json" -H "authorization: token ${RUNNER_CFG_PAT}" \
+        | jq -M -j ".runners | .[] | [select(.name == \"${runner_name}\")] | .[0].status")
+
+if [ -z "${runner_status}" ]; then 
+    fatal "Could not find runner with name ${runner_name}"
+fi
+
+echo "Status: ${runner_status}"
+
+if [ "${runner_status}" != "offline" ]; then 
+    fatal "Runner should be offline before removing"
+fi
+
+#--------------------------------------
+# Get id of runner to remove
+#--------------------------------------
+runner_id=$(curl -s -X GET ${base_api_url}/${runner_scope}/actions/runners?per_page=100  -H "accept: application/vnd.github.everest-preview+json" -H "authorization: token ${RUNNER_CFG_PAT}" \
+        | jq -M -j ".runners | .[] | [select(.name == \"${runner_name}\")] | .[0].id")
+
+if [ -z "${runner_id}" ]; then 
+    fatal "Could not find runner with name ${runner_name}"
+fi 
+
+echo "Removing id ${runner_id}"
+
+#--------------------------------------
+# Remove the runner
+#--------------------------------------
+curl -s -X DELETE ${base_api_url}/${runner_scope}/actions/runners/${runner_id} -H "authorization: token ${RUNNER_CFG_PAT}"
+
+echo "Done."

scripts/remove-svc.sh

@@ -0,0 +1,76 @@
+#/bin/bash
+
+set -e
+
+#
+# Removes a runner running as a service
+# Must be run on the machine where the service is run
+#
+# Examples:
+# RUNNER_CFG_PAT=<yourPAT> ./remove-svc.sh myuser/myrepo
+# RUNNER_CFG_PAT=<yourPAT> ./remove-svc.sh myorg
+#
+# Usage:
+#     export RUNNER_CFG_PAT=<yourPAT>
+#     ./remove-svc scope name
+#
+#      scope required  repo (:owner/:repo) or org (:organization)
+#      name  optional  defaults to hostname.  name to uninstall and remove
+# 
+# Notes:
+# PATS over envvars are more secure
+# Should be used on VMs and not containers
+# Works on OSX and Linux 
+# Assumes x64 arch
+#
+
+runner_scope=${1}
+runner_name=${2:-$(hostname)}
+
+echo "Uninstalling runner ${runner_name} @ ${runner_scope}"
+sudo echo
+
+function fatal()
+{
+   echo "error: $1" >&2
+   exit 1
+}
+
+if [ -z "${runner_scope}" ]; then fatal "supply scope as argument 1"; fi
+if [ -z "${RUNNER_CFG_PAT}" ]; then fatal "RUNNER_CFG_PAT must be set before calling"; fi
+
+which curl || fatal "curl required.  Please install in PATH with apt-get, brew, etc"
+which jq || fatal "jq required.  Please install in PATH with apt-get, brew, etc"
+
+runner_plat=linux
+[ ! -z "$(which sw_vers)" ] && runner_plat=osx;
+
+#--------------------------------------
+# Get a remove token
+#--------------------------------------
+echo
+echo "Generating a removal token..."
+
+# if the scope has a slash, it's an repo runner
+base_api_url="https://api.github.com/orgs"
+if [[ "$runner_scope" == *\/* ]]; then
+    base_api_url="https://api.github.com/repos"
+fi
+
+export REMOVE_TOKEN=$(curl -s -X POST ${base_api_url}/${runner_scope}/actions/runners/remove-token -H "accept: application/vnd.github.everest-preview+json" -H "authorization: token ${RUNNER_CFG_PAT}" | jq -r '.token')
+
+if [ -z "$REMOVE_TOKEN" ]; then fatal "Failed to get a token"; fi 
+
+#---------------------------------------
+# Stop and uninstall the service
+#---------------------------------------
+echo
+echo "Uninstall the service ..."
+pushd ./runner
+prefix=""
+if [ "${runner_plat}" == "linux" ]; then 
+    prefix="sudo "
+fi 
+${prefix}./svc.sh stop
+${prefix}./svc.sh uninstall
+${prefix}./config.sh remove --token $REMOVE_TOKEN

src/Misc/layoutbin/installdependencies.sh

@@ -9,7 +9,7 @@ fi
 
 # Determine OS type 
 # Debian based OS (Debian, Ubuntu, Linux Mint) has /etc/debian_version
-# Fedora based OS (Fedora, Redhat, Centos, Oracle Linux 7) has /etc/redhat-release
+# Fedora based OS (Fedora, Red Hat Enterprise Linux, CentOS, Oracle Linux 7) has /etc/redhat-release
 # SUSE based OS (OpenSUSE, SUSE Enterprise) has ID_LIKE=suse in /etc/os-release
 
 function print_errormessage() 
@@ -116,12 +116,12 @@ then
     elif [ -e /etc/redhat-release ]
     then
         echo "The current OS is Fedora based"
-        echo "--------Redhat Version--------"
+        echo "--Fedora/RHEL/CentOS Version--"
         cat /etc/redhat-release
         echo "------------------------------"
 
         # use dnf on fedora
-        # use yum on centos and redhat
+        # use yum on centos and rhel
         if [ -e /etc/fedora-release ]
         then
             command -v dnf
@@ -191,7 +191,7 @@ then
     redhatRelease=$(</etc/redhat-release)
     if [[ $redhatRelease == "CentOS release 6."* || $redhatRelease == "Red Hat Enterprise Linux Server release 6."* ]]
     then
-        echo "The current OS is Red Hat Enterprise Linux 6 or Centos 6"
+        echo "The current OS is Red Hat Enterprise Linux 6 or CentOS 6"
 
         # Install known dependencies, as a best effort.
         # The remaining dependencies are covered by the GitHub doc that will be shown by `print_rhel6message`

src/Misc/layoutbin/macos-run-invoker.js

@@ -0,0 +1,13 @@
+const { spawn } = require('child_process');
+// argv[0] = node
+// argv[1] = macos-run-invoker.js
+var shell = process.argv[2];
+var args = process.argv.slice(3);
+console.log(`::debug::macos-run-invoker: ${shell}`);
+console.log(`::debug::macos-run-invoker: ${JSON.stringify(args)}`);
+var launch = spawn(shell, args, { stdio: 'inherit' });
+launch.on('exit', function (code) {
+    if (code !== 0) {
+        process.exit(code);
+    }
+});

src/Runner.Common/Constants.cs

@@ -87,6 +87,7 @@ namespace GitHub.Runner.Common
                 public static class Args
                 {
                     public static readonly string Auth = "auth";
+                    public static readonly string Labels = "labels";
                     public static readonly string MonitorSocketAddress = "monitorsocketaddress";
                     public static readonly string Name = "name";
                     public static readonly string Pool = "pool";
@@ -136,6 +137,9 @@ namespace GitHub.Runner.Common
                 public const int RunnerUpdating = 3;
                 public const int RunOnceRunnerUpdating = 4;
             }
+
+            public static readonly string InternalTelemetryIssueDataKey = "_internal_telemetry";
+            public static readonly string WorkerCrash = "WORKER_CRASH";
         }
 
         public static class RunnerEvent

src/Runner.Common/HostContext.cs

@@ -1,19 +1,18 @@
-using GitHub.Runner.Common.Util;
-using System;
+using System;
 using System.Collections.Concurrent;
 using System.Collections.Generic;
+using System.Diagnostics;
+using System.Diagnostics.Tracing;
 using System.Globalization;
 using System.IO;
 using System.Linq;
+using System.Net.Http;
+using System.Net.Http.Headers;
 using System.Reflection;
 using System.Runtime.Loader;
 using System.Threading;
 using System.Threading.Tasks;
-using System.Diagnostics;
-using System.Net.Http;
-using System.Diagnostics.Tracing;
 using GitHub.DistributedTask.Logging;
-using System.Net.Http.Headers;
 using GitHub.Runner.Sdk;
 
 namespace GitHub.Runner.Common
@@ -24,7 +23,7 @@ namespace GitHub.Runner.Common
         CancellationToken RunnerShutdownToken { get; }
         ShutdownReason RunnerShutdownReason { get; }
         ISecretMasker SecretMasker { get; }
-        ProductInfoHeaderValue UserAgent { get; }
+        List<ProductInfoHeaderValue> UserAgents { get; }
         RunnerWebProxy WebProxy { get; }
         string GetDirectory(WellKnownDirectory directory);
         string GetConfigFile(WellKnownConfigFile configFile);
@@ -54,7 +53,7 @@ namespace GitHub.Runner.Common
         private readonly ConcurrentDictionary<Type, object> _serviceInstances = new ConcurrentDictionary<Type, object>();
         private readonly ConcurrentDictionary<Type, Type> _serviceTypes = new ConcurrentDictionary<Type, Type>();
         private readonly ISecretMasker _secretMasker = new SecretMasker();
-        private readonly ProductInfoHeaderValue _userAgent = new ProductInfoHeaderValue($"GitHubActionsRunner-{BuildConstants.RunnerPackage.PackageName}", BuildConstants.RunnerPackage.Version);
+        private readonly List<ProductInfoHeaderValue> _userAgents = new List<ProductInfoHeaderValue>() { new ProductInfoHeaderValue($"GitHubActionsRunner-{BuildConstants.RunnerPackage.PackageName}", BuildConstants.RunnerPackage.Version) };
         private CancellationTokenSource _runnerShutdownTokenSource = new CancellationTokenSource();
         private object _perfLock = new object();
         private Tracing _trace;
@@ -72,7 +71,7 @@ namespace GitHub.Runner.Common
         public CancellationToken RunnerShutdownToken => _runnerShutdownTokenSource.Token;
         public ShutdownReason RunnerShutdownReason { get; private set; }
         public ISecretMasker SecretMasker => _secretMasker;
-        public ProductInfoHeaderValue UserAgent => _userAgent;
+        public List<ProductInfoHeaderValue> UserAgents => _userAgents;
         public RunnerWebProxy WebProxy => _webProxy;
         public HostContext(string hostType, string logFile = null)
         {
@@ -89,6 +88,7 @@ namespace GitHub.Runner.Common
             this.SecretMasker.AddValueEncoder(ValueEncoders.JsonStringEscape);
             this.SecretMasker.AddValueEncoder(ValueEncoders.UriDataEscape);
             this.SecretMasker.AddValueEncoder(ValueEncoders.XmlDataEscape);
+            this.SecretMasker.AddValueEncoder(ValueEncoders.TrimDoubleQuotes);
 
             // Create the trace manager.
             if (string.IsNullOrEmpty(logFile))
@@ -189,6 +189,17 @@ namespace GitHub.Runner.Common
             {
                 _trace.Info($"No proxy settings were found based on environmental variables (http_proxy/https_proxy/HTTP_PROXY/HTTPS_PROXY)");
             }
+
+            var credFile = GetConfigFile(WellKnownConfigFile.Credentials);
+            if (File.Exists(credFile))
+            {
+                var credData = IOUtil.LoadObject<CredentialData>(credFile);
+                if (credData != null &&
+                    credData.Data.TryGetValue("clientId", out var clientId))
+                {
+                    _userAgents.Add(new ProductInfoHeaderValue($"RunnerId", clientId));
+                }
+            }
         }
 
         public string GetDirectory(WellKnownDirectory directory)
@@ -603,9 +614,8 @@ namespace GitHub.Runner.Common
     {
         public static HttpClientHandler CreateHttpClientHandler(this IHostContext context)
         {
-            HttpClientHandler clientHandler = new HttpClientHandler();
-            clientHandler.Proxy = context.WebProxy;
-            return clientHandler;
+            var handlerFactory = context.GetService<IHttpClientHandlerFactory>();
+            return handlerFactory.CreateClientHandler(context.WebProxy);
         }
     }
 

src/Runner.Common/HttpClientHandlerFactory.cs

@@ -0,0 +1,19 @@
+using System.Net.Http;
+using GitHub.Runner.Sdk;
+
+namespace GitHub.Runner.Common
+{
+    [ServiceLocator(Default = typeof(HttpClientHandlerFactory))]
+    public interface IHttpClientHandlerFactory : IRunnerService
+    {
+        HttpClientHandler CreateClientHandler(RunnerWebProxy webProxy);
+    }
+
+    public class HttpClientHandlerFactory : RunnerService, IHttpClientHandlerFactory
+    {
+        public HttpClientHandler CreateClientHandler(RunnerWebProxy webProxy)
+        {
+            return new HttpClientHandler() { Proxy = webProxy };
+        }
+    }
+}

src/Runner.Common/RunnerServer.cs

@@ -41,7 +41,7 @@ namespace GitHub.Runner.Common
 
         // job request
         Task<TaskAgentJobRequest> GetAgentRequestAsync(int poolId, long requestId, CancellationToken cancellationToken);
-        Task<TaskAgentJobRequest> RenewAgentRequestAsync(int poolId, long requestId, Guid lockToken, CancellationToken cancellationToken);
+        Task<TaskAgentJobRequest> RenewAgentRequestAsync(int poolId, long requestId, Guid lockToken, string orchestrationId, CancellationToken cancellationToken);
         Task<TaskAgentJobRequest> FinishAgentRequestAsync(int poolId, long requestId, Guid lockToken, DateTime finishTime, TaskResult result, CancellationToken cancellationToken);
 
         // agent package
@@ -300,10 +300,10 @@ namespace GitHub.Runner.Common
         // JobRequest
         //-----------------------------------------------------------------
 
-        public Task<TaskAgentJobRequest> RenewAgentRequestAsync(int poolId, long requestId, Guid lockToken, CancellationToken cancellationToken = default(CancellationToken))
+        public Task<TaskAgentJobRequest> RenewAgentRequestAsync(int poolId, long requestId, Guid lockToken, string orchestrationId = null, CancellationToken cancellationToken = default(CancellationToken))
         {
             CheckConnection(RunnerConnectionType.JobRequest);
-            return _requestTaskAgentClient.RenewAgentRequestAsync(poolId, requestId, lockToken, cancellationToken: cancellationToken);
+            return _requestTaskAgentClient.RenewAgentRequestAsync(poolId, requestId, lockToken, orchestrationId: orchestrationId, cancellationToken: cancellationToken);
         }
 
         public Task<TaskAgentJobRequest> FinishAgentRequestAsync(int poolId, long requestId, Guid lockToken, DateTime finishTime, TaskResult result, CancellationToken cancellationToken = default(CancellationToken))

src/Runner.Listener/CommandSettings.cs

@@ -39,6 +39,7 @@ namespace GitHub.Runner.Listener
         private readonly string[] validArgs =
         {
             Constants.Runner.CommandLine.Args.Auth,
+            Constants.Runner.CommandLine.Args.Labels,
             Constants.Runner.CommandLine.Args.MonitorSocketAddress,
             Constants.Runner.CommandLine.Args.Name,
             Constants.Runner.CommandLine.Args.Pool,
@@ -249,6 +250,24 @@ namespace GitHub.Runner.Listener
             return GetArg(Constants.Runner.CommandLine.Args.StartupType);
         }
 
+        public ISet<string> GetLabels()
+        {
+            var labelSet = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
+            string labels = GetArgOrPrompt(
+                name: Constants.Runner.CommandLine.Args.Labels,
+                description: $"This runner will have the following labels: 'self-hosted', '{VarUtil.OS}', '{VarUtil.OSArchitecture}' \nEnter any additional labels (ex. label-1,label-2):",
+                defaultValue: string.Empty,
+                validator: Validators.LabelsValidator,
+                isOptional: true);
+
+            if (!string.IsNullOrEmpty(labels))
+            {
+                labelSet = labels.Split(',').Where(x => !string.IsNullOrEmpty(x)).ToHashSet<string>(StringComparer.OrdinalIgnoreCase);
+            }
+
+            return labelSet;
+        }
+
         //
         // Private helpers.
         //
@@ -280,7 +299,8 @@ namespace GitHub.Runner.Listener
             string name,
             string description,
             string defaultValue,
-            Func<string, bool> validator)
+            Func<string, bool> validator,
+            bool isOptional = false)
         {
             // Check for the arg in the command line parser.
             ArgUtil.NotNull(validator, nameof(validator));
@@ -311,7 +331,8 @@ namespace GitHub.Runner.Listener
                 secret: Constants.Runner.CommandLine.Args.Secrets.Any(x => string.Equals(x, name, StringComparison.OrdinalIgnoreCase)),
                 defaultValue: defaultValue,
                 validator: validator,
-                unattended: Unattended);
+                unattended: Unattended,
+                isOptional: isOptional);
         }
 
         private string GetEnvArg(string name)

src/Runner.Listener/Configuration/ConfigurationManager.cs

@@ -166,6 +166,9 @@ namespace GitHub.Runner.Listener.Configuration
 
                 _term.WriteLine();
 
+                var userLabels = command.GetLabels();
+                _term.WriteLine();
+
                 var agents = await _runnerServer.GetAgentsAsync(runnerSettings.PoolId, runnerSettings.AgentName);
                 Trace.Verbose("Returns {0} agents", agents.Count);
                 agent = agents.FirstOrDefault();
@@ -175,7 +178,7 @@ namespace GitHub.Runner.Listener.Configuration
                     if (command.GetReplace())
                     {
                         // Update existing agent with new PublicKey, agent version.
-                        agent = UpdateExistingAgent(agent, publicKey);
+                        agent = UpdateExistingAgent(agent, publicKey, userLabels);
 
                         try
                         {
@@ -198,7 +201,7 @@ namespace GitHub.Runner.Listener.Configuration
                 else
                 {
                     // Create a new agent.
-                    agent = CreateNewAgent(runnerSettings.AgentName, publicKey);
+                    agent = CreateNewAgent(runnerSettings.AgentName, publicKey, userLabels);
 
                     try
                     {
@@ -448,7 +451,7 @@ namespace GitHub.Runner.Listener.Configuration
         }
 
 
-        private TaskAgent UpdateExistingAgent(TaskAgent agent, RSAParameters publicKey)
+        private TaskAgent UpdateExistingAgent(TaskAgent agent, RSAParameters publicKey, ISet<string> userLabels)
         {
             ArgUtil.NotNull(agent, nameof(agent));
             agent.Authorization = new TaskAgentAuthorization
@@ -456,18 +459,25 @@ namespace GitHub.Runner.Listener.Configuration
                 PublicKey = new TaskAgentPublicKey(publicKey.Exponent, publicKey.Modulus),
             };
 
-            // update - update instead of delete so we don't lose labels etc...
+            // update should replace the existing labels
             agent.Version = BuildConstants.RunnerPackage.Version;
             agent.OSDescription = RuntimeInformation.OSDescription;
             
-            agent.Labels.Add("self-hosted");
-            agent.Labels.Add(VarUtil.OS);
-            agent.Labels.Add(VarUtil.OSArchitecture);
+            agent.Labels.Clear();
+
+            agent.Labels.Add(new AgentLabel("self-hosted", LabelType.System));
+            agent.Labels.Add(new AgentLabel(VarUtil.OS, LabelType.System));
+            agent.Labels.Add(new AgentLabel(VarUtil.OSArchitecture, LabelType.System));
+
+            foreach (var userLabel in userLabels)
+            {
+                agent.Labels.Add(new AgentLabel(userLabel, LabelType.User));
+            }
             
             return agent;
         }
 
-        private TaskAgent CreateNewAgent(string agentName, RSAParameters publicKey)
+        private TaskAgent CreateNewAgent(string agentName, RSAParameters publicKey, ISet<string> userLabels)
         {
             TaskAgent agent = new TaskAgent(agentName)
             {
@@ -480,9 +490,14 @@ namespace GitHub.Runner.Listener.Configuration
                 OSDescription = RuntimeInformation.OSDescription,
             };
 
-            agent.Labels.Add("self-hosted");
-            agent.Labels.Add(VarUtil.OS);
-            agent.Labels.Add(VarUtil.OSArchitecture);
+            agent.Labels.Add(new AgentLabel("self-hosted", LabelType.System));
+            agent.Labels.Add(new AgentLabel(VarUtil.OS, LabelType.System));
+            agent.Labels.Add(new AgentLabel(VarUtil.OSArchitecture, LabelType.System));
+
+            foreach (var userLabel in userLabels)
+            {
+                agent.Labels.Add(new AgentLabel(userLabel, LabelType.User));
+            }
 
             return agent;
         }
@@ -511,7 +526,7 @@ namespace GitHub.Runner.Listener.Configuration
             using (var httpClient = new HttpClient(httpClientHandler))
             {
                 httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("RemoteAuth", githubToken);
-                httpClient.DefaultRequestHeaders.UserAgent.Add(HostContext.UserAgent);
+                httpClient.DefaultRequestHeaders.UserAgent.AddRange(HostContext.UserAgents);
 
                 var bodyObject = new Dictionary<string, string>()
                 {

src/Runner.Listener/Configuration/PromptManager.cs

@@ -20,7 +20,8 @@ namespace GitHub.Runner.Listener.Configuration
             bool secret,
             string defaultValue,
             Func<String, bool> validator,
-            bool unattended);
+            bool unattended,
+            bool isOptional = false);
     }
 
     public sealed class PromptManager : RunnerService, IPromptManager
@@ -56,7 +57,8 @@ namespace GitHub.Runner.Listener.Configuration
             bool secret,
             string defaultValue,
             Func<string, bool> validator,
-            bool unattended)
+            bool unattended,
+            bool isOptional = false)
         {
             Trace.Info(nameof(ReadValue));
             ArgUtil.NotNull(validator, nameof(validator));
@@ -70,6 +72,10 @@ namespace GitHub.Runner.Listener.Configuration
                 {
                     return defaultValue;
                 }
+                else if (isOptional) 
+                {
+                    return string.Empty;
+                }
 
                 // Otherwise throw.
                 throw new Exception($"Invalid configuration provided for {argName}. Terminating unattended configuration.");
@@ -85,17 +91,27 @@ namespace GitHub.Runner.Listener.Configuration
                 {
                     _terminal.Write($"[press Enter for {defaultValue}] ");
                 }
+                else if (isOptional){
+                    _terminal.Write($"[press Enter to skip] ");
+                }
 
                 // Read and trim the value.
                 value = secret ? _terminal.ReadSecret() : _terminal.ReadLine();
                 value = value?.Trim() ?? string.Empty;
 
                 // Return the default if not specified.
-                if (string.IsNullOrEmpty(value) && !string.IsNullOrEmpty(defaultValue))
+                if (string.IsNullOrEmpty(value))
+                {
+                    if (!string.IsNullOrEmpty(defaultValue))
                     {
                         Trace.Info($"Falling back to the default: '{defaultValue}'");
                         return defaultValue;
                     }
+                    else if (isOptional)
+                    {
+                        return string.Empty;
+                    }
+                }
                 
                 // Return the value if it is not empty and it is valid.
                 // Otherwise try the loop again.

src/Runner.Listener/Configuration/Validators.cs

@@ -1,6 +1,7 @@
 using GitHub.Runner.Common.Util;
 using GitHub.Runner.Sdk;
 using System;
+using System.Linq;
 using System.IO;
 using System.Security.Principal;
 
@@ -46,6 +47,21 @@ namespace GitHub.Runner.Listener.Configuration
                    string.Equals(value, "N", StringComparison.CurrentCultureIgnoreCase);
         }
 
+        public static bool LabelsValidator(string labels)
+        {
+            if (!string.IsNullOrEmpty(labels))
+            {
+                var labelSet = labels.Split(',').Where(x => !string.IsNullOrEmpty(x)).ToHashSet<string>(StringComparer.OrdinalIgnoreCase);
+
+                if (labelSet.Any(x => x.Length > 256))
+                {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+
         public static bool NonEmptyValidator(string value)
         {
             return !string.IsNullOrEmpty(value);

src/Runner.Listener/JobDispatcher.cs

@@ -12,6 +12,7 @@ using System.Linq;
 using GitHub.Services.Common;
 using GitHub.Runner.Common;
 using GitHub.Runner.Sdk;
+using GitHub.Services.WebApi.Jwt;
 
 namespace GitHub.Runner.Listener
 {
@@ -86,15 +87,30 @@ namespace GitHub.Runner.Listener
                 }
             }
 
+            var orchestrationId = string.Empty;
+            var systemConnection = jobRequestMessage.Resources.Endpoints.SingleOrDefault(x => string.Equals(x.Name, WellKnownServiceEndpointNames.SystemVssConnection, StringComparison.OrdinalIgnoreCase));
+            if (systemConnection?.Authorization != null &&
+                systemConnection.Authorization.Parameters.TryGetValue("AccessToken", out var accessToken) &&
+                !string.IsNullOrEmpty(accessToken))
+            {
+                var jwt = JsonWebToken.Create(accessToken);
+                var claims = jwt.ExtractClaims();
+                orchestrationId = claims.FirstOrDefault(x => string.Equals(x.Type, "orchid", StringComparison.OrdinalIgnoreCase))?.Value;
+                if (!string.IsNullOrEmpty(orchestrationId))
+                {
+                    Trace.Info($"Pull OrchestrationId {orchestrationId} from JWT claims");
+                }
+            }
+
             WorkerDispatcher newDispatch = new WorkerDispatcher(jobRequestMessage.JobId, jobRequestMessage.RequestId);
             if (runOnce)
             {
                 Trace.Info("Start dispatcher for one time used runner.");
-                newDispatch.WorkerDispatch = RunOnceAsync(jobRequestMessage, currentDispatch, newDispatch.WorkerCancellationTokenSource.Token, newDispatch.WorkerCancelTimeoutKillTokenSource.Token);
+                newDispatch.WorkerDispatch = RunOnceAsync(jobRequestMessage, orchestrationId, currentDispatch, newDispatch.WorkerCancellationTokenSource.Token, newDispatch.WorkerCancelTimeoutKillTokenSource.Token);
             }
             else
             {
-                newDispatch.WorkerDispatch = RunAsync(jobRequestMessage, currentDispatch, newDispatch.WorkerCancellationTokenSource.Token, newDispatch.WorkerCancelTimeoutKillTokenSource.Token);
+                newDispatch.WorkerDispatch = RunAsync(jobRequestMessage, orchestrationId, currentDispatch, newDispatch.WorkerCancellationTokenSource.Token, newDispatch.WorkerCancelTimeoutKillTokenSource.Token);
             }
 
             _jobInfos.TryAdd(newDispatch.JobId, newDispatch);
@@ -284,11 +300,11 @@ namespace GitHub.Runner.Listener
             }
         }
 
-        private async Task RunOnceAsync(Pipelines.AgentJobRequestMessage message, WorkerDispatcher previousJobDispatch, CancellationToken jobRequestCancellationToken, CancellationToken workerCancelTimeoutKillToken)
+        private async Task RunOnceAsync(Pipelines.AgentJobRequestMessage message, string orchestrationId, WorkerDispatcher previousJobDispatch, CancellationToken jobRequestCancellationToken, CancellationToken workerCancelTimeoutKillToken)
         {
             try
             {
-                await RunAsync(message, previousJobDispatch, jobRequestCancellationToken, workerCancelTimeoutKillToken);
+                await RunAsync(message, orchestrationId, previousJobDispatch, jobRequestCancellationToken, workerCancelTimeoutKillToken);
             }
             finally
             {
@@ -297,7 +313,7 @@ namespace GitHub.Runner.Listener
             }
         }
 
-        private async Task RunAsync(Pipelines.AgentJobRequestMessage message, WorkerDispatcher previousJobDispatch, CancellationToken jobRequestCancellationToken, CancellationToken workerCancelTimeoutKillToken)
+        private async Task RunAsync(Pipelines.AgentJobRequestMessage message, string orchestrationId, WorkerDispatcher previousJobDispatch, CancellationToken jobRequestCancellationToken, CancellationToken workerCancelTimeoutKillToken)
         {
             Busy = true;
             try
@@ -328,7 +344,7 @@ namespace GitHub.Runner.Listener
 
                     // start renew job request
                     Trace.Info($"Start renew job request {requestId} for job {message.JobId}.");
-                    Task renewJobRequest = RenewJobRequestAsync(_poolId, requestId, lockToken, firstJobRequestRenewed, lockRenewalTokenSource.Token);
+                    Task renewJobRequest = RenewJobRequestAsync(_poolId, requestId, lockToken, orchestrationId, firstJobRequestRenewed, lockRenewalTokenSource.Token);
 
                     // wait till first renew succeed or job request is canceled
                     // not even start worker if the first renew fail
@@ -607,7 +623,7 @@ namespace GitHub.Runner.Listener
             }
         }
 
-        public async Task RenewJobRequestAsync(int poolId, long requestId, Guid lockToken, TaskCompletionSource<int> firstJobRequestRenewed, CancellationToken token)
+        public async Task RenewJobRequestAsync(int poolId, long requestId, Guid lockToken, string orchestrationId, TaskCompletionSource<int> firstJobRequestRenewed, CancellationToken token)
         {
             var runnerServer = HostContext.GetService<IRunnerServer>();
             TaskAgentJobRequest request = null;
@@ -620,7 +636,7 @@ namespace GitHub.Runner.Listener
             {
                 try
                 {
-                    request = await runnerServer.RenewAgentRequestAsync(poolId, requestId, lockToken, token);
+                    request = await runnerServer.RenewAgentRequestAsync(poolId, requestId, lockToken, orchestrationId, token);
 
                     Trace.Info($"Successfully renew job request {requestId}, job is valid till {request.LockedUntil.Value}");
 
@@ -842,7 +858,6 @@ namespace GitHub.Runner.Listener
             }
         }
 
-        // TODO: We need send detailInfo back to DT in order to add an issue for the job
         private async Task CompleteJobRequestAsync(int poolId, Pipelines.AgentJobRequestMessage message, Guid lockToken, TaskResult result, string detailInfo = null)
         {
             Trace.Entering();
@@ -936,8 +951,10 @@ namespace GitHub.Runner.Listener
                 ArgUtil.NotNull(timeline, nameof(timeline));
                 TimelineRecord jobRecord = timeline.Records.FirstOrDefault(x => x.Id == message.JobId && x.RecordType == "Job");
                 ArgUtil.NotNull(jobRecord, nameof(jobRecord));
+                var unhandledExceptionIssue = new Issue() { Type = IssueType.Error, Message = errorMessage };
+                unhandledExceptionIssue.Data[Constants.Runner.InternalTelemetryIssueDataKey] = Constants.Runner.WorkerCrash;
                 jobRecord.ErrorCount++;
-                jobRecord.Issues.Add(new Issue() { Type = IssueType.Error, Message = errorMessage });
+                jobRecord.Issues.Add(unhandledExceptionIssue);
                 await jobServer.UpdateTimelineRecordsAsync(message.Plan.ScopeIdentifier, message.Plan.PlanType, message.Plan.PlanId, message.Timeline.Id, new TimelineRecord[] { jobRecord }, CancellationToken.None);
             }
             catch (Exception ex)

src/Runner.Listener/MessageListener.cs

@@ -150,9 +150,44 @@ namespace GitHub.Runner.Listener
                     Trace.Error("Catch exception during create session.");
                     Trace.Error(ex);
 
+                    if (ex is VssOAuthTokenRequestException && creds.Federated is VssOAuthCredential vssOAuthCred)
+                    {
+                        // Check whether we get 401 because the runner registration already removed by the service.
+                        // If the runner registration get deleted, we can't exchange oauth token.
+                        Trace.Error("Test oauth app registration.");
+                        var oauthTokenProvider = new VssOAuthTokenProvider(vssOAuthCred, new Uri(serverUrl));
+                        var authError = await oauthTokenProvider.ValidateCredentialAsync(token);
+                        if (string.Equals(authError, "invalid_client", StringComparison.OrdinalIgnoreCase))
+                        {
+                            _term.WriteError("Failed to create a session. The runner registration has been deleted from the server, please re-configure.");
+                            return false;
+                        }
+                    }
+
+                    if (ex is TaskAgentSessionConflictException)
+                    {
+                        try
+                        {
+                            var newCred = await GetNewOAuthAuthorizationSetting(token, true);
+                            if (newCred != null)
+                            {
+                                await _runnerServer.ConnectAsync(new Uri(_settings.ServerUrl), newCred);
+                                Trace.Info("Updated connection to use migrated credential for next CreateSession call.");
+                                _useMigratedCredentials = true;
+                                _authorizationUrlMigrationBackgroundTask = null;
+                                _needToCheckAuthorizationUrlUpdate = false;
+                            }
+                        }
+                        catch (Exception e)
+                        {
+                            Trace.Error("Fail to refresh connection with new authorization url.");
+                            Trace.Error(e);
+                        }
+                    }
+
                     if (!IsSessionCreationExceptionRetriable(ex))
                     {
-                        if (_useMigratedCredentials)
+                        if (_useMigratedCredentials && !(ex is TaskAgentSessionConflictException))
                         {
                             // migrated credentials might cause lose permission during permission check,
                             // we will force to use original credential and try again
@@ -502,14 +537,11 @@ namespace GitHub.Runner.Listener
             }
         }
 
-        private async Task<VssCredentials> GetNewOAuthAuthorizationSetting(CancellationToken token)
+        private async Task<VssCredentials> GetNewOAuthAuthorizationSetting(CancellationToken token, bool adhoc = false)
         {
             Trace.Info("Start checking oauth authorization url update.");
             while (true)
             {
-                var backoff = BackoffTimerHelper.GetRandomBackoff(TimeSpan.FromMinutes(30), TimeSpan.FromMinutes(45));
-                await HostContext.Delay(backoff, token);
-
                 try
                 {
                     var migratedAuthorizationUrl = await _runnerServer.GetRunnerAuthUrlAsync(_settings.PoolId, _settings.AgentId);
@@ -524,8 +556,15 @@ namespace GitHub.Runner.Listener
                         {
                             // We don't need to update credentials.
                             Trace.Info("No needs to update authorization url");
+                            if (adhoc)
+                            {
+                                return null;
+                            }
+                            else
+                            {
                                 await Task.Delay(TimeSpan.FromMilliseconds(-1), token);
                             }
+                        }
 
                         var keyManager = HostContext.GetService<IRSAKeyManager>();
                         var signingCredentials = VssSigningCredentials.Create(() => keyManager.GetKey());
@@ -558,7 +597,7 @@ namespace GitHub.Runner.Listener
                         Trace.Verbose("No authorization url updates");
                     }
                 }
-                catch (Exception ex)
+                catch (Exception ex) when (!token.IsCancellationRequested)
                 {
                     Trace.Error("Fail to get/test new authorization url.");
                     Trace.Error(ex);
@@ -574,6 +613,16 @@ namespace GitHub.Runner.Listener
                         Trace.Error(e);
                     }
                 }
+
+                if (adhoc)
+                {
+                    return null;
+                }
+                else
+                {
+                    var backoff = BackoffTimerHelper.GetRandomBackoff(TimeSpan.FromMinutes(30), TimeSpan.FromMinutes(45));
+                    await HostContext.Delay(backoff, token);
+                }
             }
         }
     }

src/Runner.Listener/Runner.cs

@@ -37,7 +37,7 @@ namespace GitHub.Runner.Listener
         {
             try
             {
-                VssUtil.InitializeVssClientSettings(HostContext.UserAgent, HostContext.WebProxy);
+                VssUtil.InitializeVssClientSettings(HostContext.UserAgents, HostContext.WebProxy);
 
                 _inConfigStage = true;
                 _completedCommand.Reset();
@@ -466,6 +466,7 @@ Config Options:
  --url string     Repository to add the runner to. Required if unattended
  --token string   Registration token. Required if unattended
  --name string    Name of the runner to configure (default {Environment.MachineName ?? "myrunner"})
+ --labels string  Extra labels in addition to the default: 'self-hosted,{Constants.Runner.Platform},{Constants.Runner.PlatformArchitecture}'
  --work string    Relative runner work directory (default {Constants.Path.WorkDirectory})
  --replace        Replace any existing runner with the same name (default false)");
 #if OS_WINDOWS
@@ -478,7 +479,9 @@ Examples:
  Configure a runner non-interactively:
   .{separator}config.{ext} --unattended --url <url> --token <token>
  Configure a runner non-interactively, replacing any existing runner with the same name:
-  .{separator}config.{ext} --unattended --url <url> --token <token> --replace [--name <name>]");
+  .{separator}config.{ext} --unattended --url <url> --token <token> --replace [--name <name>]
+ Configure a runner non-interactively with three extra labels:
+  .{separator}config.{ext} --unattended --url <url> --token <token> --labels L1,L2,L3");
 #if OS_WINDOWS
     _term.WriteLine($@" Configure a runner to run as a service:");
     _term.WriteLine($@"  .{separator}config.{ext} --url <url> --token <token> --runasservice");

src/Runner.Plugins/Repository/v1.0/GitSourceProvider.cs

@@ -80,7 +80,12 @@ namespace GitHub.Runner.Plugins.Repository.v1_0
             // Validate args.
             ArgUtil.NotNull(executionContext, nameof(executionContext));
             executionContext.Output($"Syncing repository: {repoFullName}");
-            Uri repositoryUrl = new Uri($"https://github.com/{repoFullName}");
+
+            // Repository URL
+            var githubUrl = executionContext.GetGitHubContext("url");
+            var githubUri = new Uri(!string.IsNullOrEmpty(githubUrl) ? githubUrl : "https://github.com");
+            var portInfo = githubUri.IsDefaultPort ? string.Empty : $":{githubUri.Port}";
+            Uri repositoryUrl = new Uri($"{githubUri.Scheme}://{githubUri.Host}{portInfo}/{repoFullName}");
             if (!repositoryUrl.IsAbsoluteUri)
             {
                 throw new InvalidOperationException("Repository url need to be an absolute uri.");

src/Runner.Sdk/Util/VssUtil.cs

@@ -14,10 +14,10 @@ namespace GitHub.Runner.Sdk
 {
     public static class VssUtil
     {
-        public static void InitializeVssClientSettings(ProductInfoHeaderValue additionalUserAgent, IWebProxy proxy)
+        public static void InitializeVssClientSettings(List<ProductInfoHeaderValue> additionalUserAgents, IWebProxy proxy)
         {
             var headerValues = new List<ProductInfoHeaderValue>();
-            headerValues.Add(additionalUserAgent);
+            headerValues.AddRange(additionalUserAgents);
             headerValues.Add(new ProductInfoHeaderValue($"({RuntimeInformation.OSDescription.Trim()})"));
 
             if (VssClientHttpRequestSettings.Default.UserAgent != null && VssClientHttpRequestSettings.Default.UserAgent.Count > 0)

src/Runner.Worker/ActionCommandManager.cs

@@ -485,9 +485,12 @@ namespace GitHub.Runner.Worker
             }
 
             foreach (var property in command.Properties)
+            {
+                if (!string.Equals(property.Key, Constants.Runner.InternalTelemetryIssueDataKey, StringComparison.OrdinalIgnoreCase))
                 {
                     issue.Data[property.Key] = property.Value;
                 }
+            }
 
             context.AddIssue(issue);
         }

src/Runner.Worker/ActionManager.cs

@@ -1,31 +1,42 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.IO;
 using System.IO.Compression;
 using System.Linq;
-using System.Threading;
-using System.Threading.Tasks;
+using System.Net;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
 using GitHub.DistributedTask.ObjectTemplating.Tokens;
-using GitHub.DistributedTask.WebApi;
 using GitHub.Runner.Common;
-using GitHub.Runner.Common.Util;
 using GitHub.Runner.Sdk;
 using GitHub.Runner.Worker.Container;
 using GitHub.Services.Common;
-using Newtonsoft.Json;
 using Pipelines = GitHub.DistributedTask.Pipelines;
 using PipelineTemplateConstants = GitHub.DistributedTask.Pipelines.ObjectTemplating.PipelineTemplateConstants;
 
 namespace GitHub.Runner.Worker
 {
+    public class PrepareResult
+    {
+        public PrepareResult(List<JobExtensionRunner> containerSetupSteps, Dictionary<Guid, IActionRunner> preStepTracker)
+        {
+            this.ContainerSetupSteps = containerSetupSteps;
+            this.PreStepTracker = preStepTracker;
+        }
+
+        public List<JobExtensionRunner> ContainerSetupSteps { get; set; }
+
+        public Dictionary<Guid, IActionRunner> PreStepTracker { get; set; }
+    }
+
     [ServiceLocator(Default = typeof(ActionManager))]
     public interface IActionManager : IRunnerService
     {
         Dictionary<Guid, ContainerInfo> CachedActionContainers { get; }
-        Task<List<JobExtensionRunner>> PrepareActionsAsync(IExecutionContext executionContext, IEnumerable<Pipelines.JobStep> steps);
+        Task<PrepareResult> PrepareActionsAsync(IExecutionContext executionContext, IEnumerable<Pipelines.JobStep> steps);
         Definition LoadAction(IExecutionContext executionContext, Pipelines.ActionStep action);
     }
 
@@ -35,11 +46,11 @@ namespace GitHub.Runner.Worker
 
         //81920 is the default used by System.IO.Stream.CopyTo and is under the large object heap threshold (85k).
         private const int _defaultCopyBufferSize = 81920;
-
+        private const string _dotcomApiUrl = "https://api.github.com";
         private readonly Dictionary<Guid, ContainerInfo> _cachedActionContainers = new Dictionary<Guid, ContainerInfo>();
 
         public Dictionary<Guid, ContainerInfo> CachedActionContainers => _cachedActionContainers;
-        public async Task<List<JobExtensionRunner>> PrepareActionsAsync(IExecutionContext executionContext, IEnumerable<Pipelines.JobStep> steps)
+        public async Task<PrepareResult> PrepareActionsAsync(IExecutionContext executionContext, IEnumerable<Pipelines.JobStep> steps)
         {
             ArgUtil.NotNull(executionContext, nameof(executionContext));
             ArgUtil.NotNull(steps, nameof(steps));
@@ -49,6 +60,7 @@ namespace GitHub.Runner.Worker
             Dictionary<string, List<Guid>> imagesToBuild = new Dictionary<string, List<Guid>>(StringComparer.OrdinalIgnoreCase);
             Dictionary<string, ActionContainer> imagesToBuildInfo = new Dictionary<string, ActionContainer>(StringComparer.OrdinalIgnoreCase);
             List<JobExtensionRunner> containerSetupSteps = new List<JobExtensionRunner>();
+            Dictionary<Guid, IActionRunner> preStepTracker = new Dictionary<Guid, IActionRunner>();
             IEnumerable<Pipelines.ActionStep> actions = steps.OfType<Pipelines.ActionStep>();
 
             // TODO: Deprecate the PREVIEW_ACTION_TOKEN
@@ -59,13 +71,7 @@ namespace GitHub.Runner.Worker
             }
 
             // Clear the cache (for self-hosted runners)
-            // Note, temporarily avoid this step for the on-premises product, to avoid rate limiting.
-            var configurationStore = HostContext.GetService<IConfigurationStore>();
-            var isHostedServer = configurationStore.GetSettings().IsHostedServer;
-            if (isHostedServer)
-            {
             IOUtil.DeleteDirectory(HostContext.GetDirectory(WellKnownDirectory.Actions), executionContext.CancellationToken);
-            }
 
             foreach (var action in actions)
             {
@@ -117,6 +123,22 @@ namespace GitHub.Runner.Worker
                             imagesToBuildInfo[setupInfo.ActionRepository] = setupInfo;
                         }
                     }
+
+                    var repoAction = action.Reference as Pipelines.RepositoryPathReference;
+                    if (repoAction.RepositoryType != Pipelines.PipelineConstants.SelfAlias)
+                    {
+                        var definition = LoadAction(executionContext, action);
+                        if (definition.Data.Execution.HasPre)
+                        {
+                            var actionRunner = HostContext.CreateService<IActionRunner>();
+                            actionRunner.Action = action;
+                            actionRunner.Stage = ActionRunStage.Pre;
+                            actionRunner.Condition = definition.Data.Execution.InitCondition;
+
+                            Trace.Info($"Add 'pre' execution for {action.Id}");
+                            preStepTracker[action.Id] = actionRunner;
+                        }
+                    }
                 }
             }
 
@@ -153,7 +175,7 @@ namespace GitHub.Runner.Worker
             }
 #endif
 
-            return containerSetupSteps;
+            return new PrepareResult(containerSetupSteps, preStepTracker);
         }
 
         public Definition LoadAction(IExecutionContext executionContext, Pipelines.ActionStep action)
@@ -245,14 +267,19 @@ namespace GitHub.Runner.Worker
                             Trace.Info($"Action container env: {StringUtil.ConvertToJson(containerAction.Environment)}.");
                         }
 
+                        if (!string.IsNullOrEmpty(containerAction.Pre))
+                        {
+                            Trace.Info($"Action container pre entrypoint: {containerAction.Pre}.");
+                        }
+
                         if (!string.IsNullOrEmpty(containerAction.EntryPoint))
                         {
                             Trace.Info($"Action container entrypoint: {containerAction.EntryPoint}.");
                         }
 
-                        if (!string.IsNullOrEmpty(containerAction.Cleanup))
+                        if (!string.IsNullOrEmpty(containerAction.Post))
                         {
-                            Trace.Info($"Action container cleanup entrypoint: {containerAction.Cleanup}.");
+                            Trace.Info($"Action container post entrypoint: {containerAction.Post}.");
                         }
 
                         if (CachedActionContainers.TryGetValue(action.Id, out var container))
@@ -264,8 +291,9 @@ namespace GitHub.Runner.Worker
                     else if (definition.Data.Execution.ExecutionType == ActionExecutionType.NodeJS)
                     {
                         var nodeAction = definition.Data.Execution as NodeJSActionExecutionData;
+                        Trace.Info($"Action pre node.js file: {nodeAction.Pre ?? "N/A"}.");
                         Trace.Info($"Action node.js file: {nodeAction.Script}.");
-                        Trace.Info($"Action cleanup node.js file: {nodeAction.Cleanup ?? "N/A"}.");
+                        Trace.Info($"Action post node.js file: {nodeAction.Post ?? "N/A"}.");
                     }
                     else if (definition.Data.Execution.ExecutionType == ActionExecutionType.Plugin)
                     {
@@ -281,7 +309,7 @@ namespace GitHub.Runner.Worker
 
                         if (!string.IsNullOrEmpty(plugin.PostPluginTypeName))
                         {
-                            pluginAction.Cleanup = plugin.PostPluginTypeName;
+                            pluginAction.Post = plugin.PostPluginTypeName;
                             Trace.Info($"Action cleanup plugin: {plugin.PluginTypeName}.");
                         }
                     }
@@ -402,7 +430,12 @@ namespace GitHub.Runner.Worker
             var imageName = $"{dockerManger.DockerInstanceLabel}:{Guid.NewGuid().ToString("N")}";
             while (retryCount < 3)
             {
-                buildExitCode = await dockerManger.DockerBuild(executionContext, setupInfo.Container.WorkingDirectory, Directory.GetParent(setupInfo.Container.Dockerfile).FullName, imageName);
+                buildExitCode = await dockerManger.DockerBuild(
+                    executionContext,
+                    setupInfo.Container.WorkingDirectory,
+                    setupInfo.Container.Dockerfile,
+                    Directory.GetParent(setupInfo.Container.Dockerfile).FullName,
+                    imageName);
                 if (buildExitCode == 0)
                 {
                     break;
@@ -454,7 +487,7 @@ namespace GitHub.Runner.Worker
             ArgUtil.NotNullOrEmpty(repositoryReference.Ref, nameof(repositoryReference.Ref));
 
             string destDirectory = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Actions), repositoryReference.Name.Replace(Path.AltDirectorySeparatorChar, Path.DirectorySeparatorChar), repositoryReference.Ref);
-            string watermarkFile = destDirectory + ".completed";
+            string watermarkFile = GetWatermarkFilePath(destDirectory);
             if (File.Exists(watermarkFile))
             {
                 executionContext.Debug($"Action '{repositoryReference.Name}@{repositoryReference.Ref}' already downloaded at '{destDirectory}'.");
@@ -468,27 +501,90 @@ namespace GitHub.Runner.Worker
                 executionContext.Output($"Download action repository '{repositoryReference.Name}@{repositoryReference.Ref}'");
             }
 
-#if OS_WINDOWS
-            string archiveLink = $"https://api.github.com/repos/{repositoryReference.Name}/zipball/{repositoryReference.Ref}";
-#else
-            string archiveLink = $"https://api.github.com/repos/{repositoryReference.Name}/tarball/{repositoryReference.Ref}";
-#endif
+            var configurationStore = HostContext.GetService<IConfigurationStore>();
+            var isHostedServer = configurationStore.GetSettings().IsHostedServer;
+            if (isHostedServer)
+            {
+                string apiUrl = GetApiUrl(executionContext);
+                string archiveLink = BuildLinkToActionArchive(apiUrl, repositoryReference.Name, repositoryReference.Ref);
                 Trace.Info($"Download archive '{archiveLink}' to '{destDirectory}'.");
+                var downloadDetails = new ActionDownloadDetails(archiveLink, ConfigureAuthorizationFromContext);
+                await DownloadRepositoryActionAsync(executionContext, downloadDetails, destDirectory);
+                return;
+            }
+            else
+            {
+                string apiUrl = GetApiUrl(executionContext);
 
+                // URLs to try:
+                var downloadAttempts = new List<ActionDownloadDetails> {
+                    // A built-in action or an action the user has created, on their GHES instance
+                    // Example:  https://my-ghes/api/v3/repos/my-org/my-action/tarball/v1
+                    new ActionDownloadDetails(
+                        BuildLinkToActionArchive(apiUrl, repositoryReference.Name, repositoryReference.Ref),
+                        ConfigureAuthorizationFromContext),
+
+                    // The same action, on GitHub.com
+                    // Example:  https://api.github.com/repos/my-org/my-action/tarball/v1
+                    new ActionDownloadDetails(
+                        BuildLinkToActionArchive(_dotcomApiUrl, repositoryReference.Name, repositoryReference.Ref),
+                        configureAuthorization: (e,h) => { /* no authorization for dotcom */ })
+                };
+
+                foreach (var downloadAttempt in downloadAttempts)
+                {
+                    Trace.Info($"Download archive '{downloadAttempt.ArchiveLink}' to '{destDirectory}'.");
+                    try
+                    {
+                        await DownloadRepositoryActionAsync(executionContext, downloadAttempt, destDirectory);
+                        return;
+                    }
+                    catch (ActionNotFoundException)
+                    {
+                        Trace.Info($"Failed to find the action '{repositoryReference.Name}' at ref '{repositoryReference.Ref}' at {downloadAttempt.ArchiveLink}");
+                        continue;
+                    }
+                }
+                throw new ActionNotFoundException($"Failed to find the action '{repositoryReference.Name}' at ref '{repositoryReference.Ref}'.  Paths attempted: {string.Join(", ", downloadAttempts.Select(d => d.ArchiveLink))}");
+            }
+        }
+
+        private string GetApiUrl(IExecutionContext executionContext)
+        {
+            string apiUrl = executionContext.GetGitHubContext("api_url");
+            if (!string.IsNullOrEmpty(apiUrl))
+            {
+                return apiUrl;
+            }
+            // Once the api_url is set for hosted, we can remove this fallback (it doesn't make sense for GHES)
+            return _dotcomApiUrl;
+        }
+
+        private static string BuildLinkToActionArchive(string apiUrl, string repository, string @ref)
+        {
+#if OS_WINDOWS
+            return $"{apiUrl}/repos/{repository}/zipball/{@ref}";
+#else
+            return $"{apiUrl}/repos/{repository}/tarball/{@ref}";
+#endif
+        }
+
+        private async Task DownloadRepositoryActionAsync(IExecutionContext executionContext, ActionDownloadDetails actionDownloadDetails, string destDirectory)
+        {
             //download and extract action in a temp folder and rename it on success
             string tempDirectory = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Actions), "_temp_" + Guid.NewGuid());
             Directory.CreateDirectory(tempDirectory);
 
-
 #if OS_WINDOWS
             string archiveFile = Path.Combine(tempDirectory, $"{Guid.NewGuid()}.zip");
 #else
             string archiveFile = Path.Combine(tempDirectory, $"{Guid.NewGuid()}.tar.gz");
 #endif
-            Trace.Info($"Save archive '{archiveLink}' into {archiveFile}.");
+
+            string link = actionDownloadDetails.ArchiveLink;
+            Trace.Info($"Save archive '{link}' into {archiveFile}.");
             try
             {
-
                 int retryCount = 0;
 
                 // Allow up to 20 * 60s for any action to be downloaded from github graph.
@@ -505,37 +601,14 @@ namespace GitHub.Runner.Worker
                             using (var httpClientHandler = HostContext.CreateHttpClientHandler())
                             using (var httpClient = new HttpClient(httpClientHandler))
                             {
-                                var configurationStore = HostContext.GetService<IConfigurationStore>();
-                                var isHostedServer = configurationStore.GetSettings().IsHostedServer;
-                                if (isHostedServer)
-                                {
-                                    var authToken = Environment.GetEnvironmentVariable("_GITHUB_ACTION_TOKEN");
-                                    if (string.IsNullOrEmpty(authToken))
-                                    {
-                                        // TODO: Deprecate the PREVIEW_ACTION_TOKEN
-                                        authToken = executionContext.Variables.Get("PREVIEW_ACTION_TOKEN");
-                                    }
+                                actionDownloadDetails.ConfigureAuthorization(executionContext, httpClient);
 
-                                    if (!string.IsNullOrEmpty(authToken))
+                                httpClient.DefaultRequestHeaders.UserAgent.AddRange(HostContext.UserAgents);
+                                using (var response = await httpClient.GetAsync(link))
                                 {
-                                        HostContext.SecretMasker.AddValue(authToken);
-                                        var base64EncodingToken = Convert.ToBase64String(Encoding.UTF8.GetBytes($"PAT:{authToken}"));
-                                        httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64EncodingToken);
-                                    }
-                                    else
+                                    if (response.IsSuccessStatusCode)
                                     {
-                                        var accessToken = executionContext.GetGitHubContext("token");
-                                        var base64EncodingToken = Convert.ToBase64String(Encoding.UTF8.GetBytes($"x-access-token:{accessToken}"));
-                                        httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64EncodingToken);
-                                    }
-                                }
-                                else
-                                {
-                                    // Intentionally empty. Temporary for GHES alpha release, download from dotcom unauthenticated.
-                                }
-
-                                httpClient.DefaultRequestHeaders.UserAgent.Add(HostContext.UserAgent);
-                                using (var result = await httpClient.GetStreamAsync(archiveLink))
+                                        using (var result = await response.Content.ReadAsStreamAsync())
                                         {
                                             await result.CopyToAsync(fs, _defaultCopyBufferSize, actionDownloadCancellation.Token);
                                             await fs.FlushAsync(actionDownloadCancellation.Token);
@@ -544,25 +617,42 @@ namespace GitHub.Runner.Worker
                                             break;
                                         }
                                     }
+                                    else if (response.StatusCode == HttpStatusCode.NotFound)
+                                    {
+                                        // It doesn't make sense to retry in this case, so just stop
+                                        throw new ActionNotFoundException(new Uri(link));
+                                    }
+                                    else
+                                    {
+                                        // Something else bad happened, let's go to our retry logic
+                                        response.EnsureSuccessStatusCode();
+                                    }
+                                }
+                            }
                         }
                         catch (OperationCanceledException) when (executionContext.CancellationToken.IsCancellationRequested)
                         {
-                            Trace.Info($"Action download has been cancelled.");
+                            Trace.Info("Action download has been cancelled.");
+                            throw;
+                        }
+                        catch (ActionNotFoundException)
+                        {
+                            Trace.Info($"The action at '{link}' does not exist");
                             throw;
                         }
                         catch (Exception ex) when (retryCount < 2)
                         {
                             retryCount++;
-                            Trace.Error($"Fail to download archive '{archiveLink}' -- Attempt: {retryCount}");
+                            Trace.Error($"Fail to download archive '{link}' -- Attempt: {retryCount}");
                             Trace.Error(ex);
                             if (actionDownloadTimeout.Token.IsCancellationRequested)
                             {
                                 // action download didn't finish within timeout
-                                executionContext.Warning($"Action '{archiveLink}' didn't finish download within {timeoutSeconds} seconds.");
+                                executionContext.Warning($"Action '{link}' didn't finish download within {timeoutSeconds} seconds.");
                             }
                             else
                             {
-                                executionContext.Warning($"Failed to download action '{archiveLink}'. Error {ex.Message}");
+                                executionContext.Warning($"Failed to download action '{link}'. Error: {ex.Message}");
                             }
                         }
                     }
@@ -576,7 +666,7 @@ namespace GitHub.Runner.Worker
                 }
 
                 ArgUtil.NotNullOrEmpty(archiveFile, nameof(archiveFile));
-                executionContext.Debug($"Download '{archiveLink}' to '{archiveFile}'");
+                executionContext.Debug($"Download '{link}' to '{archiveFile}'");
 
                 var stagingDirectory = Path.Combine(tempDirectory, "_staging");
                 Directory.CreateDirectory(stagingDirectory);
@@ -626,6 +716,7 @@ namespace GitHub.Runner.Worker
                 }
 
                 Trace.Verbose("Create watermark file indicate action download succeed.");
+                string watermarkFile = GetWatermarkFilePath(destDirectory);
                 File.WriteAllText(watermarkFile, DateTime.UtcNow.ToString());
 
                 executionContext.Debug($"Archive '{archiveFile}' has been unzipped into '{destDirectory}'.");
@@ -650,6 +741,31 @@ namespace GitHub.Runner.Worker
             }
         }
 
+        private void ConfigureAuthorizationFromContext(IExecutionContext executionContext, HttpClient httpClient)
+        {
+            var authToken = Environment.GetEnvironmentVariable("_GITHUB_ACTION_TOKEN");
+            if (string.IsNullOrEmpty(authToken))
+            {
+                // TODO: Deprecate the PREVIEW_ACTION_TOKEN
+                authToken = executionContext.Variables.Get("PREVIEW_ACTION_TOKEN");
+            }
+
+            if (!string.IsNullOrEmpty(authToken))
+            {
+                HostContext.SecretMasker.AddValue(authToken);
+                var base64EncodingToken = Convert.ToBase64String(Encoding.UTF8.GetBytes($"PAT:{authToken}"));
+                httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64EncodingToken);
+            }
+            else
+            {
+                var accessToken = executionContext.GetGitHubContext("token");
+                var base64EncodingToken = Convert.ToBase64String(Encoding.UTF8.GetBytes($"x-access-token:{accessToken}"));
+                httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64EncodingToken);
+            }
+        }
+
+        private string GetWatermarkFilePath(string directory) => directory + ".completed";
+
         private ActionContainer PrepareRepositoryActionAsync(IExecutionContext executionContext, Pipelines.ActionStep repositoryAction)
         {
             var repositoryReference = repositoryAction.Reference as Pipelines.RepositoryPathReference;
@@ -755,6 +871,19 @@ namespace GitHub.Runner.Worker
                 throw new InvalidOperationException($"Can't find 'action.yml', 'action.yaml' or 'Dockerfile' under '{fullPath}'. Did you forget to run actions/checkout before running your local action?");
             }
         }
+
+        private class ActionDownloadDetails
+        {
+            public string ArchiveLink { get; }
+
+            public Action<IExecutionContext, HttpClient> ConfigureAuthorization { get; }
+
+            public ActionDownloadDetails(string archiveLink, Action<IExecutionContext, HttpClient> configureAuthorization)
+            {
+                ArchiveLink = archiveLink;
+                ConfigureAuthorization = configureAuthorization;
+            }
+        }
     }
 
     public sealed class Definition
@@ -788,7 +917,8 @@ namespace GitHub.Runner.Worker
     {
         public override ActionExecutionType ExecutionType => ActionExecutionType.Container;
 
-        public override bool HasCleanup => !string.IsNullOrEmpty(Cleanup);
+        public override bool HasPre => !string.IsNullOrEmpty(Pre);
+        public override bool HasPost => !string.IsNullOrEmpty(Post);
 
         public string Image { get; set; }
 
@@ -798,51 +928,66 @@ namespace GitHub.Runner.Worker
 
         public MappingToken Environment { get; set; }
 
-        public string Cleanup { get; set; }
+        public string Pre { get; set; }
+
+        public string Post { get; set; }
     }
 
     public sealed class NodeJSActionExecutionData : ActionExecutionData
     {
         public override ActionExecutionType ExecutionType => ActionExecutionType.NodeJS;
 
-        public override bool HasCleanup => !string.IsNullOrEmpty(Cleanup);
+        public override bool HasPre => !string.IsNullOrEmpty(Pre);
+        public override bool HasPost => !string.IsNullOrEmpty(Post);
 
         public string Script { get; set; }
 
-        public string Cleanup { get; set; }
+        public string Pre { get; set; }
+
+        public string Post { get; set; }
     }
 
     public sealed class PluginActionExecutionData : ActionExecutionData
     {
         public override ActionExecutionType ExecutionType => ActionExecutionType.Plugin;
 
-        public override bool HasCleanup => !string.IsNullOrEmpty(Cleanup);
+        public override bool HasPre => false;
+
+        public override bool HasPost => !string.IsNullOrEmpty(Post);
 
         public string Plugin { get; set; }
 
-        public string Cleanup { get; set; }
+        public string Post { get; set; }
     }
 
     public sealed class ScriptActionExecutionData : ActionExecutionData
     {
         public override ActionExecutionType ExecutionType => ActionExecutionType.Script;
-
-        public override bool HasCleanup => false;
+        public override bool HasPre => false;
+        public override bool HasPost => false;
     }
 
     public abstract class ActionExecutionData
     {
+        private string _initCondition = $"{Constants.Expressions.Always}()";
         private string _cleanupCondition = $"{Constants.Expressions.Always}()";
 
         public abstract ActionExecutionType ExecutionType { get; }
 
-        public abstract bool HasCleanup { get; }
+        public abstract bool HasPre { get; }
+        public abstract bool HasPost { get; }
 
         public string CleanupCondition
         {
             get { return _cleanupCondition; }
             set { _cleanupCondition = value; }
         }
+
+        public string InitCondition
+        {
+            get { return _initCondition; }
+            set { _initCondition = value; }
+        }
     }
 
     public class ContainerSetupInfo
@@ -879,4 +1024,3 @@ namespace GitHub.Runner.Worker
         public string ActionRepository { get; set; }
     }
 }
-

src/Runner.Worker/ActionManifestManager.cs

@@ -305,6 +305,9 @@ namespace GitHub.Runner.Worker
             var envToken = default(MappingToken);
             var mainToken = default(StringToken);
             var pluginToken = default(StringToken);
+            var preToken = default(StringToken);
+            var preEntrypointToken = default(StringToken);
+            var preIfToken = default(StringToken);
             var postToken = default(StringToken);
             var postEntrypointToken = default(StringToken);
             var postIfToken = default(StringToken);
@@ -343,6 +346,15 @@ namespace GitHub.Runner.Worker
                     case "post-if":
                         postIfToken = run.Value.AssertString("post-if");
                         break;
+                    case "pre":
+                        preToken = run.Value.AssertString("pre");
+                        break;
+                    case "pre-entrypoint":
+                        preEntrypointToken = run.Value.AssertString("pre-entrypoint");
+                        break;
+                    case "pre-if":
+                        preIfToken = run.Value.AssertString("pre-if");
+                        break;
                     default:
                         Trace.Info($"Ignore run property {runsKey}.");
                         break;
@@ -365,7 +377,9 @@ namespace GitHub.Runner.Worker
                             Arguments = argsToken,
                             EntryPoint = entrypointToken?.Value,
                             Environment = envToken,
-                            Cleanup = postEntrypointToken?.Value,
+                            Pre = preEntrypointToken?.Value,
+                            InitCondition = preIfToken?.Value ?? "always()",
+                            Post = postEntrypointToken?.Value,
                             CleanupCondition = postIfToken?.Value ?? "always()"
                         };
                     }
@@ -374,14 +388,16 @@ namespace GitHub.Runner.Worker
                 {
                     if (string.IsNullOrEmpty(mainToken?.Value))
                     {
-                        throw new ArgumentNullException($"Entry javascript fils is not provided.");
+                        throw new ArgumentNullException($"Entry javascript file is not provided.");
                     }
                     else
                     {
                         return new NodeJSActionExecutionData()
                         {
                             Script = mainToken.Value,
-                            Cleanup = postToken?.Value,
+                            Pre = preToken?.Value,
+                            InitCondition = preIfToken?.Value ?? "always()",
+                            Post = postToken?.Value,
                             CleanupCondition = postIfToken?.Value ?? "always()"
                         };
                     }

src/Runner.Worker/ActionNotFoundException.cs

@@ -0,0 +1,33 @@
+using System;
+using System.Runtime.Serialization;
+
+namespace GitHub.Runner.Worker
+{
+    public class ActionNotFoundException : Exception
+    {
+        public ActionNotFoundException(Uri actionUri)
+            : base(FormatMessage(actionUri))
+        {
+        }
+
+        public ActionNotFoundException(string message)
+            : base(message)
+        {
+        }
+
+        public ActionNotFoundException(string message, System.Exception inner)
+            : base(message, inner)
+        {
+        }
+
+        protected ActionNotFoundException(SerializationInfo info, StreamingContext context)
+                : base(info, context)
+        {
+        }
+
+        private static string FormatMessage(Uri actionUri)
+        {
+            return $"An action could not be found at the URI '{actionUri}'";
+        }
+    }
+}

src/Runner.Worker/ActionRunner.cs

@@ -18,6 +18,7 @@ namespace GitHub.Runner.Worker
 {
     public enum ActionRunStage
     {
+        Pre,
         Main,
         Post,
     }
@@ -81,20 +82,18 @@ namespace GitHub.Runner.Worker
             ActionExecutionData handlerData = definition.Data?.Execution;
             ArgUtil.NotNull(handlerData, nameof(handlerData));
 
-            // The action has post cleanup defined.
-            // we need to create timeline record for them and add them to the step list that StepRunner is using
-            if (handlerData.HasCleanup && Stage == ActionRunStage.Main)
+            if (handlerData.HasPre &&
+                Action.Reference is Pipelines.RepositoryPathReference repoAction &&
+                string.Equals(repoAction.RepositoryType, Pipelines.PipelineConstants.SelfAlias, StringComparison.OrdinalIgnoreCase))
             {
-                string postDisplayName = null;
-                if (this.DisplayName.StartsWith(PipelineTemplateConstants.RunDisplayPrefix))
-                {
-                    postDisplayName = $"Post {this.DisplayName.Substring(PipelineTemplateConstants.RunDisplayPrefix.Length)}";
-                }
-                else
-                {
-                    postDisplayName = $"Post {this.DisplayName}";
+                ExecutionContext.Warning($"`pre` execution is not supported for local action from '{repoAction.Path}'");
             }
 
+            // The action has post cleanup defined.
+            // we need to create timeline record for them and add them to the step list that StepRunner is using
+            if (handlerData.HasPost && (Stage == ActionRunStage.Pre || Stage == ActionRunStage.Main))
+            {
+                string postDisplayName = $"Post {this.DisplayName}";
                 var repositoryReference = Action.Reference as RepositoryPathReference;
                 var pathString = string.IsNullOrEmpty(repositoryReference.Path) ? string.Empty : $"/{repositoryReference.Path}";
                 var repoString = string.IsNullOrEmpty(repositoryReference.Ref) ? $"{repositoryReference.Name}{pathString}" :
@@ -108,7 +107,7 @@ namespace GitHub.Runner.Worker
                 actionRunner.Condition = handlerData.CleanupCondition;
                 actionRunner.DisplayName = postDisplayName;
 
-                ExecutionContext.RegisterPostJobStep($"{actionRunner.Action.Name}_post", actionRunner);
+                ExecutionContext.RegisterPostJobStep(actionRunner);
             }
 
             IStepHost stepHost = HostContext.CreateService<IDefaultStepHost>();
@@ -144,8 +143,10 @@ namespace GitHub.Runner.Worker
             var templateEvaluator = ExecutionContext.ToPipelineTemplateEvaluator();
             var inputs = templateEvaluator.EvaluateStepInputs(Action.Inputs, ExecutionContext.ExpressionValues, ExecutionContext.ExpressionFunctions);
 
+            var userInputs = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
             foreach (KeyValuePair<string, string> input in inputs)
             {
+                userInputs.Add(input.Key);
                 string message = "";
                 if (definition.Data?.Deprecated?.TryGetValue(input.Key, out message) == true)
                 {
@@ -153,13 +154,15 @@ namespace GitHub.Runner.Worker
                 }
             }
 
+            var validInputs = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
             // Merge the default inputs from the definition
             if (definition.Data?.Inputs != null)
             {
                 var manifestManager = HostContext.GetService<IActionManifestManager>();
-                foreach (var input in (definition.Data?.Inputs))
+                foreach (var input in definition.Data.Inputs)
                 {
                     string key = input.Key.AssertString("action input name").Value;
+                    validInputs.Add(key);
                     if (!inputs.ContainsKey(key))
                     {
                         inputs[key] = manifestManager.EvaluateDefaultInput(ExecutionContext, key, input.Value);
@@ -167,6 +170,14 @@ namespace GitHub.Runner.Worker
                 }
             }
 
+            foreach (var input in userInputs)
+            {
+                if (!validInputs.Contains(input))
+                {
+                    ExecutionContext.Warning($"Unexpected input '{input}', valid inputs are ['{string.Join("', '", validInputs)}']");
+                }
+            }
+
             // Load the action environment.
             ExecutionContext.Debug("Loading env");
             var environment = new Dictionary<String, String>(VarUtil.EnvironmentVariableKeyComparer);

src/Runner.Worker/Container/DockerCommandManager.cs

@@ -17,7 +17,7 @@ namespace GitHub.Runner.Worker.Container
         string DockerInstanceLabel { get; }
         Task<DockerVersion> DockerVersion(IExecutionContext context);
         Task<int> DockerPull(IExecutionContext context, string image);
-        Task<int> DockerBuild(IExecutionContext context, string workingDirectory, string dockerFile, string tag);
+        Task<int> DockerBuild(IExecutionContext context, string workingDirectory, string dockerFile, string dockerContext, string tag);
         Task<string> DockerCreate(IExecutionContext context, ContainerInfo container);
         Task<int> DockerRun(IExecutionContext context, ContainerInfo container, EventHandler<ProcessDataReceivedEventArgs> stdoutDataReceived, EventHandler<ProcessDataReceivedEventArgs> stderrDataReceived);
         Task<int> DockerStart(IExecutionContext context, string containerId);
@@ -87,9 +87,9 @@ namespace GitHub.Runner.Worker.Container
             return await ExecuteDockerCommandAsync(context, "pull", image, context.CancellationToken);
         }
 
-        public async Task<int> DockerBuild(IExecutionContext context, string workingDirectory, string dockerFile, string tag)
+        public async Task<int> DockerBuild(IExecutionContext context, string workingDirectory, string dockerFile, string dockerContext, string tag)
         {
-            return await ExecuteDockerCommandAsync(context, "build", $"-t {tag} \"{dockerFile}\"", workingDirectory, context.CancellationToken);
+            return await ExecuteDockerCommandAsync(context, "build", $"-t {tag} -f \"{dockerFile}\" \"{dockerContext}\"", workingDirectory, context.CancellationToken);
         }
 
         public async Task<string> DockerCreate(IExecutionContext context, ContainerInfo container)

src/Runner.Worker/ContainerOperationProvider.cs

@@ -49,7 +49,7 @@ namespace GitHub.Runner.Worker
                                                 data: data);
 
             executionContext.Debug($"Register post job cleanup for stopping/deleting containers.");
-            executionContext.RegisterPostJobStep(nameof(StopContainersAsync), postJobStep);
+            executionContext.RegisterPostJobStep(postJobStep);
 
             // Check whether we are inside a container.
             // Our container feature requires to map working directory from host to the container.

src/Runner.Worker/ExecutionContext.cs

@@ -103,7 +103,7 @@ namespace GitHub.Runner.Worker
 
         // others
         void ForceTaskComplete();
-        void RegisterPostJobStep(string refName, IStep step);
+        void RegisterPostJobStep(IStep step);
     }
 
     public sealed class ExecutionContext : RunnerService, IExecutionContext
@@ -161,6 +161,9 @@ namespace GitHub.Runner.Worker
         // Only job level ExecutionContext has PostJobSteps
         public Stack<IStep> PostJobSteps { get; private set; }
 
+        // Only job level ExecutionContext has StepsWithPostRegistered
+        public HashSet<Guid> StepsWithPostRegistered { get; private set; }
+
         public bool EchoOnActionCommand { get; set; }
 
 
@@ -248,9 +251,15 @@ namespace GitHub.Runner.Worker
             });
         }
 
-        public void RegisterPostJobStep(string refName, IStep step)
+        public void RegisterPostJobStep(IStep step)
         {
-            step.ExecutionContext = Root.CreatePostChild(step.DisplayName, refName, IntraActionState);
+            if (step is IActionRunner actionRunner && !Root.StepsWithPostRegistered.Add(actionRunner.Action.Id))
+            {
+                Trace.Info($"'post' of '{actionRunner.DisplayName}' already push to post step stack.");
+                return;
+            }
+
+            step.ExecutionContext = Root.CreatePostChild(step.DisplayName, IntraActionState);
             Root.PostJobSteps.Push(step);
         }
 
@@ -360,8 +369,8 @@ namespace GitHub.Runner.Worker
 
             if (!string.IsNullOrEmpty(ContextName))
             {
-                StepsContext.SetOutcome(ScopeName, ContextName, (Outcome ?? Result ?? TaskResult.Succeeded).ToActionResult().ToString());
-                StepsContext.SetConclusion(ScopeName, ContextName, (Result ?? TaskResult.Succeeded).ToActionResult().ToString());
+                StepsContext.SetOutcome(ScopeName, ContextName, (Outcome ?? Result ?? TaskResult.Succeeded).ToActionResult());
+                StepsContext.SetConclusion(ScopeName, ContextName, (Result ?? TaskResult.Succeeded).ToActionResult());
             }
 
             return Result.Value;
@@ -647,6 +656,9 @@ namespace GitHub.Runner.Worker
             // PostJobSteps for job ExecutionContext
             PostJobSteps = new Stack<IStep>();
 
+            // StepsWithPostRegistered for job ExecutionContext
+            StepsWithPostRegistered = new HashSet<Guid>();
+
             // Job timeline record.
             InitializeTimelineRecord(
                 timelineId: message.Timeline.Id,
@@ -847,7 +859,7 @@ namespace GitHub.Runner.Worker
             }
         }
 
-        private IExecutionContext CreatePostChild(string displayName, string refName, Dictionary<string, string> intraActionState)
+        private IExecutionContext CreatePostChild(string displayName, Dictionary<string, string> intraActionState)
         {
             if (!_expandedForPostJob)
             {
@@ -856,7 +868,8 @@ namespace GitHub.Runner.Worker
                 _childTimelineRecordOrder = _childTimelineRecordOrder * 2;
             }
 
-            return CreateChild(Guid.NewGuid(), displayName, refName, null, null, intraActionState, _childTimelineRecordOrder - Root.PostJobSteps.Count);
+            var newGuid = Guid.NewGuid();
+            return CreateChild(newGuid, displayName, newGuid.ToString("N"), null, null, intraActionState, _childTimelineRecordOrder - Root.PostJobSteps.Count);
         }
     }
 

src/Runner.Worker/GitHubContext.cs

@@ -10,10 +10,11 @@ namespace GitHub.Runner.Worker
         {
             "action",
             "actor",
-            "api_url", // temp for GHES alpha release
+            "api_url",
             "base_ref",
             "event_name",
             "event_path",
+            "graphql_url",
             "head_ref",
             "job",
             "ref",
@@ -22,7 +23,7 @@ namespace GitHub.Runner.Worker
             "run_id",
             "run_number",
             "sha",
-            "url", // temp for GHES alpha release
+            "url",
             "workflow",
             "workspace",
         };

src/Runner.Worker/Handlers/ContainerActionHandler.cs

@@ -52,7 +52,12 @@ namespace GitHub.Runner.Worker.Handlers
                 ExecutionContext.Output($"Dockerfile for action: '{dockerFile}'.");
 
                 var imageName = $"{dockerManger.DockerInstanceLabel}:{ExecutionContext.Id.ToString("N")}";
-                var buildExitCode = await dockerManger.DockerBuild(ExecutionContext, ExecutionContext.GetGitHubContext("workspace"), Directory.GetParent(dockerFile).FullName, imageName);
+                var buildExitCode = await dockerManger.DockerBuild(
+                    ExecutionContext,
+                    ExecutionContext.GetGitHubContext("workspace"),
+                    dockerFile,
+                    Directory.GetParent(dockerFile).FullName,
+                    imageName);
                 if (buildExitCode != 0)
                 {
                     throw new InvalidOperationException($"Docker build failed with exit code {buildExitCode}");
@@ -82,9 +87,13 @@ namespace GitHub.Runner.Worker.Handlers
                     container.ContainerEntryPoint = Inputs.GetValueOrDefault("entryPoint");
                 }
             }
+            else if (stage == ActionRunStage.Pre)
+            {
+                container.ContainerEntryPoint = Data.Pre;
+            }
             else if (stage == ActionRunStage.Post)
             {
-                container.ContainerEntryPoint = Data.Cleanup;
+                container.ContainerEntryPoint = Data.Post;
             }
 
             // create inputs context for template evaluation

src/Runner.Worker/Handlers/NodeScriptActionHandler.cs

@@ -60,9 +60,13 @@ namespace GitHub.Runner.Worker.Handlers
             {
                 target = Data.Script;
             }
+            else if (stage == ActionRunStage.Pre)
+            {
+                target = Data.Pre;
+            }
             else if (stage == ActionRunStage.Post)
             {
-                target = Data.Cleanup;
+                target = Data.Post;
             }
 
             ArgUtil.NotNullOrEmpty(target, nameof(target));

src/Runner.Worker/Handlers/RunnerPluginHandler.cs

@@ -31,7 +31,7 @@ namespace GitHub.Runner.Worker.Handlers
             }
             else if (stage == ActionRunStage.Post)
             {
-                plugin = Data.Cleanup;
+                plugin = Data.Post;
             }
 
             ArgUtil.NotNullOrEmpty(plugin, nameof(plugin));

src/Runner.Worker/Handlers/ScriptHandler.cs

@@ -259,6 +259,16 @@ namespace GitHub.Runner.Worker.Handlers
 
             // dump out the command
             var fileName = isContainerStepHost ? shellCommand : commandPath;
+#if OS_OSX
+            if (Environment.ContainsKey("DYLD_INSERT_LIBRARIES"))  // We don't check `isContainerStepHost` because we don't support container on macOS
+            {
+                // launch `node macOSRunInvoker.js shell args` instead of `shell args` to avoid macOS SIP remove `DYLD_INSERT_LIBRARIES` when launch process
+                string node12 = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), "node12", "bin", $"node{IOUtil.ExeExtension}");
+                string macOSRunInvoker = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Bin), "macos-run-invoker.js");
+                arguments = $"\"{macOSRunInvoker.Replace("\"", "\\\"")}\" \"{fileName.Replace("\"", "\\\"")}\" {arguments}";
+                fileName = node12;
+            }
+#endif
             ExecutionContext.Debug($"{fileName} {arguments}");
 
             using (var stdoutManager = new OutputManager(ExecutionContext, ActionCommandManager))

src/Runner.Worker/Handlers/StepHost.cs

@@ -110,9 +110,9 @@ namespace GitHub.Runner.Worker.Handlers
 
             // try to resolve path inside container if the request path is part of the mount volume
 #if OS_WINDOWS
-            if (Container.MountVolumes.Exists(x => path.StartsWith(x.SourceVolumePath, StringComparison.OrdinalIgnoreCase)))
+            if (Container.MountVolumes.Exists(x => !string.IsNullOrEmpty(x.SourceVolumePath) && path.StartsWith(x.SourceVolumePath, StringComparison.OrdinalIgnoreCase)))
 #else
-            if (Container.MountVolumes.Exists(x => path.StartsWith(x.SourceVolumePath)))
+            if (Container.MountVolumes.Exists(x => !string.IsNullOrEmpty(x.SourceVolumePath) && path.StartsWith(x.SourceVolumePath)))
 #endif
             {
                 return Container.TranslateToContainerPath(path);
@@ -149,14 +149,14 @@ namespace GitHub.Runner.Worker.Handlers
                             throw new NotSupportedException(msg);
                         }
                         nodeExternal = "node12_alpine";
-                        executionContext.Output($"Container distribution is alpine. Running JavaScript Action with external tool: {nodeExternal}");
+                        executionContext.Debug($"Container distribution is alpine. Running JavaScript Action with external tool: {nodeExternal}");
                         return nodeExternal;
                     }
                 }
             }
             // Optimistically use the default
             nodeExternal = "node12";
-            executionContext.Output($"Running JavaScript Action with default external tool: {nodeExternal}");
+            executionContext.Debug($"Running JavaScript Action with default external tool: {nodeExternal}");
             return nodeExternal;
         }
 

src/Runner.Worker/JobContext.cs

@@ -21,7 +21,7 @@ namespace GitHub.Runner.Worker
             }
             set
             {
-                this["status"] = new StringContextData(value.ToString());
+                this["status"] = new StringContextData(value.ToString().ToLowerInvariant());
             }
         }
 

src/Runner.Worker/JobExtension.cs

@@ -131,7 +131,7 @@ namespace GitHub.Runner.Worker
                     // Temporary hack for GHES alpha
                     var configurationStore = HostContext.GetService<IConfigurationStore>();
                     var runnerSettings = configurationStore.GetSettings();
-                    if (!runnerSettings.IsHostedServer && !string.IsNullOrEmpty(runnerSettings.GitHubUrl))
+                    if (string.IsNullOrEmpty(context.GetGitHubContext("url")) && !runnerSettings.IsHostedServer && !string.IsNullOrEmpty(runnerSettings.GitHubUrl))
                     {
                         var url = new Uri(runnerSettings.GitHubUrl);
                         var portInfo = url.IsDefaultPort ? string.Empty : $":{url.Port.ToString(CultureInfo.InvariantCulture)}";
@@ -197,8 +197,8 @@ namespace GitHub.Runner.Worker
                     // Download actions not already in the cache
                     Trace.Info("Downloading actions");
                     var actionManager = HostContext.GetService<IActionManager>();
-                    var prepareSteps = await actionManager.PrepareActionsAsync(context, message.Steps);
-                    preJobSteps.AddRange(prepareSteps);
+                    var prepareResult = await actionManager.PrepareActionsAsync(context, message.Steps);
+                    preJobSteps.AddRange(prepareResult.ContainerSetupSteps);
 
                     // Add start-container steps, record and stop-container steps
                     if (jobContext.Container != null || jobContext.ServiceContainers.Count > 0)
@@ -239,8 +239,22 @@ namespace GitHub.Runner.Worker
 
                             actionRunner.TryEvaluateDisplayName(contextData, context);
                             jobSteps.Add(actionRunner);
+
+                            if (prepareResult.PreStepTracker.TryGetValue(step.Id, out var preStep))
+                            {
+                                Trace.Info($"Adding pre-{action.DisplayName}.");
+                                preStep.TryEvaluateDisplayName(contextData, context);
+                                preStep.DisplayName = $"Pre {preStep.DisplayName}";
+                                preJobSteps.Add(preStep);
                             }
                         }
+                    }
+
+                    var intraActionStates = new Dictionary<Guid, Dictionary<string, string>>();
+                    foreach (var preStep in prepareResult.PreStepTracker)
+                    {
+                        intraActionStates[preStep.Key] = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
+                    }
 
                     // Create execution context for pre-job steps
                     foreach (var step in preJobSteps)
@@ -252,6 +266,12 @@ namespace GitHub.Runner.Worker
                             Guid stepId = Guid.NewGuid();
                             extensionStep.ExecutionContext = jobContext.CreateChild(stepId, extensionStep.DisplayName, null, null, stepId.ToString("N"));
                         }
+                        else if (step is IActionRunner actionStep)
+                        {
+                            ArgUtil.NotNull(actionStep, step.DisplayName);
+                            Guid stepId = Guid.NewGuid();
+                            actionStep.ExecutionContext = jobContext.CreateChild(stepId, actionStep.DisplayName, stepId.ToString("N"), null, null, intraActionStates[actionStep.Action.Id]);
+                        }
                     }
 
                     // Create execution context for job steps
@@ -260,7 +280,8 @@ namespace GitHub.Runner.Worker
                         if (step is IActionRunner actionStep)
                         {
                             ArgUtil.NotNull(actionStep, step.DisplayName);
-                            actionStep.ExecutionContext = jobContext.CreateChild(actionStep.Action.Id, actionStep.DisplayName, actionStep.Action.Name, actionStep.Action.ScopeName, actionStep.Action.ContextName);
+                            intraActionStates.TryGetValue(actionStep.Action.Id, out var intraActionState);
+                            actionStep.ExecutionContext = jobContext.CreateChild(actionStep.Action.Id, actionStep.DisplayName, actionStep.Action.Name, actionStep.Action.ScopeName, actionStep.Action.ContextName, intraActionState);
                         }
                     }
 

src/Runner.Worker/StepsContext.cs

@@ -59,19 +59,19 @@ namespace GitHub.Runner.Worker
         public void SetConclusion(
             string scopeName,
             string stepName,
-            string conclusion)
+            ActionResult conclusion)
         {
             var step = GetStep(scopeName, stepName);
-            step["conclusion"] = new StringContextData(conclusion);
+            step["conclusion"] = new StringContextData(conclusion.ToString().ToLowerInvariant());
         }
 
         public void SetOutcome(
             string scopeName,
             string stepName,
-            string outcome)
+            ActionResult outcome)
         {
             var step = GetStep(scopeName, stepName);
-            step["outcome"] = new StringContextData(outcome);
+            step["outcome"] = new StringContextData(outcome.ToString().ToLowerInvariant());
         }
 
         private DictionaryContextData GetStep(string scopeName, string stepName)

src/Runner.Worker/Worker.cs

@@ -40,7 +40,7 @@ namespace GitHub.Runner.Worker
                 // Validate args.
                 ArgUtil.NotNullOrEmpty(pipeIn, nameof(pipeIn));
                 ArgUtil.NotNullOrEmpty(pipeOut, nameof(pipeOut));
-                VssUtil.InitializeVssClientSettings(HostContext.UserAgent, HostContext.WebProxy);
+                VssUtil.InitializeVssClientSettings(HostContext.UserAgents, HostContext.WebProxy);
                 var jobRunner = HostContext.CreateService<IJobRunner>();
 
                 using (var channel = HostContext.CreateService<IProcessChannel>())

src/Runner.Worker/action_yaml.json

@@ -43,6 +43,8 @@
                     "entrypoint": "non-empty-string",
                     "args": "container-runs-args",
                     "env": "container-runs-env",
+                    "pre-entrypoint": "non-empty-string",
+                    "pre-if": "non-empty-string",
                     "post-entrypoint": "non-empty-string",
                     "post-if": "non-empty-string"
                 }
@@ -67,6 +69,8 @@
                 "properties": {
                     "using": "non-empty-string",
                     "main": "non-empty-string",
+                    "pre": "non-empty-string",
+                    "pre-if": "non-empty-string",
                     "post": "non-empty-string",
                     "post-if": "non-empty-string"
                 }

src/Sdk/DTGenerated/Generated/TaskAgentHttpClientBase.cs

@@ -82,7 +82,7 @@ namespace GitHub.DistributedTask.WebApi
                 httpMethod,
                 locationId,
                 routeValues: routeValues,
-                version: new ApiResourceVersion(5.1, 1),
+                version: new ApiResourceVersion(6.0, 2),
                 userState: userState,
                 cancellationToken: cancellationToken,
                 content: content);
@@ -109,7 +109,7 @@ namespace GitHub.DistributedTask.WebApi
                 httpMethod,
                 locationId,
                 routeValues: routeValues,
-                version: new ApiResourceVersion(5.1, 1),
+                version: new ApiResourceVersion(6.0, 2),
                 userState: userState,
                 cancellationToken: cancellationToken).ConfigureAwait(false))
             {
@@ -164,7 +164,7 @@ namespace GitHub.DistributedTask.WebApi
                 httpMethod,
                 locationId,
                 routeValues: routeValues,
-                version: new ApiResourceVersion(5.1, 1),
+                version: new ApiResourceVersion(6.0, 2),
                 queryParameters: queryParams,
                 userState: userState,
                 cancellationToken: cancellationToken);
@@ -227,7 +227,7 @@ namespace GitHub.DistributedTask.WebApi
                 httpMethod,
                 locationId,
                 routeValues: routeValues,
-                version: new ApiResourceVersion(5.1, 1),
+                version: new ApiResourceVersion(6.0, 2),
                 queryParameters: queryParams,
                 userState: userState,
                 cancellationToken: cancellationToken);
@@ -257,7 +257,7 @@ namespace GitHub.DistributedTask.WebApi
                 httpMethod,
                 locationId,
                 routeValues: routeValues,
-                version: new ApiResourceVersion(5.1, 1),
+                version: new ApiResourceVersion(6.0, 2),
                 userState: userState,
                 cancellationToken: cancellationToken,
                 content: content);
@@ -287,7 +287,7 @@ namespace GitHub.DistributedTask.WebApi
                 httpMethod,
                 locationId,
                 routeValues: routeValues,
-                version: new ApiResourceVersion(5.1, 1),
+                version: new ApiResourceVersion(6.0, 2),
                 userState: userState,
                 cancellationToken: cancellationToken,
                 content: content);

src/Sdk/DTLogging/Logging/ValueEncoders.cs

@@ -60,6 +60,20 @@ namespace GitHub.DistributedTask.Logging
             return SecurityElement.Escape(value);
         }
 
+        public static String TrimDoubleQuotes(String value)
+        {
+            var trimmed = string.Empty;
+            if (!string.IsNullOrEmpty(value) &&
+                value.Length > 8 &&
+                value.StartsWith('"') &&
+                value.EndsWith('"'))
+            {
+                trimmed = value.Substring(1, value.Length - 2);
+            }
+
+            return trimmed;
+        }
+
         private static string Base64StringEscapeShift(String value, int shift)
         {
             var bytes = Encoding.UTF8.GetBytes(value);

src/Sdk/DTWebApi/WebApi/AgentLabel.cs

@@ -0,0 +1,59 @@
+using System.Runtime.Serialization;
+using Newtonsoft.Json;
+
+namespace GitHub.DistributedTask.WebApi
+{
+    [DataContract]
+    public class AgentLabel
+    {
+        [JsonConstructor]
+        public AgentLabel()
+        {
+        }
+
+        public AgentLabel(string name)
+        {
+            this.Name = name;
+            this.Type = LabelType.System;
+        }
+
+        public AgentLabel(string name, LabelType type)
+        {
+            this.Name = name;
+            this.Type = type;
+        }
+
+        private AgentLabel(AgentLabel labelToBeCloned)
+        {
+            this.Id = labelToBeCloned.Id;
+            this.Name = labelToBeCloned.Name;
+            this.Type = labelToBeCloned.Type;
+        }
+
+        [DataMember]
+        public int Id
+        {
+            get;
+            set;
+        }
+
+        [DataMember]
+        public string Name
+        {
+            get;
+            set;
+        }
+
+        [DataMember]
+        public LabelType Type
+        {
+            get;
+            set;
+        }
+
+        public AgentLabel Clone()
+        {
+            return new AgentLabel(this);
+        }
+    }
+}

src/Sdk/DTWebApi/WebApi/LabelType.cs

@@ -0,0 +1,14 @@
+using System.Runtime.Serialization;
+
+namespace GitHub.DistributedTask.WebApi
+{
+    [DataContract]
+    public enum LabelType
+    {
+        [EnumMember]
+        System = 0,
+
+        [EnumMember]
+        User = 1
+    }
+}

src/Sdk/DTWebApi/WebApi/TaskAgent.cs

@@ -51,7 +51,7 @@ namespace GitHub.DistributedTask.WebApi
 
             if (agentToBeCloned.m_labels != null && agentToBeCloned.m_labels.Count > 0)
             {
-                m_labels = new HashSet<string>(agentToBeCloned.m_labels, StringComparer.OrdinalIgnoreCase);
+                m_labels = new HashSet<AgentLabel>(agentToBeCloned.m_labels);
             }
         }
 
@@ -118,13 +118,13 @@ namespace GitHub.DistributedTask.WebApi
         /// <summary>
         /// The labels of the runner
         /// </summary>
-        public ISet<string> Labels
+        public ISet<AgentLabel> Labels
         {
             get
             {
                 if (m_labels == null)
                 {
-                    m_labels = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
+                    m_labels = new HashSet<AgentLabel>();
                 }
                 return m_labels;
             }
@@ -164,6 +164,6 @@ namespace GitHub.DistributedTask.WebApi
         private PropertiesCollection m_properties;
 
         [DataMember(IsRequired = false, EmitDefaultValue = false, Name = "Labels")]
-        private HashSet<string> m_labels;
+        private HashSet<AgentLabel> m_labels;
     }
 }

src/Sdk/DTWebApi/WebApi/TaskAgentHttpClient.cs

@@ -95,6 +95,7 @@ namespace GitHub.DistributedTask.WebApi
             Int64 requestId,
             Guid lockToken,
             DateTime? expiresOn = null,
+            string orchestrationId = null,
             Object userState = null,
             CancellationToken cancellationToken = default(CancellationToken))
         {
@@ -104,7 +105,30 @@ namespace GitHub.DistributedTask.WebApi
                 LockedUntil = expiresOn,
             };
 
-            return UpdateAgentRequestAsync(poolId, requestId, lockToken, request, userState, cancellationToken);
+            var additionalHeaders = new Dictionary<string, string>();
+            if (!string.IsNullOrEmpty(orchestrationId))
+            {
+                additionalHeaders["X-VSS-OrchestrationId"] = orchestrationId;
+            }
+
+            HttpMethod httpMethod = new HttpMethod("PATCH");
+            Guid locationId = new Guid("fc825784-c92a-4299-9221-998a02d1b54f");
+            object routeValues = new { poolId = poolId, requestId = requestId };
+            HttpContent content = new ObjectContent<TaskAgentJobRequest>(request, new VssJsonMediaTypeFormatter(true));
+
+            List<KeyValuePair<string, string>> queryParams = new List<KeyValuePair<string, string>>();
+            queryParams.Add("lockToken", lockToken.ToString());
+
+            return SendAsync<TaskAgentJobRequest>(
+                httpMethod,
+                additionalHeaders,
+                locationId,
+                routeValues: routeValues,
+                version: new ApiResourceVersion(5.1, 1),
+                queryParameters: queryParams,
+                userState: userState,
+                cancellationToken: cancellationToken,
+                content: content);
         }
 
         public Task<TaskAgent> ReplaceAgentAsync(

src/Sdk/WebApi/WebApi/Jwt/JsonWebTokenUtilities.cs

@@ -96,7 +96,7 @@ namespace GitHub.Services.WebApi.Jwt
             return ret;
         }
 
-        internal static IEnumerable<Claim> ExtractClaims(this JsonWebToken token)
+        public static IEnumerable<Claim> ExtractClaims(this JsonWebToken token)
         {
             ArgumentUtility.CheckForNull(token, nameof(token));
 

src/Sdk/WebApi/WebApi/OAuth/VssOAuthTokenProvider.cs

@@ -119,6 +119,15 @@ namespace GitHub.Services.OAuth
             }
         }
 
+        public async Task<string> ValidateCredentialAsync(CancellationToken cancellationToken)
+        {
+            var tokenHttpClient = new VssOAuthTokenHttpClient(this.SignInUrl);
+            var tokenResponse = await tokenHttpClient.GetTokenAsync(this.Grant, this.ClientCredential, this.TokenParameters, cancellationToken);
+
+            // return the underlying authentication error
+            return tokenResponse.Error;
+        }
+
         /// <summary>
         /// Issues a token request to the configured secure token service. On success, the access token issued by the 
         /// token service is returned to the caller

src/Test/L0/HostContextL0.cs

@@ -85,6 +85,8 @@ namespace GitHub.Runner.Common.Tests
                 _hc.SecretMasker.AddValue("Pass word 123!");
                 _hc.SecretMasker.AddValue("Pass<word>123!");
                 _hc.SecretMasker.AddValue("Pass'word'123!");
+                _hc.SecretMasker.AddValue("\"Password123!!\"");
+                _hc.SecretMasker.AddValue("\"short\"");
 
                 // Assert.
                 Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Password123!123"));
@@ -99,6 +101,9 @@ namespace GitHub.Runner.Common.Tests
                 Assert.Equal("YWJjOlBh***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abc:Password123!"))));
                 Assert.Equal("YWJjZDpQ***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcd:Password123!"))));
                 Assert.Equal("YWJjZGU6***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcde:Password123!"))));
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Password123!!123"));
+                Assert.Equal("123short123", _hc.SecretMasker.MaskSecrets("123short123"));
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123\"short\"123"));
             }
             finally
             {

src/Test/L0/Listener/CommandSettingsL0.cs

@@ -317,7 +317,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         Environment.MachineName, // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        true)) // unattended
+                        true, // unattended
+                        false)) // isOptional
                     .Returns("some runner");
 
                 // Act.
@@ -344,7 +345,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         Environment.MachineName, // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some runner");
 
                 // Act.
@@ -371,7 +373,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         "some default auth", // defaultValue
                         Validators.AuthSchemeValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some auth");
 
                 // Act.
@@ -398,7 +401,8 @@ namespace GitHub.Runner.Common.Tests
                         true, // secret
                         string.Empty, // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some token");
 
                 // Act.
@@ -475,7 +479,8 @@ namespace GitHub.Runner.Common.Tests
                         true, // secret
                         string.Empty, // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some token");
 
                 // Act.
@@ -502,7 +507,8 @@ namespace GitHub.Runner.Common.Tests
                         true, // secret
                         string.Empty, // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some token");
 
                 // Act.
@@ -529,7 +535,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         string.Empty, // defaultValue
                         Validators.ServerUrlValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some url");
 
                 // Act.
@@ -556,7 +563,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         "some default account", // defaultValue
                         Validators.NTAccountValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some windows logon account");
 
                 // Act.
@@ -584,7 +592,8 @@ namespace GitHub.Runner.Common.Tests
                         true, // secret
                         string.Empty, // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some windows logon password");
 
                 // Act.
@@ -611,7 +620,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         "_work", // defaultValue
                         Validators.NonEmptyValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some work");
 
                 // Act.
@@ -640,7 +650,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         string.Empty, // defaultValue
                         Validators.ServerUrlValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some url");
 
                 // Act.
@@ -669,7 +680,8 @@ namespace GitHub.Runner.Common.Tests
                         false, // secret
                         string.Empty, // defaultValue
                         Validators.ServerUrlValidator, // validator
-                        false)) // unattended
+                        false, // unattended
+                        false)) // isOptional
                     .Returns("some url");
 
                 // Act.

src/Test/L0/Listener/Configuration/ConfigurationManagerL0.cs

@@ -145,6 +145,8 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
                 IConfigurationManager configManager = new ConfigurationManager();
                 configManager.Initialize(tc);
 
+                var userLabels = "userlabel1,userlabel2";
+
                 trace.Info("Preparing command line arguments");
                 var command = new CommandSettings(
                     tc,
@@ -156,7 +158,8 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
                        "--pool", _expectedPoolName,
                        "--work", _expectedWorkFolder,
                        "--auth", _expectedAuthType,
-                       "--token", _expectedToken
+                       "--token", _expectedToken,
+                       "--labels", userLabels
                     });
                 trace.Info("Constructed.");
                 _store.Setup(x => x.IsConfigured()).Returns(false);
@@ -178,7 +181,10 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
                 // validate GetAgentPoolsAsync gets called twice with automation pool type
                 _runnerServer.Verify(x => x.GetAgentPoolsAsync(It.IsAny<string>(), It.Is<TaskAgentPoolType>(p => p == TaskAgentPoolType.Automation)), Times.Exactly(2));
 
-                _runnerServer.Verify(x => x.AddAgentAsync(It.IsAny<int>(), It.Is<TaskAgent>(a => a.Labels.Contains("self-hosted") && a.Labels.Contains(VarUtil.OS) && a.Labels.Contains(VarUtil.OSArchitecture))), Times.Once);
+                var expectedLabels = new List<string>() { "self-hosted", VarUtil.OS, VarUtil.OSArchitecture};
+                expectedLabels.AddRange(userLabels.Split(",").ToList());
+
+                _runnerServer.Verify(x => x.AddAgentAsync(It.IsAny<int>(), It.Is<TaskAgent>(a => a.Labels.Select(x => x.Name).ToHashSet().SetEquals(expectedLabels))), Times.Once);
             }
         }
     }

src/Test/L0/Listener/JobDispatcherL0.cs

@@ -73,7 +73,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 Assert.NotNull(sessionIdProperty);
                 sessionIdProperty.SetValue(request, DateTime.UtcNow.AddMinutes(5));
 
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>())).Returns(Task.FromResult<TaskAgentJobRequest>(request));
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>())).Returns(Task.FromResult<TaskAgentJobRequest>(request));
 
                 _runnerServer.Setup(x => x.FinishAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<DateTime>(), It.IsAny<TaskResult>(), It.IsAny<CancellationToken>())).Returns(Task.FromResult<TaskAgentJobRequest>(new TaskAgentJobRequest()));
 
@@ -112,7 +112,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 hc.SetSingleton<IRunnerServer>(_runnerServer.Object);
                 hc.SetSingleton<IConfigurationStore>(_configurationStore.Object);
                 _configurationStore.Setup(x => x.GetSettings()).Returns(new RunnerSettings() { PoolId = 1 });
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()))
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
                             .Returns(() =>
                             {
                                 count++;
@@ -139,10 +139,10 @@ namespace GitHub.Runner.Common.Tests.Listener
                 var jobDispatcher = new JobDispatcher();
                 jobDispatcher.Initialize(hc);
 
-                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, firstJobRequestRenewed, cancellationTokenSource.Token);
+                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, Guid.NewGuid().ToString(), firstJobRequestRenewed, cancellationTokenSource.Token);
 
                 Assert.True(firstJobRequestRenewed.Task.IsCompletedSuccessfully);
-                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
+                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
             }
         }
 
@@ -170,7 +170,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 hc.SetSingleton<IRunnerServer>(_runnerServer.Object);
                 hc.SetSingleton<IConfigurationStore>(_configurationStore.Object);
                 _configurationStore.Setup(x => x.GetSettings()).Returns(new RunnerSettings() { PoolId = 1 });
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()))
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
                             .Returns(() =>
                             {
                                 count++;
@@ -197,11 +197,11 @@ namespace GitHub.Runner.Common.Tests.Listener
                 var jobDispatcher = new JobDispatcher();
                 jobDispatcher.Initialize(hc);
 
-                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, firstJobRequestRenewed, cancellationTokenSource.Token);
+                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, Guid.NewGuid().ToString(), firstJobRequestRenewed, cancellationTokenSource.Token);
 
                 Assert.True(firstJobRequestRenewed.Task.IsCompletedSuccessfully, "First renew should succeed.");
                 Assert.False(cancellationTokenSource.IsCancellationRequested);
-                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
+                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
             }
         }
 
@@ -229,7 +229,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 hc.SetSingleton<IRunnerServer>(_runnerServer.Object);
                 hc.SetSingleton<IConfigurationStore>(_configurationStore.Object);
                 _configurationStore.Setup(x => x.GetSettings()).Returns(new RunnerSettings() { PoolId = 1 });
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()))
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
                             .Returns(() =>
                             {
                                 count++;
@@ -256,11 +256,11 @@ namespace GitHub.Runner.Common.Tests.Listener
                 var jobDispatcher = new JobDispatcher();
                 jobDispatcher.Initialize(hc);
 
-                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, firstJobRequestRenewed, cancellationTokenSource.Token);
+                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, Guid.NewGuid().ToString(), firstJobRequestRenewed, cancellationTokenSource.Token);
 
                 Assert.True(firstJobRequestRenewed.Task.IsCompletedSuccessfully, "First renew should succeed.");
                 Assert.False(cancellationTokenSource.IsCancellationRequested);
-                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
+                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
             }
         }
 
@@ -288,7 +288,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 hc.SetSingleton<IRunnerServer>(_runnerServer.Object);
                 hc.SetSingleton<IConfigurationStore>(_configurationStore.Object);
                 _configurationStore.Setup(x => x.GetSettings()).Returns(new RunnerSettings() { PoolId = 1 });
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()))
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
                             .Returns(() =>
                             {
                                 count++;
@@ -315,11 +315,11 @@ namespace GitHub.Runner.Common.Tests.Listener
                 var jobDispatcher = new JobDispatcher();
                 jobDispatcher.Initialize(hc);
 
-                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, firstJobRequestRenewed, cancellationTokenSource.Token);
+                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, Guid.NewGuid().ToString(), firstJobRequestRenewed, cancellationTokenSource.Token);
 
                 Assert.True(firstJobRequestRenewed.Task.IsCompletedSuccessfully, "First renew should succeed.");
                 Assert.True(cancellationTokenSource.IsCancellationRequested);
-                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()), Times.Exactly(8));
+                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Exactly(8));
                 _runnerServer.Verify(x => x.RefreshConnectionAsync(RunnerConnectionType.JobRequest, It.IsAny<TimeSpan>()), Times.Exactly(3));
                 _runnerServer.Verify(x => x.SetConnectionTimeout(RunnerConnectionType.JobRequest, It.IsAny<TimeSpan>()), Times.Once);
             }
@@ -349,7 +349,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 hc.SetSingleton<IRunnerServer>(_runnerServer.Object);
                 hc.SetSingleton<IConfigurationStore>(_configurationStore.Object);
                 _configurationStore.Setup(x => x.GetSettings()).Returns(new RunnerSettings() { PoolId = 1 });
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()))
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
                             .Returns(() =>
                             {
                                 count++;
@@ -372,11 +372,11 @@ namespace GitHub.Runner.Common.Tests.Listener
                 var jobDispatcher = new JobDispatcher();
                 jobDispatcher.Initialize(hc);
 
-                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, firstJobRequestRenewed, cancellationTokenSource.Token);
+                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, Guid.NewGuid().ToString(), firstJobRequestRenewed, cancellationTokenSource.Token);
 
                 Assert.False(firstJobRequestRenewed.Task.IsCompletedSuccessfully, "First renew should failed.");
                 Assert.False(cancellationTokenSource.IsCancellationRequested);
-                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()), Times.Exactly(6));
+                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Exactly(6));
             }
         }
 
@@ -404,7 +404,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 hc.SetSingleton<IRunnerServer>(_runnerServer.Object);
                 hc.SetSingleton<IConfigurationStore>(_configurationStore.Object);
                 _configurationStore.Setup(x => x.GetSettings()).Returns(new RunnerSettings() { PoolId = 1 });
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()))
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()))
                             .Returns(() =>
                             {
                                 count++;
@@ -436,11 +436,11 @@ namespace GitHub.Runner.Common.Tests.Listener
                 var jobDispatcher = new JobDispatcher();
                 jobDispatcher.Initialize(hc);
 
-                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, firstJobRequestRenewed, cancellationTokenSource.Token);
+                await jobDispatcher.RenewJobRequestAsync(poolId, requestId, Guid.Empty, Guid.NewGuid().ToString(), firstJobRequestRenewed, cancellationTokenSource.Token);
 
                 Assert.True(firstJobRequestRenewed.Task.IsCompletedSuccessfully, "First renew should succeed.");
                 Assert.False(cancellationTokenSource.IsCancellationRequested);
-                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
+                _runnerServer.Verify(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Exactly(5));
                 _runnerServer.Verify(x => x.RefreshConnectionAsync(RunnerConnectionType.JobRequest, It.IsAny<TimeSpan>()), Times.Exactly(3));
                 _runnerServer.Verify(x => x.SetConnectionTimeout(RunnerConnectionType.JobRequest, It.IsAny<TimeSpan>()), Times.Never);
             }
@@ -481,7 +481,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                 Assert.NotNull(sessionIdProperty);
                 sessionIdProperty.SetValue(request, DateTime.UtcNow.AddMinutes(5));
 
-                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<CancellationToken>())).Returns(Task.FromResult<TaskAgentJobRequest>(request));
+                _runnerServer.Setup(x => x.RenewAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<string>(), It.IsAny<CancellationToken>())).Returns(Task.FromResult<TaskAgentJobRequest>(request));
 
                 _runnerServer.Setup(x => x.FinishAgentRequestAsync(It.IsAny<int>(), It.IsAny<long>(), It.IsAny<Guid>(), It.IsAny<DateTime>(), It.IsAny<TaskResult>(), It.IsAny<CancellationToken>())).Returns(Task.FromResult<TaskAgentJobRequest>(new TaskAgentJobRequest()));
 

src/Test/L0/Listener/MessageListenerL0.cs

@@ -660,7 +660,7 @@ namespace GitHub.Runner.Common.Tests.Listener
                         _settings.AgentId))
                     .Returns(async () =>
                     {
-                        await Task.Delay(10);
+                        await Task.Delay(100);
                         return "https://t.server";
                     });
 

src/Test/L0/RunnerWebProxyL0.cs

@@ -16,7 +16,9 @@ namespace GitHub.Runner.Common.Tests
         private static readonly List<string> SkippedFiles = new List<string>()
         {
             "Runner.Common\\HostContext.cs",
-            "Runner.Common/HostContext.cs"
+            "Runner.Common/HostContext.cs",
+            "Runner.Common\\HttpClientHandlerFactory.cs",
+            "Runner.Common/HttpClientHandlerFactory.cs"
         };
 
         [Fact]

src/Test/L0/TestHostContext.cs

@@ -86,7 +86,7 @@ namespace GitHub.Runner.Common.Tests
             }
         }
 
-        public ProductInfoHeaderValue UserAgent => new ProductInfoHeaderValue("L0Test", "0.0");
+        public List<ProductInfoHeaderValue> UserAgents => new List<ProductInfoHeaderValue>() { new ProductInfoHeaderValue("L0Test", "0.0") };
 
         public RunnerWebProxy WebProxy => new RunnerWebProxy();
 

src/Test/L0/Worker/ActionManagerL0.cs

@@ -1,19 +1,21 @@
-using GitHub.DistributedTask.Expressions2;
-using GitHub.DistributedTask.ObjectTemplating.Tokens;
-using GitHub.DistributedTask.Pipelines.ContextData;
-using GitHub.DistributedTask.WebApi;
-using GitHub.Runner.Common.Util;
-using GitHub.Runner.Worker;
-using GitHub.Runner.Worker.Container;
-using Moq;
-using System;
+using System;
 using System.Collections.Generic;
 using System.IO;
 using System.IO.Compression;
-using System.Reflection;
+using System.Net;
+using System.Net.Http;
 using System.Runtime.CompilerServices;
 using System.Threading;
 using System.Threading.Tasks;
+using GitHub.DistributedTask.Expressions2;
+using GitHub.DistributedTask.ObjectTemplating.Tokens;
+using GitHub.DistributedTask.Pipelines.ContextData;
+using GitHub.DistributedTask.WebApi;
+using GitHub.Runner.Sdk;
+using GitHub.Runner.Worker;
+using GitHub.Runner.Worker.Container;
+using Moq;
+using Moq.Protected;
 using Xunit;
 using Pipelines = GitHub.DistributedTask.Pipelines;
 
@@ -56,7 +58,7 @@ namespace GitHub.Runner.Common.Tests.Worker
                 };
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 //Assert
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
@@ -114,47 +116,174 @@ namespace GitHub.Runner.Common.Tests.Worker
         [Fact]
         [Trait("Level", "L0")]
         [Trait("Category", "Worker")]
-        public async void PrepareActions_SkipDownloadActionFromGraphWhenCached_OnPremises()
+        public async void PrepareActions_DownloadBuiltInActionFromGraph_OnPremises()
         {
             try
             {
                 // Arrange
                 Setup();
-                var actionId = Guid.NewGuid();
+                const string ActionName = "actions/sample-action";
                 var actions = new List<Pipelines.ActionStep>
                 {
                     new Pipelines.ActionStep()
                     {
                         Name = "action",
-                        Id = actionId,
+                        Id = Guid.NewGuid(),
                         Reference = new Pipelines.RepositoryPathReference()
                         {
-                            Name = "actions/no-such-action",
+                            Name = ActionName,
                             Ref = "master",
                             RepositoryType = "GitHub"
                         }
                     }
                 };
-                _configurationStore.Object.GetSettings().IsHostedServer = false;
-                var actionDirectory = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "actions/no-such-action", "master");
-                Directory.CreateDirectory(actionDirectory);
-                var watermarkFile = $"{actionDirectory}.completed";
-                File.WriteAllText(watermarkFile, DateTime.UtcNow.ToString());
-                var actionFile = Path.Combine(actionDirectory, "action.yml");
-                File.WriteAllText(actionFile, @"
-name: ""no-such-action""
-runs:
-  using: node12
-  main: no-such-action.js
-");
-                var testFile = Path.Combine(actionDirectory, "test-file");
-                File.WriteAllText(testFile, "asdf");
 
-                // Act
+                // Return a valid action from GHES via mock
+                const string ApiUrl = "https://ghes.example.com/api/v3";
+                string expectedArchiveLink = GetLinkToActionArchive(ApiUrl, ActionName, "master");
+                string archiveFile = await CreateRepoArchive();
+                using var stream = File.OpenRead(archiveFile);
+                var mockClientHandler = new Mock<HttpClientHandler>();
+                mockClientHandler.Protected().Setup<Task<HttpResponseMessage>>("SendAsync", ItExpr.Is<HttpRequestMessage>(m => m.RequestUri == new Uri(expectedArchiveLink)), ItExpr.IsAny<CancellationToken>())
+                    .ReturnsAsync(new HttpResponseMessage(HttpStatusCode.OK) { Content = new StreamContent(stream) });
+
+                var mockHandlerFactory = new Mock<IHttpClientHandlerFactory>();
+                mockHandlerFactory.Setup(p => p.CreateClientHandler(It.IsAny<RunnerWebProxy>())).Returns(mockClientHandler.Object);
+                _hc.SetSingleton(mockHandlerFactory.Object);
+
+                _ec.Setup(x => x.GetGitHubContext("api_url")).Returns(ApiUrl);
+                _configurationStore.Object.GetSettings().IsHostedServer = false;
+
+                //Act
                 await _actionManager.PrepareActionsAsync(_ec.Object, actions);
 
-                // Assert
-                Assert.True(File.Exists(testFile));
+                //Assert
+                var watermarkFile = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), ActionName, "master.completed");
+                Assert.True(File.Exists(watermarkFile));
+
+                var actionYamlFile = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), ActionName, "master", "action.yml");
+                Assert.True(File.Exists(actionYamlFile));
+                _hc.GetTrace().Info(File.ReadAllText(actionYamlFile));
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public async void PrepareActions_DownloadActionFromDotCom_OnPremises()
+        {
+            try
+            {
+                // Arrange
+                Setup();
+                const string ActionName = "ownerName/sample-action";
+                var actions = new List<Pipelines.ActionStep>
+                {
+                    new Pipelines.ActionStep()
+                    {
+                        Name = "action",
+                        Id = Guid.NewGuid(),
+                        Reference = new Pipelines.RepositoryPathReference()
+                        {
+                            Name = ActionName,
+                            Ref = "master",
+                            RepositoryType = "GitHub"
+                        }
+                    }
+                };
+
+                // Return a valid action from GHES via mock
+                const string ApiUrl = "https://ghes.example.com/api/v3";
+                string builtInArchiveLink = GetLinkToActionArchive(ApiUrl, ActionName, "master");
+                string dotcomArchiveLink = GetLinkToActionArchive("https://api.github.com", ActionName, "master");
+                string archiveFile = await CreateRepoArchive();
+                using var stream = File.OpenRead(archiveFile);
+                var mockClientHandler = new Mock<HttpClientHandler>();
+                mockClientHandler.Protected().Setup<Task<HttpResponseMessage>>("SendAsync", ItExpr.Is<HttpRequestMessage>(m => m.RequestUri == new Uri(builtInArchiveLink)), ItExpr.IsAny<CancellationToken>())
+                    .ReturnsAsync(new HttpResponseMessage(HttpStatusCode.NotFound));
+                mockClientHandler.Protected().Setup<Task<HttpResponseMessage>>("SendAsync", ItExpr.Is<HttpRequestMessage>(m => m.RequestUri == new Uri(dotcomArchiveLink)), ItExpr.IsAny<CancellationToken>())
+                    .ReturnsAsync(new HttpResponseMessage(HttpStatusCode.OK) { Content = new StreamContent(stream) });
+
+                var mockHandlerFactory = new Mock<IHttpClientHandlerFactory>();
+                mockHandlerFactory.Setup(p => p.CreateClientHandler(It.IsAny<RunnerWebProxy>())).Returns(mockClientHandler.Object);
+                _hc.SetSingleton(mockHandlerFactory.Object);
+
+                _ec.Setup(x => x.GetGitHubContext("api_url")).Returns(ApiUrl);
+                _configurationStore.Object.GetSettings().IsHostedServer = false;
+
+                //Act
+                await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+
+                //Assert
+                var watermarkFile = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), ActionName, "master.completed");
+                Assert.True(File.Exists(watermarkFile));
+
+                var actionYamlFile = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), ActionName, "master", "action.yml");
+                Assert.True(File.Exists(actionYamlFile));
+                _hc.GetTrace().Info(File.ReadAllText(actionYamlFile));
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public async void PrepareActions_DownloadUnknownActionFromGraph_OnPremises()
+        {
+            try
+            {
+                // Arrange
+                Setup();
+                const string ActionName = "ownerName/sample-action";
+                var actions = new List<Pipelines.ActionStep>
+                {
+                    new Pipelines.ActionStep()
+                    {
+                        Name = "action",
+                        Id = Guid.NewGuid(),
+                        Reference = new Pipelines.RepositoryPathReference()
+                        {
+                            Name = ActionName,
+                            Ref = "master",
+                            RepositoryType = "GitHub"
+                        }
+                    }
+                };
+
+                // Return a valid action from GHES via mock
+                const string ApiUrl = "https://ghes.example.com/api/v3";
+                string archiveLink = GetLinkToActionArchive(ApiUrl, ActionName, "master");
+                string archiveFile = await CreateRepoArchive();
+                using var stream = File.OpenRead(archiveFile);
+                var mockClientHandler = new Mock<HttpClientHandler>();
+                mockClientHandler.Protected().Setup<Task<HttpResponseMessage>>("SendAsync", ItExpr.IsAny<HttpRequestMessage>(), ItExpr.IsAny<CancellationToken>())
+                    .ReturnsAsync(new HttpResponseMessage(HttpStatusCode.NotFound));
+
+                var mockHandlerFactory = new Mock<IHttpClientHandlerFactory>();
+                mockHandlerFactory.Setup(p => p.CreateClientHandler(It.IsAny<RunnerWebProxy>())).Returns(mockClientHandler.Object);
+                _hc.SetSingleton(mockHandlerFactory.Object);
+
+                _ec.Setup(x => x.GetGitHubContext("api_url")).Returns(ApiUrl);
+                _configurationStore.Object.GetSettings().IsHostedServer = false;
+
+                //Act
+                Func<Task> action = async () => await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+
+                //Assert
+                await Assert.ThrowsAsync<ActionNotFoundException>(action);
+
+                var watermarkFile = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), ActionName, "master.completed");
+                Assert.False(File.Exists(watermarkFile));
+
+                var actionYamlFile = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), ActionName, "master", "action.yml");
+                Assert.False(File.Exists(actionYamlFile));
             }
             finally
             {
@@ -217,7 +346,7 @@ runs:
                 };
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.True(steps.Count == 0);
             }
@@ -256,7 +385,7 @@ runs:
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "repositoryactionwithdockerfile");
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
                 Assert.Equal(actionDir, (steps[0].Data as ContainerSetupInfo).Container.WorkingDirectory);
                 Assert.Equal(Path.Combine(actionDir, "Dockerfile"), (steps[0].Data as ContainerSetupInfo).Container.Dockerfile);
@@ -296,7 +425,7 @@ runs:
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "repositoryactionwithdockerfileinrelativepath");
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
                 Assert.Equal(actionDir, (steps[0].Data as ContainerSetupInfo).Container.WorkingDirectory);
@@ -335,7 +464,7 @@ runs:
 
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "repositoryactionwithdockerfileinrelativepath");
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
                 Assert.Equal(actionDir, (steps[0].Data as ContainerSetupInfo).Container.WorkingDirectory);
@@ -375,7 +504,7 @@ runs:
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "RepositoryActionWithActionfile_DockerfileRelativePath");
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
                 Assert.Equal(actionDir, (steps[0].Data as ContainerSetupInfo).Container.WorkingDirectory);
@@ -415,7 +544,7 @@ runs:
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "RepositoryActionWithActionfile_DockerHubImage");
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
                 Assert.Equal("ubuntu:18.04", (steps[0].Data as ContainerSetupInfo).Container.Image);
@@ -454,7 +583,7 @@ runs:
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "RepositoryActionWithActionYamlFile_DockerHubImage");
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.Equal((steps[0].Data as ContainerSetupInfo).StepIds[0], actionId);
                 Assert.Equal("ubuntu:18.04", (steps[0].Data as ContainerSetupInfo).Container.Image);
@@ -493,7 +622,7 @@ runs:
                 var actionDir = Path.Combine(_hc.GetDirectory(WellKnownDirectory.Actions), "TingluoHuang", "runner_L0", "repositoryactionwithactionfileanddockerfile");
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 Assert.Equal(actionId, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
                 Assert.Equal(actionDir, (steps[0].Data as ContainerSetupInfo).Container.WorkingDirectory);
@@ -610,7 +739,7 @@ runs:
                 };
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 //Assert
                 Assert.Equal(actionId1, (steps[0].Data as ContainerSetupInfo).StepIds[0]);
@@ -671,7 +800,7 @@ runs:
                 };
 
                 //Act
-                var steps = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                var steps = (await _actionManager.PrepareActionsAsync(_ec.Object, actions)).ContainerSetupSteps;
 
                 // node.js based action doesn't need any extra steps to build/pull containers.
                 Assert.True(steps.Count == 0);
@@ -682,6 +811,104 @@ runs:
             }
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public async void PrepareActions_RepositoryActionWithInvalidWrapperActionfile_Node()
+        {
+            try
+            {
+                //Arrange
+                Setup();
+                var actionId = Guid.NewGuid();
+                var actions = new List<Pipelines.ActionStep>
+                {
+                    new Pipelines.ActionStep()
+                    {
+                        Name = "action",
+                        Id = actionId,
+                        Reference = new Pipelines.RepositoryPathReference()
+                        {
+                            Name = "TingluoHuang/runner_L0",
+                            Ref = "RepositoryActionWithInvalidWrapperActionfile_Node",
+                            RepositoryType = "GitHub"
+                        }
+                    }
+                };
+
+                //Act
+                try
+                {
+                    await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                }
+                catch (ArgumentException)
+                {
+                    var traceFile = Path.GetTempFileName();
+                    File.Copy(_hc.TraceFileName, traceFile, true);
+                    Assert.Contains("Entry javascript file is not provided.", File.ReadAllText(traceFile));
+                }
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public async void PrepareActions_RepositoryActionWithWrapperActionfile_PreSteps()
+        {
+            try
+            {
+                //Arrange
+                Setup();
+
+                _hc.EnqueueInstance<IActionRunner>(new Mock<IActionRunner>().Object);
+                _hc.EnqueueInstance<IActionRunner>(new Mock<IActionRunner>().Object);
+
+                var actionId1 = Guid.NewGuid();
+                var actionId2 = Guid.NewGuid();
+                _hc.GetTrace().Info(actionId1);
+                _hc.GetTrace().Info(actionId2);
+                var actions = new List<Pipelines.ActionStep>
+                {
+                    new Pipelines.ActionStep()
+                    {
+                        Name = "action1",
+                        Id = actionId1,
+                        Reference = new Pipelines.RepositoryPathReference()
+                        {
+                            Name = "TingluoHuang/runner_L0",
+                            Ref = "RepositoryActionWithWrapperActionfile_Node",
+                            RepositoryType = "GitHub"
+                        }
+                    },
+                    new Pipelines.ActionStep()
+                    {
+                        Name = "action2",
+                        Id = actionId2,
+                        Reference = new Pipelines.RepositoryPathReference()
+                        {
+                            Name = "TingluoHuang/runner_L0",
+                            Ref = "RepositoryActionWithWrapperActionfile_Docker",
+                            RepositoryType = "GitHub"
+                        }
+                    }
+                };
+
+                //Act
+                var preResult = await _actionManager.PrepareActionsAsync(_ec.Object, actions);
+                Assert.Equal(2, preResult.PreStepTracker.Count);
+                Assert.NotNull(preResult.PreStepTracker[actionId1]);
+                Assert.NotNull(preResult.PreStepTracker[actionId2]);
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
         [Fact]
         [Trait("Level", "L0")]
         [Trait("Category", "Worker")]
@@ -1426,7 +1653,7 @@ runs:
 
                 Assert.NotNull((definition.Data.Execution as NodeJSActionExecutionData));
                 Assert.Equal("task.js", (definition.Data.Execution as NodeJSActionExecutionData).Script);
-                Assert.Equal("cleanup.js", (definition.Data.Execution as NodeJSActionExecutionData).Cleanup);
+                Assert.Equal("cleanup.js", (definition.Data.Execution as NodeJSActionExecutionData).Post);
             }
             finally
             {
@@ -1506,7 +1733,7 @@ runs:
                 Assert.NotNull((definition.Data.Execution as ContainerActionExecutionData)); // execution.Node
                 Assert.Equal("image:1234", (definition.Data.Execution as ContainerActionExecutionData).Image);
                 Assert.Equal("main.sh", (definition.Data.Execution as ContainerActionExecutionData).EntryPoint);
-                Assert.Equal("cleanup.sh", (definition.Data.Execution as ContainerActionExecutionData).Cleanup);
+                Assert.Equal("cleanup.sh", (definition.Data.Execution as ContainerActionExecutionData).Post);
 
                 foreach (var arg in (definition.Data.Execution as ContainerActionExecutionData).Arguments)
                 {
@@ -1595,7 +1822,7 @@ runs:
 
                 Assert.NotNull((definition.Data.Execution as PluginActionExecutionData));
                 Assert.Equal("plugin.class, plugin", (definition.Data.Execution as PluginActionExecutionData).Plugin);
-                Assert.Equal("plugin.cleanup, plugin", (definition.Data.Execution as PluginActionExecutionData).Cleanup);
+                Assert.Equal("plugin.cleanup, plugin", (definition.Data.Execution as PluginActionExecutionData).Post);
             }
             finally
             {
@@ -1639,6 +1866,82 @@ runs:
             };
         }
 
+        /// <summary>
+        /// Creates a sample action in an archive on disk, similar to the archive
+        /// retrieved from GitHub's or GHES' repository API.
+        /// </summary>
+        /// <returns>The path on disk to the archive.</returns>
+#if OS_WINDOWS
+        private Task<string> CreateRepoArchive()
+#else
+        private async Task<string> CreateRepoArchive()
+#endif
+        {
+            const string Content = @"
+# Container action
+name: 'Hello World'
+description: 'Greet the world'
+author: 'GitHub'
+icon: 'hello.svg' # vector art to display in the GitHub Marketplace
+color: 'green' # optional, decorates the entry in the GitHub Marketplace
+runs:
+  using: 'node12'
+  main: 'task.js'
+";
+            CreateAction(yamlContent: Content, instance: out _, directory: out string directory);
+
+            var tempDir = _hc.GetDirectory(WellKnownDirectory.Temp);
+            Directory.CreateDirectory(tempDir);
+            var archiveFile = Path.Combine(tempDir, Path.GetRandomFileName());
+            var trace = _hc.GetTrace();
+
+#if OS_WINDOWS
+            ZipFile.CreateFromDirectory(directory, archiveFile, CompressionLevel.Fastest, includeBaseDirectory: true);
+            return Task.FromResult(archiveFile);
+#else
+            string tar = WhichUtil.Which("tar", require: true, trace: trace);
+
+            // tar -xzf
+            using (var processInvoker = new ProcessInvokerWrapper())
+            {
+                processInvoker.Initialize(_hc);
+                processInvoker.OutputDataReceived += new EventHandler<ProcessDataReceivedEventArgs>((sender, args) =>
+                {
+                    if (!string.IsNullOrEmpty(args.Data))
+                    {
+                        trace.Info(args.Data);
+                    }
+                });
+
+                processInvoker.ErrorDataReceived += new EventHandler<ProcessDataReceivedEventArgs>((sender, args) =>
+                {
+                    if (!string.IsNullOrEmpty(args.Data))
+                    {
+                        trace.Error(args.Data);
+                    }
+                });
+
+                string cwd = Path.GetDirectoryName(directory);
+                string inputDirectory = Path.GetFileName(directory);
+                int exitCode = await processInvoker.ExecuteAsync(_hc.GetDirectory(WellKnownDirectory.Bin), tar, $"-czf \"{archiveFile}\" -C \"{cwd}\" \"{inputDirectory}\"", null, CancellationToken.None);
+                if (exitCode != 0)
+                {
+                    throw new NotSupportedException($"Can't use 'tar -czf' to create archive file: {archiveFile}. return code: {exitCode}.");
+                }
+            }
+            return archiveFile;
+#endif
+        }
+
+        private static string GetLinkToActionArchive(string apiUrl, string repository, string @ref)
+        {
+#if OS_WINDOWS
+            return $"{apiUrl}/repos/{repository}/zipball/{@ref}";
+#else
+            return $"{apiUrl}/repos/{repository}/tarball/{@ref}";
+#endif
+        }
+
         private void Setup([CallerMemberName] string name = "")
         {
             _ecTokenSource?.Dispose();
@@ -1663,7 +1966,7 @@ runs:
             _dockerManager.Setup(x => x.DockerPull(_ec.Object, "ubuntu:16.04")).Returns(Task.FromResult(0));
             _dockerManager.Setup(x => x.DockerPull(_ec.Object, "ubuntu:100.04")).Returns(Task.FromResult(1));
 
-            _dockerManager.Setup(x => x.DockerBuild(_ec.Object, It.IsAny<string>(), It.IsAny<string>(), It.IsAny<string>())).Returns(Task.FromResult(0));
+            _dockerManager.Setup(x => x.DockerBuild(_ec.Object, It.IsAny<string>(), It.IsAny<string>(), It.IsAny<string>(), It.IsAny<string>())).Returns(Task.FromResult(0));
 
             _pluginManager = new Mock<IRunnerPluginManager>();
             _pluginManager.Setup(x => x.GetPluginAction(It.IsAny<string>())).Returns(new RunnerPluginActionInfo() { PluginTypeName = "plugin.class, plugin", PostPluginTypeName = "plugin.cleanup, plugin" });
@@ -1674,6 +1977,7 @@ runs:
             _hc.SetSingleton<IDockerCommandManager>(_dockerManager.Object);
             _hc.SetSingleton<IRunnerPluginManager>(_pluginManager.Object);
             _hc.SetSingleton<IActionManifestManager>(actionManifest);
+            _hc.SetSingleton<IHttpClientHandlerFactory>(new HttpClientHandlerFactory());
 
             _configurationStore = new Mock<IConfigurationStore>();
             _configurationStore

src/Test/L0/Worker/ActionManifestManagerL0.cs

@@ -65,6 +65,52 @@ namespace GitHub.Runner.Common.Tests.Worker
             }
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public void Load_ContainerAction_Dockerfile_Pre()
+        {
+            try
+            {
+                //Arrange
+                Setup();
+
+                var actionManifest = new ActionManifestManager();
+                actionManifest.Initialize(_hc);
+
+                //Act
+                var result = actionManifest.Load(_ec.Object, Path.Combine(TestUtil.GetTestDataPath(), "dockerfileaction_init.yml"));
+
+                //Assert
+
+                Assert.Equal("Hello World", result.Name);
+                Assert.Equal("Greet the world and record the time", result.Description);
+                Assert.Equal(2, result.Inputs.Count);
+                Assert.Equal("greeting", result.Inputs[0].Key.AssertString("key").Value);
+                Assert.Equal("Hello", result.Inputs[0].Value.AssertString("value").Value);
+                Assert.Equal("entryPoint", result.Inputs[1].Key.AssertString("key").Value);
+                Assert.Equal("", result.Inputs[1].Value.AssertString("value").Value);
+
+                Assert.Equal(ActionExecutionType.Container, result.Execution.ExecutionType);
+
+                var containerAction = result.Execution as ContainerActionExecutionData;
+
+                Assert.Equal("Dockerfile", containerAction.Image);
+                Assert.Equal("main.sh", containerAction.EntryPoint);
+                Assert.Equal("init.sh", containerAction.Pre);
+                Assert.Equal("success()", containerAction.InitCondition);
+                Assert.Equal("bzz", containerAction.Arguments[0].ToString());
+                Assert.Equal("Token", containerAction.Environment[0].Key.ToString());
+                Assert.Equal("foo", containerAction.Environment[0].Value.ToString());
+                Assert.Equal("Url", containerAction.Environment[1].Key.ToString());
+                Assert.Equal("bar", containerAction.Environment[1].Value.ToString());
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
         [Fact]
         [Trait("Level", "L0")]
         [Trait("Category", "Worker")]
@@ -97,7 +143,7 @@ namespace GitHub.Runner.Common.Tests.Worker
 
                 Assert.Equal("Dockerfile", containerAction.Image);
                 Assert.Equal("main.sh", containerAction.EntryPoint);
-                Assert.Equal("cleanup.sh", containerAction.Cleanup);
+                Assert.Equal("cleanup.sh", containerAction.Post);
                 Assert.Equal("failure()", containerAction.CleanupCondition);
                 Assert.Equal("bzz", containerAction.Arguments[0].ToString());
                 Assert.Equal("Token", containerAction.Environment[0].Key.ToString());
@@ -111,6 +157,52 @@ namespace GitHub.Runner.Common.Tests.Worker
             }
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public void Load_ContainerAction_Dockerfile_Pre_DefaultCondition()
+        {
+            try
+            {
+                //Arrange
+                Setup();
+
+                var actionManifest = new ActionManifestManager();
+                actionManifest.Initialize(_hc);
+
+                //Act
+                var result = actionManifest.Load(_ec.Object, Path.Combine(TestUtil.GetTestDataPath(), "dockerfileaction_init_default.yml"));
+
+                //Assert
+
+                Assert.Equal("Hello World", result.Name);
+                Assert.Equal("Greet the world and record the time", result.Description);
+                Assert.Equal(2, result.Inputs.Count);
+                Assert.Equal("greeting", result.Inputs[0].Key.AssertString("key").Value);
+                Assert.Equal("Hello", result.Inputs[0].Value.AssertString("value").Value);
+                Assert.Equal("entryPoint", result.Inputs[1].Key.AssertString("key").Value);
+                Assert.Equal("", result.Inputs[1].Value.AssertString("value").Value);
+
+                Assert.Equal(ActionExecutionType.Container, result.Execution.ExecutionType);
+
+                var containerAction = result.Execution as ContainerActionExecutionData;
+
+                Assert.Equal("Dockerfile", containerAction.Image);
+                Assert.Equal("main.sh", containerAction.EntryPoint);
+                Assert.Equal("init.sh", containerAction.Pre);
+                Assert.Equal("always()", containerAction.InitCondition);
+                Assert.Equal("bzz", containerAction.Arguments[0].ToString());
+                Assert.Equal("Token", containerAction.Environment[0].Key.ToString());
+                Assert.Equal("foo", containerAction.Environment[0].Value.ToString());
+                Assert.Equal("Url", containerAction.Environment[1].Key.ToString());
+                Assert.Equal("bar", containerAction.Environment[1].Value.ToString());
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
         [Fact]
         [Trait("Level", "L0")]
         [Trait("Category", "Worker")]
@@ -143,7 +235,7 @@ namespace GitHub.Runner.Common.Tests.Worker
 
                 Assert.Equal("Dockerfile", containerAction.Image);
                 Assert.Equal("main.sh", containerAction.EntryPoint);
-                Assert.Equal("cleanup.sh", containerAction.Cleanup);
+                Assert.Equal("cleanup.sh", containerAction.Post);
                 Assert.Equal("always()", containerAction.CleanupCondition);
                 Assert.Equal("bzz", containerAction.Arguments[0].ToString());
                 Assert.Equal("Token", containerAction.Environment[0].Key.ToString());
@@ -323,6 +415,94 @@ namespace GitHub.Runner.Common.Tests.Worker
             }
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public void Load_NodeAction_Pre()
+        {
+            try
+            {
+                //Arrange
+                Setup();
+
+                var actionManifest = new ActionManifestManager();
+                actionManifest.Initialize(_hc);
+
+                //Act
+                var result = actionManifest.Load(_ec.Object, Path.Combine(TestUtil.GetTestDataPath(), "nodeaction_init.yml"));
+
+                //Assert
+                Assert.Equal("Hello World", result.Name);
+                Assert.Equal("Greet the world and record the time", result.Description);
+                Assert.Equal(2, result.Inputs.Count);
+                Assert.Equal("greeting", result.Inputs[0].Key.AssertString("key").Value);
+                Assert.Equal("Hello", result.Inputs[0].Value.AssertString("value").Value);
+                Assert.Equal("entryPoint", result.Inputs[1].Key.AssertString("key").Value);
+                Assert.Equal("", result.Inputs[1].Value.AssertString("value").Value);
+                Assert.Equal(1, result.Deprecated.Count);
+
+                Assert.True(result.Deprecated.ContainsKey("greeting"));
+                result.Deprecated.TryGetValue("greeting", out string value);
+                Assert.Equal("This property has been deprecated", value);
+
+                Assert.Equal(ActionExecutionType.NodeJS, result.Execution.ExecutionType);
+
+                var nodeAction = result.Execution as NodeJSActionExecutionData;
+
+                Assert.Equal("main.js", nodeAction.Script);
+                Assert.Equal("init.js", nodeAction.Pre);
+                Assert.Equal("cancelled()", nodeAction.InitCondition);
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public void Load_NodeAction_Init_DefaultCondition()
+        {
+            try
+            {
+                //Arrange
+                Setup();
+
+                var actionManifest = new ActionManifestManager();
+                actionManifest.Initialize(_hc);
+
+                //Act
+                var result = actionManifest.Load(_ec.Object, Path.Combine(TestUtil.GetTestDataPath(), "nodeaction_init_default.yml"));
+
+                //Assert
+                Assert.Equal("Hello World", result.Name);
+                Assert.Equal("Greet the world and record the time", result.Description);
+                Assert.Equal(2, result.Inputs.Count);
+                Assert.Equal("greeting", result.Inputs[0].Key.AssertString("key").Value);
+                Assert.Equal("Hello", result.Inputs[0].Value.AssertString("value").Value);
+                Assert.Equal("entryPoint", result.Inputs[1].Key.AssertString("key").Value);
+                Assert.Equal("", result.Inputs[1].Value.AssertString("value").Value);
+                Assert.Equal(1, result.Deprecated.Count);
+
+                Assert.True(result.Deprecated.ContainsKey("greeting"));
+                result.Deprecated.TryGetValue("greeting", out string value);
+                Assert.Equal("This property has been deprecated", value);
+
+                Assert.Equal(ActionExecutionType.NodeJS, result.Execution.ExecutionType);
+
+                var nodeAction = result.Execution as NodeJSActionExecutionData;
+
+                Assert.Equal("main.js", nodeAction.Script);
+                Assert.Equal("init.js", nodeAction.Pre);
+                Assert.Equal("always()", nodeAction.InitCondition);
+            }
+            finally
+            {
+                Teardown();
+            }
+        }
+
         [Fact]
         [Trait("Level", "L0")]
         [Trait("Category", "Worker")]
@@ -358,7 +538,7 @@ namespace GitHub.Runner.Common.Tests.Worker
                 var nodeAction = result.Execution as NodeJSActionExecutionData;
 
                 Assert.Equal("main.js", nodeAction.Script);
-                Assert.Equal("cleanup.js", nodeAction.Cleanup);
+                Assert.Equal("cleanup.js", nodeAction.Post);
                 Assert.Equal("cancelled()", nodeAction.CleanupCondition);
             }
             finally
@@ -402,7 +582,7 @@ namespace GitHub.Runner.Common.Tests.Worker
                 var nodeAction = result.Execution as NodeJSActionExecutionData;
 
                 Assert.Equal("main.js", nodeAction.Script);
-                Assert.Equal("cleanup.js", nodeAction.Cleanup);
+                Assert.Equal("cleanup.js", nodeAction.Post);
                 Assert.Equal("always()", nodeAction.CleanupCondition);
             }
             finally

src/Test/L0/Worker/ActionRunnerL0.cs

@@ -278,6 +278,59 @@ namespace GitHub.Runner.Common.Tests.Worker
             Assert.Equal("${{ matrix.node }}", _actionRunner.DisplayName);
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public async void WarnInvalidInputs()
+        {
+            //Arrange
+            Setup();
+            var actionId = Guid.NewGuid();
+            var actionInputs = new MappingToken(null, null, null);
+            actionInputs.Add(new StringToken(null, null, null, "input1"), new StringToken(null, null, null, "test1"));
+            actionInputs.Add(new StringToken(null, null, null, "input2"), new StringToken(null, null, null, "test2"));
+            actionInputs.Add(new StringToken(null, null, null, "invalid1"), new StringToken(null, null, null, "invalid1"));
+            actionInputs.Add(new StringToken(null, null, null, "invalid2"), new StringToken(null, null, null, "invalid2"));
+            var action = new Pipelines.ActionStep()
+            {
+                Name = "action",
+                Id = actionId,
+                Reference = new Pipelines.ContainerRegistryReference()
+                {
+                    Image = "ubuntu:16.04"
+                },
+                Inputs = actionInputs
+            };
+
+            _actionRunner.Action = action;
+
+            Dictionary<string, string> finialInputs = new Dictionary<string, string>();
+            _handlerFactory.Setup(x => x.Create(It.IsAny<IExecutionContext>(), It.IsAny<ActionStepDefinitionReference>(), It.IsAny<IStepHost>(), It.IsAny<ActionExecutionData>(), It.IsAny<Dictionary<string, string>>(), It.IsAny<Dictionary<string, string>>(), It.IsAny<Variables>(), It.IsAny<string>()))
+                           .Callback((IExecutionContext executionContext, Pipelines.ActionStepDefinitionReference actionReference, IStepHost stepHost, ActionExecutionData data, Dictionary<string, string> inputs, Dictionary<string, string> environment, Variables runtimeVariables, string taskDirectory) =>
+                           {
+                               finialInputs = inputs;
+                           })
+                           .Returns(new Mock<IHandler>().Object);
+
+            //Act
+            await _actionRunner.RunAsync();
+
+            foreach (var input in finialInputs)
+            {
+                _hc.GetTrace().Info($"Input: {input.Key}={input.Value}");
+            }
+
+            //Assert
+            Assert.Equal("test1", finialInputs["input1"]);
+            Assert.Equal("test2", finialInputs["input2"]);
+            Assert.Equal("github", finialInputs["input3"]);
+            Assert.Equal("invalid1", finialInputs["invalid1"]);
+            Assert.Equal("invalid2", finialInputs["invalid2"]);
+
+            _ec.Verify(x => x.AddIssue(It.Is<Issue>(s => s.Message.Contains("Unexpected input 'invalid1'")), It.IsAny<string>()), Times.Once);
+            _ec.Verify(x => x.AddIssue(It.Is<Issue>(s => s.Message.Contains("Unexpected input 'invalid2'")), It.IsAny<string>()), Times.Once);
+        }
+
         private void Setup([CallerMemberName] string name = "")
         {
             _ecTokenSource?.Dispose();

src/Test/L0/Worker/ExecutionContextL0.cs

@@ -1,4 +1,5 @@
-using GitHub.DistributedTask.WebApi;
+using GitHub.DistributedTask.Pipelines.ContextData;
+using GitHub.DistributedTask.WebApi;
 using GitHub.Runner.Worker;
 using Moq;
 using System;
@@ -199,20 +200,20 @@ namespace GitHub.Runner.Common.Tests.Worker
 
 
                 var postRunner1 = hc.CreateService<IActionRunner>();
-                postRunner1.Action = new Pipelines.ActionStep() { Name = "post1", DisplayName = "Test 1", Reference = new Pipelines.RepositoryPathReference() { Name = "actions/action" } };
+                postRunner1.Action = new Pipelines.ActionStep() { Id = Guid.NewGuid(), Name = "post1", DisplayName = "Test 1", Reference = new Pipelines.RepositoryPathReference() { Name = "actions/action" } };
                 postRunner1.Stage = ActionRunStage.Post;
                 postRunner1.Condition = "always()";
                 postRunner1.DisplayName = "post1";
 
 
                 var postRunner2 = hc.CreateService<IActionRunner>();
-                postRunner2.Action = new Pipelines.ActionStep() { Name = "post2", DisplayName = "Test 2", Reference = new Pipelines.RepositoryPathReference() { Name = "actions/action" } };
+                postRunner2.Action = new Pipelines.ActionStep() { Id = Guid.NewGuid(), Name = "post2", DisplayName = "Test 2", Reference = new Pipelines.RepositoryPathReference() { Name = "actions/action" } };
                 postRunner2.Stage = ActionRunStage.Post;
                 postRunner2.Condition = "always()";
                 postRunner2.DisplayName = "post2";
 
-                action1.RegisterPostJobStep("post1", postRunner1);
-                action2.RegisterPostJobStep("post2", postRunner2);
+                action1.RegisterPostJobStep(postRunner1);
+                action2.RegisterPostJobStep(postRunner2);
 
                 Assert.NotNull(jobContext.JobSteps);
                 Assert.NotNull(jobContext.PostJobSteps);
@@ -238,6 +239,145 @@ namespace GitHub.Runner.Common.Tests.Worker
             }
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public void RegisterPostJobAction_NotRegisterPostTwice()
+        {
+            using (TestHostContext hc = CreateTestContext())
+            {
+                // Arrange: Create a job request message.
+                TaskOrchestrationPlanReference plan = new TaskOrchestrationPlanReference();
+                TimelineReference timeline = new TimelineReference();
+                Guid jobId = Guid.NewGuid();
+                string jobName = "some job name";
+                var jobRequest = new Pipelines.AgentJobRequestMessage(plan, timeline, jobId, jobName, jobName, null, null, null, new Dictionary<string, VariableValue>(), new List<MaskHint>(), new Pipelines.JobResources(), new Pipelines.ContextData.DictionaryContextData(), new Pipelines.WorkspaceOptions(), new List<Pipelines.ActionStep>(), null, null, null, null);
+                jobRequest.Resources.Repositories.Add(new Pipelines.RepositoryResource()
+                {
+                    Alias = Pipelines.PipelineConstants.SelfAlias,
+                    Id = "github",
+                    Version = "sha1"
+                });
+                jobRequest.ContextData["github"] = new Pipelines.ContextData.DictionaryContextData();
+                jobRequest.Variables["ACTIONS_STEP_DEBUG"] = "true";
+
+                // Arrange: Setup the paging logger.
+                var pagingLogger1 = new Mock<IPagingLogger>();
+                var pagingLogger2 = new Mock<IPagingLogger>();
+                var pagingLogger3 = new Mock<IPagingLogger>();
+                var pagingLogger4 = new Mock<IPagingLogger>();
+                var pagingLogger5 = new Mock<IPagingLogger>();
+                var jobServerQueue = new Mock<IJobServerQueue>();
+                jobServerQueue.Setup(x => x.QueueTimelineRecordUpdate(It.IsAny<Guid>(), It.IsAny<TimelineRecord>()));
+                jobServerQueue.Setup(x => x.QueueWebConsoleLine(It.IsAny<Guid>(), It.IsAny<string>())).Callback((Guid id, string msg) => { hc.GetTrace().Info(msg); });
+
+                var actionRunner1 = new ActionRunner();
+                actionRunner1.Initialize(hc);
+                var actionRunner2 = new ActionRunner();
+                actionRunner2.Initialize(hc);
+
+                hc.EnqueueInstance(pagingLogger1.Object);
+                hc.EnqueueInstance(pagingLogger2.Object);
+                hc.EnqueueInstance(pagingLogger3.Object);
+                hc.EnqueueInstance(pagingLogger4.Object);
+                hc.EnqueueInstance(pagingLogger5.Object);
+                hc.EnqueueInstance(actionRunner1 as IActionRunner);
+                hc.EnqueueInstance(actionRunner2 as IActionRunner);
+                hc.SetSingleton(jobServerQueue.Object);
+
+                var jobContext = new Runner.Worker.ExecutionContext();
+                jobContext.Initialize(hc);
+
+                // Act.
+                jobContext.InitializeJob(jobRequest, CancellationToken.None);
+
+                var action1 = jobContext.CreateChild(Guid.NewGuid(), "action_1_pre", "action_1_pre", null, null);
+                var action2 = jobContext.CreateChild(Guid.NewGuid(), "action_1_main", "action_1_main", null, null);
+
+                var actionId = Guid.NewGuid();
+                var postRunner1 = hc.CreateService<IActionRunner>();
+                postRunner1.Action = new Pipelines.ActionStep() { Id = actionId, Name = "post1", DisplayName = "Test 1", Reference = new Pipelines.RepositoryPathReference() { Name = "actions/action" } };
+                postRunner1.Stage = ActionRunStage.Post;
+                postRunner1.Condition = "always()";
+                postRunner1.DisplayName = "post1";
+
+
+                var postRunner2 = hc.CreateService<IActionRunner>();
+                postRunner2.Action = new Pipelines.ActionStep() { Id = actionId, Name = "post2", DisplayName = "Test 2", Reference = new Pipelines.RepositoryPathReference() { Name = "actions/action" } };
+                postRunner2.Stage = ActionRunStage.Post;
+                postRunner2.Condition = "always()";
+                postRunner2.DisplayName = "post2";
+
+                action1.RegisterPostJobStep(postRunner1);
+                action2.RegisterPostJobStep(postRunner2);
+
+                Assert.NotNull(jobContext.JobSteps);
+                Assert.NotNull(jobContext.PostJobSteps);
+                Assert.Equal(1, jobContext.PostJobSteps.Count);
+                var post1 = jobContext.PostJobSteps.Pop();
+
+                Assert.Equal("post1", (post1 as IActionRunner).Action.Name);
+
+                Assert.Equal(ActionRunStage.Post, (post1 as IActionRunner).Stage);
+
+                Assert.Equal("always()", (post1 as IActionRunner).Condition);
+            }
+        }
+
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Worker")]
+        public void ActionResult_Lowercase()
+        {
+            using (TestHostContext hc = CreateTestContext())
+            {
+                TaskOrchestrationPlanReference plan = new TaskOrchestrationPlanReference();
+                TimelineReference timeline = new TimelineReference();
+                Guid jobId = Guid.NewGuid();
+                string jobName = "some job name";
+                var jobRequest = new Pipelines.AgentJobRequestMessage(plan, timeline, jobId, jobName, jobName, null, null, null, new Dictionary<string, VariableValue>(), new List<MaskHint>(), new Pipelines.JobResources(), new Pipelines.ContextData.DictionaryContextData(), new Pipelines.WorkspaceOptions(), new List<Pipelines.ActionStep>(), null, null, null, null);
+                jobRequest.Resources.Repositories.Add(new Pipelines.RepositoryResource()
+                {
+                    Alias = Pipelines.PipelineConstants.SelfAlias,
+                    Id = "github",
+                    Version = "sha1"
+                });
+                jobRequest.ContextData["github"] = new Pipelines.ContextData.DictionaryContextData();
+                jobRequest.Variables["ACTIONS_STEP_DEBUG"] = "true";
+
+                // Arrange: Setup the paging logger.
+                var pagingLogger1 = new Mock<IPagingLogger>();
+                var jobServerQueue = new Mock<IJobServerQueue>();
+                hc.EnqueueInstance(pagingLogger1.Object);
+                hc.SetSingleton(jobServerQueue.Object);
+
+                var jobContext = new Runner.Worker.ExecutionContext();
+                jobContext.Initialize(hc);
+
+                // Act.
+                jobContext.InitializeJob(jobRequest, CancellationToken.None);
+
+                jobContext.StepsContext.SetConclusion(null, "step1", ActionResult.Success);
+                var conclusion1 = (jobContext.StepsContext.GetScope(null)["step1"] as DictionaryContextData)["conclusion"].ToString();
+                Assert.Equal(conclusion1, conclusion1.ToLowerInvariant());
+
+                jobContext.StepsContext.SetOutcome(null, "step2", ActionResult.Cancelled);
+                var outcome1 = (jobContext.StepsContext.GetScope(null)["step2"] as DictionaryContextData)["outcome"].ToString();
+                Assert.Equal(outcome1, outcome1.ToLowerInvariant());
+
+                jobContext.StepsContext.SetConclusion(null, "step3", ActionResult.Failure);
+                var conclusion2 = (jobContext.StepsContext.GetScope(null)["step3"] as DictionaryContextData)["conclusion"].ToString();
+                Assert.Equal(conclusion2, conclusion2.ToLowerInvariant());
+
+                jobContext.StepsContext.SetOutcome(null, "step4", ActionResult.Skipped);
+                var outcome2 = (jobContext.StepsContext.GetScope(null)["step4"] as DictionaryContextData)["outcome"].ToString();
+                Assert.Equal(outcome2, outcome2.ToLowerInvariant());
+
+                jobContext.JobContext.Status = ActionResult.Success;
+                Assert.Equal(jobContext.JobContext["status"].ToString(), jobContext.JobContext["status"].ToString().ToLowerInvariant());
+            }
+        }
+
         private TestHostContext CreateTestContext([CallerMemberName] String testName = "")
         {
             var hc = new TestHostContext(this, testName);

src/Test/L0/Worker/JobExtensionL0.cs

@@ -141,7 +141,7 @@ namespace GitHub.Runner.Common.Tests.Worker
                 jobExtension.Initialize(hc);
 
                 _actionManager.Setup(x => x.PrepareActionsAsync(It.IsAny<IExecutionContext>(), It.IsAny<IEnumerable<Pipelines.JobStep>>()))
-                              .Returns(Task.FromResult(new List<JobExtensionRunner>()));
+                              .Returns(Task.FromResult(new PrepareResult(new List<JobExtensionRunner>(), new Dictionary<Guid, IActionRunner>())));
 
                 List<IStep> result = await jobExtension.InitializeJob(_jobEc, _message);
 
@@ -176,7 +176,7 @@ namespace GitHub.Runner.Common.Tests.Worker
                 jobExtension.Initialize(hc);
 
                 _actionManager.Setup(x => x.PrepareActionsAsync(It.IsAny<IExecutionContext>(), It.IsAny<IEnumerable<Pipelines.JobStep>>()))
-                              .Returns(Task.FromResult(new List<JobExtensionRunner>() { new JobExtensionRunner(null, "", "prepare1", null), new JobExtensionRunner(null, "", "prepare2", null) }));
+                              .Returns(Task.FromResult(new PrepareResult(new List<JobExtensionRunner>() { new JobExtensionRunner(null, "", "prepare1", null), new JobExtensionRunner(null, "", "prepare2", null) }, new Dictionary<Guid, IActionRunner>())));
 
                 List<IStep> result = await jobExtension.InitializeJob(_jobEc, _message);
 

src/Test/L0/Worker/StepsRunnerL0.cs

@@ -536,12 +536,12 @@ namespace GitHub.Runner.Common.Tests.Worker
                 step2.Verify(x => x.RunAsync(), Times.Once);
                 step3.Verify(x => x.RunAsync(), Times.Once);
 
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["outcome"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["conclusion"].AssertString(""));
-                Assert.Equal(TaskResult.Failed.ToActionResult().ToString(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["outcome"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["conclusion"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["outcome"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["conclusion"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["outcome"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["conclusion"].AssertString(""));
+                Assert.Equal(TaskResult.Failed.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["outcome"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["conclusion"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["outcome"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["conclusion"].AssertString(""));
 
             }
         }
@@ -572,12 +572,12 @@ namespace GitHub.Runner.Common.Tests.Worker
                 step2.Verify(x => x.RunAsync(), Times.Once);
                 step3.Verify(x => x.RunAsync(), Times.Once);
 
-                Assert.Equal(TaskResult.Skipped.ToActionResult().ToString(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["outcome"].AssertString(""));
-                Assert.Equal(TaskResult.Skipped.ToActionResult().ToString(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["conclusion"].AssertString(""));
-                Assert.Equal(TaskResult.Failed.ToActionResult().ToString(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["outcome"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["conclusion"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["outcome"].AssertString(""));
-                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["conclusion"].AssertString(""));
+                Assert.Equal(TaskResult.Skipped.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["outcome"].AssertString(""));
+                Assert.Equal(TaskResult.Skipped.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step1"].AssertDictionary("")["conclusion"].AssertString(""));
+                Assert.Equal(TaskResult.Failed.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["outcome"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step2"].AssertDictionary("")["conclusion"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["outcome"].AssertString(""));
+                Assert.Equal(TaskResult.Succeeded.ToActionResult().ToString().ToLowerInvariant(), _stepContext.GetScope(null)["step3"].AssertDictionary("")["conclusion"].AssertString(""));
             }
         }
 
@@ -615,8 +615,8 @@ namespace GitHub.Runner.Common.Tests.Worker
                         stepContext.Object.Result = r;
                     }
 
-                    _stepContext.SetOutcome("", stepContext.Object.ContextName, (stepContext.Object.Outcome ?? stepContext.Object.Result ?? TaskResult.Succeeded).ToActionResult().ToString());
-                    _stepContext.SetConclusion("", stepContext.Object.ContextName, (stepContext.Object.Result ?? TaskResult.Succeeded).ToActionResult().ToString());
+                    _stepContext.SetOutcome("", stepContext.Object.ContextName, (stepContext.Object.Outcome ?? stepContext.Object.Result ?? TaskResult.Succeeded).ToActionResult());
+                    _stepContext.SetConclusion("", stepContext.Object.ContextName, (stepContext.Object.Result ?? TaskResult.Succeeded).ToActionResult());
                 });
             var trace = hc.GetTrace();
             stepContext.Setup(x => x.Write(It.IsAny<string>(), It.IsAny<string>())).Callback((string tag, string message) => { trace.Info($"[{tag}]{message}"); });

src/Test/TestData/dockerfileaction_init.yml

@@ -0,0 +1,27 @@
+name: 'Hello World'
+description: 'Greet the world and record the time'
+author: 'Test Corporation'
+inputs: 
+  greeting: # id of input
+    description: 'The greeting we choose - will print ""{greeting}, World!"" on stdout'
+    required: true
+    default: 'Hello'
+  entryPoint: # id of input
+    description: 'optional docker entrypoint overwrite.'
+    required: false
+outputs:
+  time: # id of output
+    description: 'The time we did the greeting'
+icon: 'hello.svg' # vector art to display in the GitHub Marketplace
+color: 'green' # optional, decorates the entry in the GitHub Marketplace
+runs:
+  using: 'docker'
+  image: 'Dockerfile'
+  args:
+  - 'bzz'
+  entrypoint: 'main.sh'
+  env:
+    Token: foo
+    Url: bar
+  pre-entrypoint: 'init.sh'
+  pre-if: 'success()'

src/Test/TestData/dockerfileaction_init_default.yml

@@ -0,0 +1,26 @@
+name: 'Hello World'
+description: 'Greet the world and record the time'
+author: 'Test Corporation'
+inputs: 
+  greeting: # id of input
+    description: 'The greeting we choose - will print ""{greeting}, World!"" on stdout'
+    required: true
+    default: 'Hello'
+  entryPoint: # id of input
+    description: 'optional docker entrypoint overwrite.'
+    required: false
+outputs:
+  time: # id of output
+    description: 'The time we did the greeting'
+icon: 'hello.svg' # vector art to display in the GitHub Marketplace
+color: 'green' # optional, decorates the entry in the GitHub Marketplace
+runs:
+  using: 'docker'
+  image: 'Dockerfile'
+  args:
+  - 'bzz'
+  entrypoint: 'main.sh'
+  env:
+    Token: foo
+    Url: bar
+  pre-entrypoint: 'init.sh'

src/Test/TestData/nodeaction_init.yml

@@ -0,0 +1,22 @@
+name: 'Hello World'
+description: 'Greet the world and record the time'
+author: 'Test Corporation'
+inputs: 
+  greeting: # id of input
+    description: 'The greeting we choose - will print ""{greeting}, World!"" on stdout'
+    required: true
+    default: 'Hello'
+    deprecationMessage: 'This property has been deprecated'
+  entryPoint: # id of input
+    description: 'optional docker entrypoint overwrite.'
+    required: false
+outputs:
+  time: # id of output
+    description: 'The time we did the greeting'
+icon: 'hello.svg' # vector art to display in the GitHub Marketplace
+color: 'green' # optional, decorates the entry in the GitHub Marketplace
+runs:
+  using: 'node12'
+  main: 'main.js'
+  pre: 'init.js'
+  pre-if: 'cancelled()'

src/Test/TestData/nodeaction_init_default.yml

@@ -0,0 +1,21 @@
+name: 'Hello World'
+description: 'Greet the world and record the time'
+author: 'Test Corporation'
+inputs: 
+  greeting: # id of input
+    description: 'The greeting we choose - will print ""{greeting}, World!"" on stdout'
+    required: true
+    default: 'Hello'
+    deprecationMessage: 'This property has been deprecated'
+  entryPoint: # id of input
+    description: 'optional docker entrypoint overwrite.'
+    required: false
+outputs:
+  time: # id of output
+    description: 'The time we did the greeting'
+icon: 'hello.svg' # vector art to display in the GitHub Marketplace
+color: 'green' # optional, decorates the entry in the GitHub Marketplace
+runs:
+  using: 'node12'
+  main: 'main.js'
+  pre: 'init.js'

src/runnerversion

@@ -1 +1 @@
-2.169.0
+2.262.0