mirror of
https://github.com/actions/runner.git
synced 2025-12-10 12:36:23 +00:00
Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
72e2107b5e | ||
|
|
3567c042ea | ||
|
|
e646b6fec4 | ||
|
|
8d2be3d4fa | ||
|
|
407a347f83 | ||
|
|
7e74f8c9d5 | ||
|
|
efdda93aeb | ||
|
|
1d1998aabb | ||
|
|
d2c6a4e4bc | ||
|
|
d11bd3d8be | ||
|
|
761785620f | ||
|
|
416771d4b1 | ||
|
|
9499f477a2 | ||
|
|
6bc6d475f9 | ||
|
|
ca2b1bc6d5 |
5
.github/workflows/release.yml
vendored
5
.github/workflows/release.yml
vendored
@@ -89,7 +89,7 @@ jobs:
|
||||
- runtime: osx-x64
|
||||
os: macOS-latest
|
||||
devScript: ./dev.sh
|
||||
|
||||
|
||||
- runtime: osx-arm64
|
||||
os: macOS-latest
|
||||
devScript: ./dev.sh
|
||||
@@ -158,7 +158,7 @@ jobs:
|
||||
id: sha_noruntime_noexternals
|
||||
name: Compute SHA256
|
||||
working-directory: _package_trims/trim_runtime_externals
|
||||
|
||||
|
||||
- name: Create trimmedpackages.json for ${{ matrix.runtime }}
|
||||
if: matrix.runtime == 'win-x64'
|
||||
uses: actions/github-script@0.3.0
|
||||
@@ -288,7 +288,6 @@ jobs:
|
||||
release_name: "v${{ steps.releaseNote.outputs.version }}"
|
||||
body: |
|
||||
${{ steps.releaseNote.outputs.note }}
|
||||
prerelease: true
|
||||
|
||||
# Upload release assets (full runner packages)
|
||||
- name: Upload Release Asset (win-x64)
|
||||
|
||||
@@ -15,7 +15,7 @@ Make sure the runner has access to actions service for GitHub.com or GitHub Ente
|
||||
```
|
||||
curl -v https://api.github.com/api/v3/zen
|
||||
curl -v https://vstoken.actions.githubusercontent.com/_apis/health
|
||||
curl -v https://pipelines.actions.githubusercontent/_apis/health
|
||||
curl -v https://pipelines.actions.githubusercontent.com/_apis/health
|
||||
```
|
||||
|
||||
- For GitHub Enterprise Server
|
||||
|
||||
@@ -20,11 +20,30 @@ The test also set environment variable `GIT_TRACE=1` and `GIT_CURL_VERBOSE=1` be
|
||||
|
||||
## How to fix the issue?
|
||||
|
||||
### 1. Check the common network issue
|
||||
### 1. Check global and system git config
|
||||
|
||||
If you are having issues connecting to the server, check your global and system git config for any unexpected authentication headers. You might be seeing an error like:
|
||||
|
||||
```
|
||||
fatal: unable to access 'https://github.com/actions/checkout/': The requested URL returned error: 400
|
||||
```
|
||||
|
||||
The following commands can be used to check for unexpected authentication headers:
|
||||
|
||||
```
|
||||
$ git config --global --list | grep extraheader
|
||||
http.extraheader=AUTHORIZATION: unexpected_auth_header
|
||||
|
||||
$ git config --system --list | grep extraheader
|
||||
```
|
||||
|
||||
The following command can be used to remove the above value: `git config --global --unset http.extraheader`
|
||||
|
||||
### 2. Check the common network issue
|
||||
|
||||
> Please check the [network doc](./network.md)
|
||||
|
||||
### 2. SSL certificate related issue
|
||||
### 3. SSL certificate related issue
|
||||
|
||||
If you are seeing `SSL Certificate problem:` in the log, it means the `git` can't connect to the GitHub server due to SSL handshake failure.
|
||||
> Please check the [SSL cert doc](./sslcert.md)
|
||||
|
||||
@@ -34,7 +34,7 @@ The `installdependencies.sh` script should install all required dependencies on
|
||||
|
||||
Debian based OS (Debian, Ubuntu, Linux Mint)
|
||||
|
||||
- liblttng-ust0
|
||||
- liblttng-ust1 or liblttng-ust0
|
||||
- libkrb5-3
|
||||
- zlib1g
|
||||
- libssl1.1, libssl1.0.2 or libssl1.0.0
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
## Features
|
||||
- Added support for a JIT runner config (#1925)
|
||||
- Added `ACTIONS_RUNNER_FORCE_ACTIONS_NODE_VERSION` env option to force actions to run on a specific node version (#1913)
|
||||
## Bugs
|
||||
- Fixed an issue where container environment variables names or values could escape the docker command (#2108)
|
||||
- Sanitize Windows ENVs (#2280)
|
||||
- Fixed a bug where container hooks passed in path as a string rather then an array of strings (#1948)
|
||||
|
||||
## Misc
|
||||
- Minor cleanup of error messages when running container hooks (#1949)
|
||||
|
||||
## Windows x64
|
||||
We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows.
|
||||
|
||||
@@ -1 +1 @@
|
||||
2.293.2
|
||||
<Update to ./src/runnerversion when creating release>
|
||||
|
||||
@@ -66,7 +66,7 @@ then
|
||||
fi
|
||||
fi
|
||||
|
||||
$apt_get update && $apt_get install -y liblttng-ust0 libkrb5-3 zlib1g
|
||||
$apt_get update && $apt_get install -y libkrb5-3 zlib1g
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
echo "'$apt_get' failed with exit code '$?'"
|
||||
@@ -94,6 +94,14 @@ then
|
||||
fi
|
||||
}
|
||||
|
||||
apt_get_with_fallbacks liblttng-ust1 liblttng-ust0
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
echo "'$apt_get' failed with exit code '$?'"
|
||||
print_errormessage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
apt_get_with_fallbacks libssl1.1$ libssl1.0.2$ libssl1.0.0$
|
||||
if [ $? -ne 0 ]
|
||||
then
|
||||
|
||||
@@ -90,6 +90,7 @@ namespace GitHub.Runner.Common
|
||||
public static class Args
|
||||
{
|
||||
public static readonly string Auth = "auth";
|
||||
public static readonly string JitConfig = "jitconfig";
|
||||
public static readonly string Labels = "labels";
|
||||
public static readonly string MonitorSocketAddress = "monitorsocketaddress";
|
||||
public static readonly string Name = "name";
|
||||
@@ -241,6 +242,7 @@ namespace GitHub.Runner.Common
|
||||
|
||||
// Set this env var to "node12" to downgrade the node version for internal functions (e.g hashfiles). This does NOT affect the version of node actions.
|
||||
public static readonly string ForcedInternalNodeVersion = "ACTIONS_RUNNER_FORCED_INTERNAL_NODE_VERSION";
|
||||
public static readonly string ForcedActionsNodeVersion = "ACTIONS_RUNNER_FORCE_ACTIONS_NODE_VERSION";
|
||||
}
|
||||
|
||||
public static class System
|
||||
|
||||
@@ -17,7 +17,7 @@ namespace GitHub.Runner.Common
|
||||
{
|
||||
Task ConnectAsync(Uri serverUrl, VssCredentials credentials);
|
||||
|
||||
Task<AgentJobRequestMessage> GetJobMessageAsync(string id);
|
||||
Task<AgentJobRequestMessage> GetJobMessageAsync(string id, CancellationToken token);
|
||||
}
|
||||
|
||||
public sealed class RunServer : RunnerService, IRunServer
|
||||
@@ -67,10 +67,40 @@ namespace GitHub.Runner.Common
|
||||
}
|
||||
}
|
||||
|
||||
public Task<AgentJobRequestMessage> GetJobMessageAsync(string id)
|
||||
public Task<AgentJobRequestMessage> GetJobMessageAsync(string id, CancellationToken cancellationToken)
|
||||
{
|
||||
CheckConnection();
|
||||
return _taskAgentClient.GetJobMessageAsync(id);
|
||||
var jobMessage = RetryRequest<AgentJobRequestMessage>(async () =>
|
||||
{
|
||||
return await _taskAgentClient.GetJobMessageAsync(id, cancellationToken);
|
||||
}, cancellationToken);
|
||||
return jobMessage;
|
||||
}
|
||||
|
||||
private async Task<T> RetryRequest<T>(Func<Task<T>> func,
|
||||
CancellationToken cancellationToken,
|
||||
int maxRetryAttemptsCount = 5
|
||||
)
|
||||
{
|
||||
var retryCount = 0;
|
||||
while (true)
|
||||
{
|
||||
retryCount++;
|
||||
cancellationToken.ThrowIfCancellationRequested();
|
||||
try
|
||||
{
|
||||
return await func();
|
||||
}
|
||||
// TODO: Add handling of non-retriable exceptions: https://github.com/github/actions-broker/issues/122
|
||||
catch (Exception ex) when (retryCount < maxRetryAttemptsCount)
|
||||
{
|
||||
Trace.Error("Catch exception during get full job message");
|
||||
Trace.Error(ex);
|
||||
var backOff = BackoffTimerHelper.GetRandomBackoff(TimeSpan.FromSeconds(5), TimeSpan.FromSeconds(15));
|
||||
Trace.Warning($"Back off {backOff.TotalSeconds} seconds before next retry. {maxRetryAttemptsCount - retryCount} attempt left.");
|
||||
await Task.Delay(backOff, cancellationToken);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.Win32.Registry" Version="4.4.0" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
||||
<PackageReference Include="System.Security.Cryptography.ProtectedData" Version="4.4.0" />
|
||||
<PackageReference Include="System.Text.Encoding.CodePages" Version="4.4.0" />
|
||||
<PackageReference Include="System.Threading.Channels" Version="4.4.0" />
|
||||
|
||||
@@ -15,8 +15,14 @@ namespace GitHub.Runner.Common.Util
|
||||
|
||||
public static string GetInternalNodeVersion()
|
||||
{
|
||||
var forcedNodeVersion = Environment.GetEnvironmentVariable(Constants.Variables.Agent.ForcedInternalNodeVersion);
|
||||
return !string.IsNullOrEmpty(forcedNodeVersion) && BuiltInNodeVersions.Contains(forcedNodeVersion) ? forcedNodeVersion : _defaultNodeVersion;
|
||||
var forcedInternalNodeVersion = Environment.GetEnvironmentVariable(Constants.Variables.Agent.ForcedInternalNodeVersion);
|
||||
var isForcedInternalNodeVersion = !string.IsNullOrEmpty(forcedInternalNodeVersion) && BuiltInNodeVersions.Contains(forcedInternalNodeVersion);
|
||||
|
||||
if (isForcedInternalNodeVersion)
|
||||
{
|
||||
return forcedInternalNodeVersion;
|
||||
}
|
||||
return _defaultNodeVersion;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,6 +63,7 @@ namespace GitHub.Runner.Listener
|
||||
new string[]
|
||||
{
|
||||
Constants.Runner.CommandLine.Flags.Once,
|
||||
Constants.Runner.CommandLine.Args.JitConfig,
|
||||
Constants.Runner.CommandLine.Args.StartupType
|
||||
},
|
||||
// valid warmup flags and args
|
||||
@@ -213,6 +214,12 @@ namespace GitHub.Runner.Listener
|
||||
validator: Validators.AuthSchemeValidator);
|
||||
}
|
||||
|
||||
public string GetJitConfig()
|
||||
{
|
||||
return GetArg(
|
||||
name: Constants.Runner.CommandLine.Args.JitConfig);
|
||||
}
|
||||
|
||||
public string GetRunnerName()
|
||||
{
|
||||
return GetArgOrPrompt(
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.Win32.Registry" Version="4.4.0" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
||||
<PackageReference Include="System.IO.FileSystem.AccessControl" Version="4.4.0" />
|
||||
<PackageReference Include="System.Security.Cryptography.ProtectedData" Version="4.4.0" />
|
||||
<PackageReference Include="System.ServiceProcess.ServiceController" Version="4.4.0" />
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.IO.Compression;
|
||||
using System.Linq;
|
||||
using System.Reflection;
|
||||
using System.Runtime.CompilerServices;
|
||||
using System.Text;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using GitHub.DistributedTask.WebApi;
|
||||
@@ -192,6 +194,30 @@ namespace GitHub.Runner.Listener
|
||||
return Constants.Runner.ReturnCode.Success;
|
||||
}
|
||||
|
||||
var base64JitConfig = command.GetJitConfig();
|
||||
if (!string.IsNullOrEmpty(base64JitConfig))
|
||||
{
|
||||
try
|
||||
{
|
||||
var decodedJitConfig = Encoding.UTF8.GetString(Convert.FromBase64String(base64JitConfig));
|
||||
var jitConfig = StringUtil.ConvertFromJson<Dictionary<string, string>>(decodedJitConfig);
|
||||
foreach (var config in jitConfig)
|
||||
{
|
||||
var configFile = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Root), config.Key);
|
||||
var configContent = Encoding.UTF8.GetString(Convert.FromBase64String(config.Value));
|
||||
File.WriteAllText(configFile, configContent, Encoding.UTF8);
|
||||
File.SetAttributes(configFile, File.GetAttributes(configFile) | FileAttributes.Hidden);
|
||||
Trace.Info($"Save {configContent.Length} chars to '{configFile}'.");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Trace.Error(ex);
|
||||
_term.WriteError(ex.Message);
|
||||
return Constants.Runner.ReturnCode.TerminatedError;
|
||||
}
|
||||
}
|
||||
|
||||
RunnerSettings settings = configManager.LoadSettings();
|
||||
|
||||
var store = HostContext.GetService<IConfigurationStore>();
|
||||
@@ -474,10 +500,9 @@ namespace GitHub.Runner.Listener
|
||||
var credMgr = HostContext.GetService<ICredentialManager>();
|
||||
var creds = credMgr.LoadCredentials();
|
||||
|
||||
// todo: add retries https://github.com/github/actions-broker/issues/49
|
||||
var runServer = HostContext.CreateService<IRunServer>();
|
||||
await runServer.ConnectAsync(new Uri(settings.ServerUrl), creds);
|
||||
var jobMessage = await runServer.GetJobMessageAsync(messageRef.RunnerRequestId);
|
||||
var jobMessage = await runServer.GetJobMessageAsync(messageRef.RunnerRequestId, messageQueueLoopTokenSource.Token);
|
||||
|
||||
jobDispatcher.Run(jobMessage, runOnce);
|
||||
if (runOnce)
|
||||
@@ -602,7 +627,7 @@ Config Options:
|
||||
--labels string Extra labels in addition to the default: 'self-hosted,{Constants.Runner.Platform},{Constants.Runner.PlatformArchitecture}'
|
||||
--work string Relative runner work directory (default {Constants.Path.WorkDirectory})
|
||||
--replace Replace any existing runner with the same name (default false)
|
||||
--pat GitHub personal access token used for checking network connectivity when executing `.{separator}run.{ext} --check`
|
||||
--pat GitHub personal access token with repo scope. Used for checking network connectivity when executing `.{separator}run.{ext} --check`
|
||||
--disableupdate Disable self-hosted runner automatic update to the latest released version`
|
||||
--ephemeral Configure the runner to only take one job and then let the service un-configure the runner after the job finishes (default false)");
|
||||
|
||||
|
||||
@@ -264,17 +264,7 @@ namespace GitHub.Runner.Sdk
|
||||
{
|
||||
foreach (KeyValuePair<string, string> kvp in environment)
|
||||
{
|
||||
#if OS_WINDOWS
|
||||
string tempKey = String.IsNullOrWhiteSpace(kvp.Key) ? kvp.Key : kvp.Key.Split('\0')[0];
|
||||
string tempValue = String.IsNullOrWhiteSpace(kvp.Value) ? kvp.Value : kvp.Value.Split('\0')[0];
|
||||
if(!String.IsNullOrWhiteSpace(tempKey))
|
||||
{
|
||||
_proc.StartInfo.Environment[tempKey] = tempValue;
|
||||
}
|
||||
#else
|
||||
_proc.StartInfo.Environment[kvp.Key] = kvp.Value;
|
||||
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -101,7 +101,7 @@ namespace GitHub.Runner.Worker.Container.ContainerHooks
|
||||
EntryPointArgs = entryPointArgs.Split(' ').Select(arg => arg.Trim()),
|
||||
EntryPoint = entryPoint,
|
||||
EnvironmentVariables = environmentVariables,
|
||||
PrependPath = prependPath,
|
||||
PrependPath = context.Global.PrependPath.Reverse<string>(),
|
||||
WorkingDirectory = workingDirectory,
|
||||
},
|
||||
State = context.Global.ContainerHookState
|
||||
@@ -174,8 +174,7 @@ namespace GitHub.Runner.Worker.Container.ContainerHooks
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Trace.Error(ex);
|
||||
throw new Exception($"Custom container implementation failed with error: {ex.Message} Please contact your self hosted runner administrator.", ex);
|
||||
throw new Exception($"Executing the custom container implementation failed. Please contact your self hosted runner administrator.", ex);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -44,7 +44,7 @@ namespace GitHub.Runner.Worker.Container.ContainerHooks
|
||||
public IEnumerable<string> EntryPointArgs { get; set; }
|
||||
public string EntryPoint { get; set; }
|
||||
public IDictionary<string, string> EnvironmentVariables { get; set; }
|
||||
public string PrependPath { get; set; }
|
||||
public IEnumerable<string> PrependPath { get; set; }
|
||||
public string WorkingDirectory { get; set; }
|
||||
public bool IsRequireAlpineInResponse() => false;
|
||||
}
|
||||
|
||||
@@ -131,11 +131,11 @@ namespace GitHub.Runner.Worker.Container
|
||||
{
|
||||
if (String.IsNullOrEmpty(env.Value))
|
||||
{
|
||||
dockerOptions.Add(DockerUtil.CreateEscapedOption("-e", env.Key));
|
||||
dockerOptions.Add($"-e \"{env.Key}\"");
|
||||
}
|
||||
else
|
||||
{
|
||||
dockerOptions.Add(DockerUtil.CreateEscapedOption("-e", env.Key, env.Value));
|
||||
dockerOptions.Add($"-e \"{env.Key}={env.Value.Replace("\"", "\\\"")}\"");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -202,7 +202,7 @@ namespace GitHub.Runner.Worker.Container
|
||||
{
|
||||
// e.g. -e MY_SECRET maps the value into the exec'ed process without exposing
|
||||
// the value directly in the command
|
||||
dockerOptions.Add(DockerUtil.CreateEscapedOption("-e", env.Key));
|
||||
dockerOptions.Add($"-e {env.Key}");
|
||||
}
|
||||
|
||||
// Watermark for GitHub Action environment
|
||||
|
||||
@@ -6,9 +6,6 @@ namespace GitHub.Runner.Worker.Container
|
||||
{
|
||||
public class DockerUtil
|
||||
{
|
||||
private static readonly Regex QuoteEscape = new Regex(@"(\\*)" + "\"", RegexOptions.Compiled);
|
||||
private static readonly Regex EndOfStringEscape = new Regex(@"(\\+)$", RegexOptions.Compiled);
|
||||
|
||||
public static List<PortMapping> ParseDockerPort(IList<string> portMappingLines)
|
||||
{
|
||||
const string targetPort = "targetPort";
|
||||
@@ -20,7 +17,7 @@ namespace GitHub.Runner.Worker.Container
|
||||
string pattern = $"^(?<{targetPort}>\\d+)/(?<{proto}>\\w+) -> (?<{host}>.+):(?<{hostPort}>\\d+)$";
|
||||
|
||||
List<PortMapping> portMappings = new List<PortMapping>();
|
||||
foreach (var line in portMappingLines)
|
||||
foreach(var line in portMappingLines)
|
||||
{
|
||||
Match m = Regex.Match(line, pattern, RegexOptions.None, TimeSpan.FromSeconds(1));
|
||||
if (m.Success)
|
||||
@@ -64,44 +61,5 @@ namespace GitHub.Runner.Worker.Container
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
public static string CreateEscapedOption(string flag, string key)
|
||||
{
|
||||
if (String.IsNullOrEmpty(key))
|
||||
{
|
||||
return "";
|
||||
}
|
||||
return $"{flag} {EscapeString(key)}";
|
||||
}
|
||||
|
||||
public static string CreateEscapedOption(string flag, string key, string value)
|
||||
{
|
||||
if (String.IsNullOrEmpty(key))
|
||||
{
|
||||
return "";
|
||||
}
|
||||
var escapedString = EscapeString($"{key}={value}");
|
||||
return $"{flag} {escapedString}";
|
||||
}
|
||||
|
||||
private static string EscapeString(string value)
|
||||
{
|
||||
if (String.IsNullOrEmpty(value))
|
||||
{
|
||||
return "";
|
||||
}
|
||||
// Dotnet escaping rules are weird here, we can only escape \ if it precedes a "
|
||||
// If a double quotation mark follows two or an even number of backslashes, each proceeding backslash pair is replaced with one backslash and the double quotation mark is removed.
|
||||
// If a double quotation mark follows an odd number of backslashes, including just one, each preceding pair is replaced with one backslash and the remaining backslash is removed; however, in this case the double quotation mark is not removed.
|
||||
// https://docs.microsoft.com/en-us/dotnet/api/system.environment.getcommandlineargs?redirectedfrom=MSDN&view=net-6.0#remarks
|
||||
|
||||
// First, find any \ followed by a " and double the number of \ + 1.
|
||||
value = QuoteEscape.Replace(value, @"$1$1\" + "\"");
|
||||
// Next, what if it ends in `\`, it would escape the end quote. So, we need to detect that at the end of the string and perform the same escape
|
||||
// Luckily, we can just use the $ character with detects the end of string in regex
|
||||
value = EndOfStringEscape.Replace(value, @"$1$1");
|
||||
// Finally, wrap it in quotes
|
||||
return $"\"{value}\"";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,6 +67,8 @@ namespace GitHub.Runner.Worker
|
||||
|
||||
bool IsEmbedded { get; }
|
||||
|
||||
List<string> StepEnvironmentOverrides { get; }
|
||||
|
||||
ExecutionContext Root { get; }
|
||||
|
||||
// Initialize
|
||||
@@ -237,6 +239,8 @@ namespace GitHub.Runner.Worker
|
||||
}
|
||||
}
|
||||
|
||||
public List<string> StepEnvironmentOverrides { get; } = new List<string>();
|
||||
|
||||
public override void Initialize(IHostContext hostContext)
|
||||
{
|
||||
base.Initialize(hostContext);
|
||||
|
||||
@@ -266,7 +266,11 @@ namespace GitHub.Runner.Worker.Handlers
|
||||
#endif
|
||||
foreach (var pair in dict)
|
||||
{
|
||||
envContext[pair.Key] = pair.Value;
|
||||
// Skip global env, otherwise we merge an outdated global env
|
||||
if (ExecutionContext.StepEnvironmentOverrides.Contains(pair.Key))
|
||||
{
|
||||
envContext[pair.Key] = pair.Value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -275,11 +279,13 @@ namespace GitHub.Runner.Worker.Handlers
|
||||
if (step is IActionRunner actionStep)
|
||||
{
|
||||
// Evaluate and merge embedded-step env
|
||||
step.ExecutionContext.StepEnvironmentOverrides.AddRange(ExecutionContext.StepEnvironmentOverrides);
|
||||
var templateEvaluator = step.ExecutionContext.ToPipelineTemplateEvaluator();
|
||||
var actionEnvironment = templateEvaluator.EvaluateStepEnvironment(actionStep.Action.Environment, step.ExecutionContext.ExpressionValues, step.ExecutionContext.ExpressionFunctions, Common.Util.VarUtil.EnvironmentVariableKeyComparer);
|
||||
foreach (var env in actionEnvironment)
|
||||
{
|
||||
envContext[env.Key] = new StringContextData(env.Value ?? string.Empty);
|
||||
step.ExecutionContext.StepEnvironmentOverrides.Add(env.Key);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,6 +8,7 @@ using GitHub.DistributedTask.Pipelines.ContextData;
|
||||
using GitHub.DistributedTask.WebApi;
|
||||
using GitHub.Runner.Common;
|
||||
using GitHub.Runner.Sdk;
|
||||
using GitHub.Runner.Common.Util;
|
||||
using GitHub.Runner.Worker.Container;
|
||||
using GitHub.Runner.Worker.Container.ContainerHooks;
|
||||
|
||||
@@ -104,6 +105,12 @@ namespace GitHub.Runner.Worker.Handlers
|
||||
Data.NodeVersion = "node16";
|
||||
}
|
||||
#endif
|
||||
string forcedNodeVersion = System.Environment.GetEnvironmentVariable(Constants.Variables.Agent.ForcedActionsNodeVersion);
|
||||
|
||||
if (forcedNodeVersion == "node16" && Data.NodeVersion != "node16")
|
||||
{
|
||||
Data.NodeVersion = "node16";
|
||||
}
|
||||
var nodeRuntimeVersion = await StepHost.DetermineNodeRuntimeVersion(ExecutionContext, Data.NodeVersion);
|
||||
string file = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), nodeRuntimeVersion, "bin", $"node{IOUtil.ExeExtension}");
|
||||
|
||||
|
||||
@@ -193,7 +193,7 @@ namespace GitHub.Runner.Worker.Handlers
|
||||
TranslateToContainerPath(environment);
|
||||
await containerHookManager.RunScriptStepAsync(context,
|
||||
Container,
|
||||
workingDirectory,
|
||||
workingDirectory,
|
||||
fileName,
|
||||
arguments,
|
||||
environment,
|
||||
@@ -216,7 +216,7 @@ namespace GitHub.Runner.Worker.Handlers
|
||||
{
|
||||
// e.g. -e MY_SECRET maps the value into the exec'ed process without exposing
|
||||
// the value directly in the command
|
||||
dockerCommandArgs.Add(DockerUtil.CreateEscapedOption("-e", env.Key));
|
||||
dockerCommandArgs.Add($"-e {env.Key}");
|
||||
}
|
||||
if (!string.IsNullOrEmpty(PrependPath))
|
||||
{
|
||||
|
||||
@@ -112,6 +112,7 @@ namespace GitHub.Runner.Worker
|
||||
foreach (var env in actionEnvironment)
|
||||
{
|
||||
envContext[env.Key] = new StringContextData(env.Value ?? string.Empty);
|
||||
step.ExecutionContext.StepEnvironmentOverrides.Add(env.Key);
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
|
||||
@@ -351,6 +351,18 @@ namespace GitHub.Services.Common.Diagnostics
|
||||
}
|
||||
}
|
||||
|
||||
[NonEvent]
|
||||
public void AuthenticationFailedOnFirstRequest(
|
||||
VssTraceActivity activity,
|
||||
HttpResponseMessage response)
|
||||
{
|
||||
if (IsEnabled())
|
||||
{
|
||||
SetActivityId(activity);
|
||||
WriteMessageEvent((Int32)response.StatusCode, response.Headers.ToString(), this.AuthenticationFailedOnFirstRequest);
|
||||
}
|
||||
}
|
||||
|
||||
[NonEvent]
|
||||
public void IssuedTokenProviderCreated(
|
||||
VssTraceActivity activity,
|
||||
@@ -451,7 +463,7 @@ namespace GitHub.Services.Common.Diagnostics
|
||||
[NonEvent]
|
||||
public void IssuedTokenInvalidated(
|
||||
VssTraceActivity activity,
|
||||
IssuedTokenProvider provider,
|
||||
IssuedTokenProvider provider,
|
||||
IssuedToken token)
|
||||
{
|
||||
if (IsEnabled())
|
||||
@@ -813,7 +825,7 @@ namespace GitHub.Services.Common.Diagnostics
|
||||
[Event(31, Keywords = Keywords.Authentication, Level = EventLevel.Warning, Task = Tasks.Authentication, Opcode = EventOpcode.Info, Message = "Retrieving an AAD auth token took a long time ({0} seconds)")]
|
||||
public void AuthorizationDelayed(string timespan)
|
||||
{
|
||||
if(IsEnabled(EventLevel.Warning, Keywords.Authentication))
|
||||
if (IsEnabled(EventLevel.Warning, Keywords.Authentication))
|
||||
{
|
||||
WriteEvent(31, timespan);
|
||||
}
|
||||
@@ -828,6 +840,17 @@ namespace GitHub.Services.Common.Diagnostics
|
||||
}
|
||||
}
|
||||
|
||||
[Event(33, Keywords = Keywords.Authentication, Level = EventLevel.Verbose, Task = Tasks.HttpRequest, Message = "Authentication failed on first request with status code {0}.%n{1}")]
|
||||
private void AuthenticationFailedOnFirstRequest(
|
||||
Int32 statusCode,
|
||||
String headers)
|
||||
{
|
||||
if (IsEnabled(EventLevel.Verbose, Keywords.Authentication))
|
||||
{
|
||||
WriteEvent(33, statusCode, headers);
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Sets the activity ID of the current thread.
|
||||
/// </summary>
|
||||
|
||||
@@ -251,7 +251,14 @@ namespace GitHub.Services.Common
|
||||
|
||||
// Invalidate the token and ensure that we have the correct token provider for the challenge
|
||||
// which we just received
|
||||
VssHttpEventSource.Log.AuthenticationFailed(traceActivity, response);
|
||||
if (retries < m_maxAuthRetries)
|
||||
{
|
||||
VssHttpEventSource.Log.AuthenticationFailed(traceActivity, response);
|
||||
}
|
||||
else
|
||||
{
|
||||
VssHttpEventSource.Log.AuthenticationFailedOnFirstRequest(traceActivity, response);
|
||||
}
|
||||
|
||||
if (provider != null)
|
||||
{
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
using System.Linq;
|
||||
using Newtonsoft.Json;
|
||||
using Newtonsoft.Json.Converters;
|
||||
using Newtonsoft.Json.Serialization;
|
||||
|
||||
namespace GitHub.Actions.Pipelines.WebApi
|
||||
{
|
||||
@@ -9,7 +10,7 @@ namespace GitHub.Actions.Pipelines.WebApi
|
||||
{
|
||||
public UnknownEnumJsonConverter()
|
||||
{
|
||||
this.CamelCaseText = true;
|
||||
this.NamingStrategy = new CamelCaseNamingStrategy();
|
||||
}
|
||||
|
||||
public override bool CanConvert(Type objectType)
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.Win32.Registry" Version="4.4.0" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.4" />
|
||||
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="5.2.1" />
|
||||
<PackageReference Include="System.Security.Cryptography.Cng" Version="4.4.0" />
|
||||
|
||||
@@ -84,7 +84,7 @@ namespace GitHub.Services.WebApi
|
||||
if (!enumsAsNumbers)
|
||||
{
|
||||
// Serialze enums as camelCased string values
|
||||
this.SerializerSettings.Converters.Add(new StringEnumConverter { CamelCaseText = true });
|
||||
this.SerializerSettings.Converters.Add(new StringEnumConverter { NamingStrategy = new CamelCaseNamingStrategy() });
|
||||
}
|
||||
|
||||
if (useMsDateFormat)
|
||||
|
||||
@@ -144,54 +144,5 @@ namespace GitHub.Runner.Common.Tests.Worker.Container
|
||||
var actual = DockerUtil.ParseRegistryHostnameFromImageName(input);
|
||||
Assert.Equal(expected, actual);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
[InlineData("", "")]
|
||||
[InlineData("foo", "foo")]
|
||||
[InlineData("foo \\ bar", "foo \\ bar")]
|
||||
[InlineData("foo \\", "foo \\\\")]
|
||||
[InlineData("foo \\\\", "foo \\\\\\\\")]
|
||||
[InlineData("foo \\\" bar", "foo \\\\\\\" bar")]
|
||||
[InlineData("foo \\\\\" bar", "foo \\\\\\\\\\\" bar")]
|
||||
public void CreateEscapedOption_keyOnly(string input, string escaped)
|
||||
{
|
||||
var flag = "--example";
|
||||
var actual = DockerUtil.CreateEscapedOption(flag, input);
|
||||
string expected;
|
||||
if (String.IsNullOrEmpty(input))
|
||||
{
|
||||
expected = "";
|
||||
}
|
||||
else
|
||||
{
|
||||
expected = $"{flag} \"{escaped}\"";
|
||||
}
|
||||
Assert.Equal(expected, actual);
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
[InlineData("foo", "bar", "foo=bar")]
|
||||
[InlineData("foo\\", "bar", "foo\\=bar")]
|
||||
[InlineData("foo\\", "bar\\", "foo\\=bar\\\\")]
|
||||
[InlineData("foo \\","bar \\", "foo \\=bar \\\\")]
|
||||
public void CreateEscapedOption_keyValue(string keyInput, string valueInput, string escapedString)
|
||||
{
|
||||
var flag = "--example";
|
||||
var actual = DockerUtil.CreateEscapedOption(flag, keyInput, valueInput);
|
||||
string expected;
|
||||
if (String.IsNullOrEmpty(keyInput))
|
||||
{
|
||||
expected = "";
|
||||
}
|
||||
else
|
||||
{
|
||||
expected = $"{flag} \"{escapedString}\"";
|
||||
}
|
||||
Assert.Equal(expected, actual);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -129,76 +129,7 @@ namespace GitHub.Runner.Common.Tests
|
||||
}
|
||||
}
|
||||
}
|
||||
#if OS_WINDOWS
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Common")]
|
||||
public async Task SetTestEnvWithNullInKey()
|
||||
{
|
||||
using (TestHostContext hc = new(this))
|
||||
{
|
||||
Tracing trace = hc.GetTrace();
|
||||
|
||||
Int32 exitCode = -1;
|
||||
var processInvoker = new ProcessInvokerWrapper();
|
||||
processInvoker.Initialize(hc);
|
||||
var stdout = new List<string>();
|
||||
var stderr = new List<string>();
|
||||
processInvoker.OutputDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
|
||||
{
|
||||
trace.Info(e.Data);
|
||||
stdout.Add(e.Data);
|
||||
};
|
||||
processInvoker.ErrorDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
|
||||
{
|
||||
trace.Info(e.Data);
|
||||
stderr.Add(e.Data);
|
||||
};
|
||||
|
||||
exitCode = await processInvoker.ExecuteAsync("", "cmd.exe", "/c \"echo %TEST%\"", new Dictionary<string, string>() { { "TEST\0second", "first" } }, CancellationToken.None);
|
||||
|
||||
|
||||
trace.Info("Exit Code: {0}", exitCode);
|
||||
Assert.Equal(0, exitCode);
|
||||
Assert.Equal("first", stdout.First(x => !string.IsNullOrWhiteSpace(x)));
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Common")]
|
||||
public async Task SetTestEnvWithNullInValue()
|
||||
{
|
||||
using (TestHostContext hc = new(this))
|
||||
{
|
||||
Tracing trace = hc.GetTrace();
|
||||
|
||||
Int32 exitCode = -1;
|
||||
var processInvoker = new ProcessInvokerWrapper();
|
||||
processInvoker.Initialize(hc);
|
||||
var stdout = new List<string>();
|
||||
var stderr = new List<string>();
|
||||
processInvoker.OutputDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
|
||||
{
|
||||
trace.Info(e.Data);
|
||||
stdout.Add(e.Data);
|
||||
};
|
||||
processInvoker.ErrorDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
|
||||
{
|
||||
trace.Info(e.Data);
|
||||
stderr.Add(e.Data);
|
||||
};
|
||||
|
||||
exitCode = await processInvoker.ExecuteAsync("", "cmd.exe", "/c \"echo %TEST%\"", new Dictionary<string, string>() { { "TEST", "first\0second" } }, CancellationToken.None);
|
||||
|
||||
trace.Info("Exit Code: {0}", exitCode);
|
||||
Assert.Equal(0, exitCode);
|
||||
Assert.Equal("first", stdout.First(x => !string.IsNullOrWhiteSpace(x)));
|
||||
|
||||
}
|
||||
}
|
||||
#endif
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Common")]
|
||||
|
||||
@@ -622,6 +622,7 @@ namespace GitHub.Runner.Common.Tests.Worker
|
||||
_stepContext.SetOutcome("", stepContext.Object.ContextName, (stepContext.Object.Outcome ?? stepContext.Object.Result ?? TaskResult.Succeeded).ToActionResult());
|
||||
_stepContext.SetConclusion("", stepContext.Object.ContextName, (stepContext.Object.Result ?? TaskResult.Succeeded).ToActionResult());
|
||||
});
|
||||
stepContext.Setup(x => x.StepEnvironmentOverrides).Returns(new List<string>());
|
||||
|
||||
stepContext.Setup(x => x.UpdateGlobalStepsContext()).Callback(() =>
|
||||
{
|
||||
|
||||
@@ -1 +1 @@
|
||||
2.293.2
|
||||
2.294.0
|
||||
|
||||
Reference in New Issue
Block a user