Update releaseVersion

* 293.1 release notes

* let make it a minor version bump

.github/workflows/release.yml

@@ -288,7 +288,6 @@ jobs:
         release_name: "v${{ steps.releaseNote.outputs.version }}"
         body: |
           ${{ steps.releaseNote.outputs.note }}
-        prerelease: true
 
     # Upload release assets (full runner packages)
     - name: Upload Release Asset (win-x64)

docs/start/envlinux.md

@@ -34,7 +34,7 @@ The `installdependencies.sh` script should install all required dependencies on
 
 Debian based OS (Debian, Ubuntu, Linux Mint)
 
-- liblttng-ust0
+- liblttng-ust1 or liblttng-ust0
 - libkrb5-3
 - zlib1g
 - libssl1.1, libssl1.0.2 or libssl1.0.0

releaseNote.md

@@ -1,9 +1,11 @@
 ## Features
+- Added support for a JIT runner config (#1925)
+- Added `ACTIONS_RUNNER_FORCE_ACTIONS_NODE_VERSION` env option to force actions to run on a specific node version (#1913)
 ## Bugs
-- Fixed an issue where container environment variables names or values could escape the docker command (#2108)
-- Sanitize Windows ENVs (#2280)
+- Fixed a bug where container hooks passed in path as a string rather then an array of strings (#1948)
 
 ## Misc
+- Minor cleanup of error messages when running container hooks (#1949)
 
 ## Windows x64
 We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows.

releaseVersion

@@ -1 +1 @@
-2.293.2
+2.294.0

src/Misc/layoutbin/installdependencies.sh

@@ -66,7 +66,7 @@ then
             fi
         fi
 
-        $apt_get update && $apt_get install -y liblttng-ust0 libkrb5-3 zlib1g
+        $apt_get update && $apt_get install -y libkrb5-3 zlib1g
         if [ $? -ne 0 ]
         then
             echo "'$apt_get' failed with exit code '$?'"
@@ -94,6 +94,14 @@ then
             fi
         }
 
+        apt_get_with_fallbacks liblttng-ust1 liblttng-ust0
+        if [ $? -ne 0 ]
+        then
+            echo "'$apt_get' failed with exit code '$?'"
+            print_errormessage
+            exit 1
+        fi
+
         apt_get_with_fallbacks libssl1.1$ libssl1.0.2$ libssl1.0.0$
         if [ $? -ne 0 ]
         then

src/Runner.Common/Constants.cs

@@ -90,6 +90,7 @@ namespace GitHub.Runner.Common
                 public static class Args
                 {
                     public static readonly string Auth = "auth";
+                    public static readonly string JitConfig = "jitconfig";
                     public static readonly string Labels = "labels";
                     public static readonly string MonitorSocketAddress = "monitorsocketaddress";
                     public static readonly string Name = "name";
@@ -241,6 +242,7 @@ namespace GitHub.Runner.Common
 
                 // Set this env var to "node12" to downgrade the node version for internal functions (e.g hashfiles). This does NOT affect the version of node actions.
                 public static readonly string ForcedInternalNodeVersion = "ACTIONS_RUNNER_FORCED_INTERNAL_NODE_VERSION"; 
+                public static readonly string ForcedActionsNodeVersion = "ACTIONS_RUNNER_FORCE_ACTIONS_NODE_VERSION"; 
             }
 
             public static class System

src/Runner.Common/RunServer.cs

@@ -17,7 +17,7 @@ namespace GitHub.Runner.Common
     {
         Task ConnectAsync(Uri serverUrl, VssCredentials credentials);
 
-        Task<AgentJobRequestMessage> GetJobMessageAsync(string id);
+        Task<AgentJobRequestMessage> GetJobMessageAsync(string id, CancellationToken token);
     }
 
     public sealed class RunServer : RunnerService, IRunServer
@@ -67,10 +67,40 @@ namespace GitHub.Runner.Common
             }
         }
 
-        public Task<AgentJobRequestMessage> GetJobMessageAsync(string id)
+        public Task<AgentJobRequestMessage> GetJobMessageAsync(string id, CancellationToken cancellationToken)
         {
             CheckConnection();
-            return _taskAgentClient.GetJobMessageAsync(id);
+            var jobMessage = RetryRequest<AgentJobRequestMessage>(async () =>
+                                                    {
+                                                        return await _taskAgentClient.GetJobMessageAsync(id, cancellationToken);
+                                                    }, cancellationToken);
+            return jobMessage;
+        }
+
+        private async Task<T> RetryRequest<T>(Func<Task<T>> func,
+                                              CancellationToken cancellationToken,
+                                              int maxRetryAttemptsCount = 5
+                                             )
+        {
+            var retryCount = 0;
+            while (true)
+            {
+                retryCount++;
+                cancellationToken.ThrowIfCancellationRequested();
+                try
+                {
+                    return await func();
+                }
+                // TODO: Add handling of non-retriable exceptions: https://github.com/github/actions-broker/issues/122
+                catch (Exception ex) when (retryCount < maxRetryAttemptsCount)
+                {
+                    Trace.Error("Catch exception during get full job message");
+                    Trace.Error(ex);
+                    var backOff = BackoffTimerHelper.GetRandomBackoff(TimeSpan.FromSeconds(5), TimeSpan.FromSeconds(15));
+                    Trace.Warning($"Back off {backOff.TotalSeconds} seconds before next retry. {maxRetryAttemptsCount - retryCount} attempt left.");
+                    await Task.Delay(backOff, cancellationToken);
+                }
+            }
         }
     }
 }

src/Runner.Common/Util/NodeUtil.cs

@@ -15,8 +15,14 @@ namespace GitHub.Runner.Common.Util
 
         public static string GetInternalNodeVersion()
         {
-            var forcedNodeVersion = Environment.GetEnvironmentVariable(Constants.Variables.Agent.ForcedInternalNodeVersion);
-            return !string.IsNullOrEmpty(forcedNodeVersion) && BuiltInNodeVersions.Contains(forcedNodeVersion) ? forcedNodeVersion : _defaultNodeVersion;
+            var forcedInternalNodeVersion = Environment.GetEnvironmentVariable(Constants.Variables.Agent.ForcedInternalNodeVersion);
+            var isForcedInternalNodeVersion = !string.IsNullOrEmpty(forcedInternalNodeVersion) && BuiltInNodeVersions.Contains(forcedInternalNodeVersion);
+
+            if (isForcedInternalNodeVersion)
+            {
+                return forcedInternalNodeVersion;
+            }
+            return _defaultNodeVersion;
         }
     }
 }

src/Runner.Listener/CommandSettings.cs

@@ -39,6 +39,7 @@ namespace GitHub.Runner.Listener
                     Constants.Runner.CommandLine.Flags.RunAsService,
                     Constants.Runner.CommandLine.Flags.Unattended,
                     Constants.Runner.CommandLine.Args.Auth,
+                    Constants.Runner.CommandLine.Args.JitConfig,
                     Constants.Runner.CommandLine.Args.Labels,
                     Constants.Runner.CommandLine.Args.MonitorSocketAddress,
                     Constants.Runner.CommandLine.Args.Name,
@@ -213,6 +214,12 @@ namespace GitHub.Runner.Listener
                 validator: Validators.AuthSchemeValidator);
         }
 
+        public string GetJitConfig()
+        {
+            return GetArg(
+                name: Constants.Runner.CommandLine.Args.JitConfig);
+        }
+
         public string GetRunnerName()
         {
             return GetArgOrPrompt(

src/Runner.Listener/Runner.cs

@@ -1,9 +1,11 @@
 using System;
 using System.Collections.Generic;
 using System.IO;
+using System.IO.Compression;
 using System.Linq;
 using System.Reflection;
 using System.Runtime.CompilerServices;
+using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
 using GitHub.DistributedTask.WebApi;
@@ -192,6 +194,30 @@ namespace GitHub.Runner.Listener
                     return Constants.Runner.ReturnCode.Success;
                 }
 
+                var base64JitConfig = command.GetJitConfig();
+                if (!string.IsNullOrEmpty(base64JitConfig))
+                {
+                    try
+                    {
+                        var decodedJitConfig = Encoding.UTF8.GetString(Convert.FromBase64String(base64JitConfig));
+                        var jitConfig = StringUtil.ConvertFromJson<Dictionary<string, string>>(decodedJitConfig);
+                        foreach (var config in jitConfig)
+                        {
+                            var configFile = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Root), config.Key);
+                            var configContent = Encoding.UTF8.GetString(Convert.FromBase64String(config.Value));
+                            File.WriteAllText(configFile, configContent, Encoding.UTF8);
+                            File.SetAttributes(configFile, File.GetAttributes(configFile) | FileAttributes.Hidden);
+                            Trace.Info($"Save {configContent.Length} chars to '{configFile}'.");
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        Trace.Error(ex);
+                        _term.WriteError(ex.Message);
+                        return Constants.Runner.ReturnCode.TerminatedError;
+                    }
+                }
+
                 RunnerSettings settings = configManager.LoadSettings();
 
                 var store = HostContext.GetService<IConfigurationStore>();
@@ -474,10 +500,9 @@ namespace GitHub.Runner.Listener
                                     var credMgr = HostContext.GetService<ICredentialManager>();
                                     var creds = credMgr.LoadCredentials();
 
-                                    // todo: add retries https://github.com/github/actions-broker/issues/49
                                     var runServer = HostContext.CreateService<IRunServer>();
                                     await runServer.ConnectAsync(new Uri(settings.ServerUrl), creds);
-                                    var jobMessage = await runServer.GetJobMessageAsync(messageRef.RunnerRequestId);
+                                    var jobMessage = await runServer.GetJobMessageAsync(messageRef.RunnerRequestId, messageQueueLoopTokenSource.Token);
 
                                     jobDispatcher.Run(jobMessage, runOnce);
                                     if (runOnce)

src/Runner.Sdk/ProcessInvoker.cs

@@ -264,17 +264,7 @@ namespace GitHub.Runner.Sdk
             {
                 foreach (KeyValuePair<string, string> kvp in environment)
                 {
-#if OS_WINDOWS
-                    string tempKey = String.IsNullOrWhiteSpace(kvp.Key) ? kvp.Key : kvp.Key.Split('\0')[0];
-                    string tempValue = String.IsNullOrWhiteSpace(kvp.Value) ? kvp.Value : kvp.Value.Split('\0')[0];
-                    if(!String.IsNullOrWhiteSpace(tempKey))
-                    {
-                         _proc.StartInfo.Environment[tempKey] = tempValue;
-                    }
-#else
                     _proc.StartInfo.Environment[kvp.Key] = kvp.Value;
-
-#endif
                 }
             }
 

src/Runner.Worker/Container/ContainerHooks/ContainerHookManager.cs

@@ -101,7 +101,7 @@ namespace GitHub.Runner.Worker.Container.ContainerHooks
                     EntryPointArgs = entryPointArgs.Split(' ').Select(arg => arg.Trim()),
                     EntryPoint = entryPoint,
                     EnvironmentVariables = environmentVariables,
-                    PrependPath = prependPath,
+                    PrependPath = context.Global.PrependPath.Reverse<string>(),
                     WorkingDirectory = workingDirectory,
                 },
                 State = context.Global.ContainerHookState
@@ -174,8 +174,7 @@ namespace GitHub.Runner.Worker.Container.ContainerHooks
             }
             catch (Exception ex)
             {
-                Trace.Error(ex);
-                throw new Exception($"Custom container implementation failed with error: {ex.Message} Please contact your self hosted runner administrator.", ex);
+                throw new Exception($"Executing the custom container implementation failed. Please contact your self hosted runner administrator.", ex);
             }
         }
 

src/Runner.Worker/Container/ContainerHooks/HookInput.cs

@@ -44,7 +44,7 @@ namespace GitHub.Runner.Worker.Container.ContainerHooks
         public IEnumerable<string> EntryPointArgs { get; set; }
         public string EntryPoint { get; set; }
         public IDictionary<string, string> EnvironmentVariables { get; set; }
-        public string PrependPath { get; set; }
+        public IEnumerable<string> PrependPath { get; set; }
         public string WorkingDirectory { get; set; }
         public bool IsRequireAlpineInResponse() => false;
     }

src/Runner.Worker/Container/DockerCommandManager.cs

@@ -131,11 +131,11 @@ namespace GitHub.Runner.Worker.Container
             {
                 if (String.IsNullOrEmpty(env.Value))
                 {
-                    dockerOptions.Add(DockerUtil.CreateEscapedOption("-e", env.Key));
+                    dockerOptions.Add($"-e \"{env.Key}\"");
                 }
                 else
                 {
-                    dockerOptions.Add(DockerUtil.CreateEscapedOption("-e", env.Key, env.Value));
+                    dockerOptions.Add($"-e \"{env.Key}={env.Value.Replace("\"", "\\\"")}\"");
                 }
             }
 
@@ -202,7 +202,7 @@ namespace GitHub.Runner.Worker.Container
             {
                 // e.g. -e MY_SECRET maps the value into the exec'ed process without exposing
                 // the value directly in the command
-                dockerOptions.Add(DockerUtil.CreateEscapedOption("-e", env.Key));
+                dockerOptions.Add($"-e {env.Key}");
             }
 
             // Watermark for GitHub Action environment

src/Runner.Worker/Container/DockerUtil.cs

@@ -6,9 +6,6 @@ namespace GitHub.Runner.Worker.Container
 {
     public class DockerUtil
     {
-        private static readonly Regex QuoteEscape = new Regex(@"(\\*)" + "\"", RegexOptions.Compiled);
-        private static readonly Regex EndOfStringEscape = new Regex(@"(\\+)$", RegexOptions.Compiled);
-
         public static List<PortMapping> ParseDockerPort(IList<string> portMappingLines)
         {
             const string targetPort = "targetPort";
@@ -64,44 +61,5 @@ namespace GitHub.Runner.Worker.Container
             }
             return "";
         }
-
-        public static string CreateEscapedOption(string flag, string key)
-        {
-            if (String.IsNullOrEmpty(key))
-            {
-                return "";
-            }
-            return $"{flag} {EscapeString(key)}";
-        }
-
-        public static string CreateEscapedOption(string flag, string key, string value)
-        {
-            if (String.IsNullOrEmpty(key))
-            {
-                return "";
-            }
-            var escapedString = EscapeString($"{key}={value}");
-            return $"{flag} {escapedString}";
-        }
-
-        private static string EscapeString(string value)
-        {
-            if (String.IsNullOrEmpty(value))
-            {
-                return "";
-            }
-            // Dotnet escaping rules are weird here, we can only escape \ if it precedes a "
-            // If a double quotation mark follows two or an even number of backslashes, each proceeding backslash pair is replaced with one backslash and the double quotation mark is removed.
-            // If a double quotation mark follows an odd number of backslashes, including just one, each preceding pair is replaced with one backslash and the remaining backslash is removed; however, in this case the double quotation mark is not removed.
-            // https://docs.microsoft.com/en-us/dotnet/api/system.environment.getcommandlineargs?redirectedfrom=MSDN&view=net-6.0#remarks
-
-            // First, find any \ followed by a " and double the number of \ + 1.
-             value = QuoteEscape.Replace(value, @"$1$1\" + "\"");
-            // Next, what if it ends in `\`, it would escape the end quote. So, we need to detect that at the end of the string and perform the same escape
-            // Luckily, we can just use the $ character with detects the end of string in regex
-            value = EndOfStringEscape.Replace(value, @"$1$1");
-            // Finally, wrap it in quotes
-            return $"\"{value}\"";
-        }
     }
 }

src/Runner.Worker/Handlers/NodeScriptActionHandler.cs

@@ -8,6 +8,7 @@ using GitHub.DistributedTask.Pipelines.ContextData;
 using GitHub.DistributedTask.WebApi;
 using GitHub.Runner.Common;
 using GitHub.Runner.Sdk;
+using GitHub.Runner.Common.Util;
 using GitHub.Runner.Worker.Container;
 using GitHub.Runner.Worker.Container.ContainerHooks;
 
@@ -104,6 +105,12 @@ namespace GitHub.Runner.Worker.Handlers
                 Data.NodeVersion = "node16";
             }
 #endif
+            string forcedNodeVersion = System.Environment.GetEnvironmentVariable(Constants.Variables.Agent.ForcedActionsNodeVersion);
+
+            if (forcedNodeVersion == "node16" && Data.NodeVersion != "node16")
+            {
+                Data.NodeVersion = "node16";
+            }
             var nodeRuntimeVersion = await StepHost.DetermineNodeRuntimeVersion(ExecutionContext, Data.NodeVersion);
             string file = Path.Combine(HostContext.GetDirectory(WellKnownDirectory.Externals), nodeRuntimeVersion, "bin", $"node{IOUtil.ExeExtension}");
 

src/Runner.Worker/Handlers/StepHost.cs

@@ -216,7 +216,7 @@ namespace GitHub.Runner.Worker.Handlers
             {
                 // e.g. -e MY_SECRET maps the value into the exec'ed process without exposing
                 // the value directly in the command
-                dockerCommandArgs.Add(DockerUtil.CreateEscapedOption("-e", env.Key));
+                dockerCommandArgs.Add($"-e {env.Key}");
             }
             if (!string.IsNullOrEmpty(PrependPath))
             {

src/Test/L0/Container/DockerUtilL0.cs

@@ -144,54 +144,5 @@ namespace GitHub.Runner.Common.Tests.Worker.Container
             var actual = DockerUtil.ParseRegistryHostnameFromImageName(input);
             Assert.Equal(expected, actual);
         }
-
-        [Theory]
-        [Trait("Level", "L0")]
-        [Trait("Category", "Worker")]
-        [InlineData("", "")]
-        [InlineData("foo", "foo")]
-        [InlineData("foo \\ bar", "foo \\ bar")]
-        [InlineData("foo \\", "foo \\\\")]
-        [InlineData("foo \\\\", "foo \\\\\\\\")]
-        [InlineData("foo \\\" bar", "foo \\\\\\\" bar")]
-        [InlineData("foo \\\\\" bar", "foo \\\\\\\\\\\" bar")]
-        public void CreateEscapedOption_keyOnly(string input, string escaped)
-        {
-            var flag = "--example";
-            var actual = DockerUtil.CreateEscapedOption(flag, input);
-            string expected;
-            if (String.IsNullOrEmpty(input))
-            {
-                expected = "";
-            }
-            else
-            {
-                expected = $"{flag} \"{escaped}\"";
-            }
-            Assert.Equal(expected, actual);
-        }
-
-        [Theory]
-        [Trait("Level", "L0")]
-        [Trait("Category", "Worker")]
-        [InlineData("foo", "bar", "foo=bar")]
-        [InlineData("foo\\", "bar", "foo\\=bar")]
-        [InlineData("foo\\", "bar\\", "foo\\=bar\\\\")]
-        [InlineData("foo \\","bar \\", "foo \\=bar \\\\")]
-        public void CreateEscapedOption_keyValue(string keyInput, string valueInput, string escapedString)
-        {
-            var flag = "--example";
-            var actual = DockerUtil.CreateEscapedOption(flag, keyInput, valueInput);
-            string expected;
-            if (String.IsNullOrEmpty(keyInput))
-            {
-                expected = "";
-            }
-            else
-            {
-                expected = $"{flag} \"{escapedString}\"";
-            }
-            Assert.Equal(expected, actual);
-        }
     }
 }

src/Test/L0/ProcessInvokerL0.cs

@@ -129,76 +129,7 @@ namespace GitHub.Runner.Common.Tests
                 }
             }
         }
-#if OS_WINDOWS
-        [Fact]
-        [Trait("Level", "L0")]
-        [Trait("Category", "Common")]
-        public async Task SetTestEnvWithNullInKey()
-        {
-            using (TestHostContext hc = new(this))
-            {
-                Tracing trace = hc.GetTrace();
 
-                Int32 exitCode = -1;
-                var processInvoker = new ProcessInvokerWrapper();
-                processInvoker.Initialize(hc);
-                var stdout = new List<string>();
-                var stderr = new List<string>();
-                processInvoker.OutputDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
-                {
-                    trace.Info(e.Data);
-                    stdout.Add(e.Data);
-                };
-                processInvoker.ErrorDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
-                {
-                    trace.Info(e.Data);
-                    stderr.Add(e.Data);
-                };
-
-                exitCode = await processInvoker.ExecuteAsync("", "cmd.exe", "/c \"echo %TEST%\"",  new Dictionary<string, string>() { { "TEST\0second", "first" } }, CancellationToken.None);
-
-
-                trace.Info("Exit Code: {0}", exitCode);
-                Assert.Equal(0, exitCode);
-                Assert.Equal("first", stdout.First(x => !string.IsNullOrWhiteSpace(x)));
-
-            }
-        }
-
-        [Fact]
-        [Trait("Level", "L0")]
-        [Trait("Category", "Common")]
-        public async Task SetTestEnvWithNullInValue()
-        {
-            using (TestHostContext hc = new(this))
-            {
-                Tracing trace = hc.GetTrace();
-
-                Int32 exitCode = -1;
-                var processInvoker = new ProcessInvokerWrapper();
-                processInvoker.Initialize(hc);
-                var stdout = new List<string>();
-                var stderr = new List<string>();
-                processInvoker.OutputDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
-                {
-                    trace.Info(e.Data);
-                    stdout.Add(e.Data);
-                };
-                processInvoker.ErrorDataReceived += (object sender, ProcessDataReceivedEventArgs e) =>
-                {
-                    trace.Info(e.Data);
-                    stderr.Add(e.Data);
-                };
-
-                exitCode = await processInvoker.ExecuteAsync("", "cmd.exe", "/c \"echo %TEST%\"",  new Dictionary<string, string>() { { "TEST", "first\0second" } }, CancellationToken.None);
-
-                trace.Info("Exit Code: {0}", exitCode);
-                Assert.Equal(0, exitCode);
-                Assert.Equal("first", stdout.First(x => !string.IsNullOrWhiteSpace(x)));
-
-            }
-        }
-#endif
         [Fact]
         [Trait("Level", "L0")]
         [Trait("Category", "Common")]

src/runnerversion

@@ -1 +1 @@
-2.293.2
+2.294.0