mirror of
https://gitea.com/gitea/act_runner.git
synced 2026-04-24 21:00:27 +08:00
15dd63a839
# Matrix Strategy: Support for Scalar Values and Template Expressions ## 🎯 Overview This Pull Request implements support for **scalar values and template expressions** in matrix strategies. Previously, every matrix value had to be declared as a YAML array — a bare scalar like `os: ubuntu-latest` or `version: ${{ fromJSON(...) }}` caused silent failures. Now, scalars are automatically wrapped into single-element arrays, enabling the `${{ fromJSON(...) }}` pattern that is commonly used in GitHub Actions workflows for dynamic matrix generation. ## ⚠️ Semantic Changes Two subtle behavior changes are introduced that are worth understanding: ### 1. Scalar matrix values now produce a 1-element matrix expansion **Before this PR:** A scalar value like ```yaml strategy: matrix: os: ubuntu-latest # no brackets ``` failed to decode as `map[string][]interface{}`, so `Matrix()` returned `nil`. The job ran **once, without any matrix context** (`matrix.os` was undefined). **After this PR:** The same input is wrapped to `["ubuntu-latest"]`. The job runs **one matrix iteration** with `matrix.os = "ubuntu-latest"` set. > **Impact on existing workflows:** Workflows that accidentally used bare scalars instead of arrays will now run with a matrix context where they previously did not. The functional result is usually the same, but `matrix.*` variables are now populated. This is considered an improvement, but is a semantic change. --- ### 2. Unevaluated template expressions fall back to a literal string value The actual resolution of `${{ fromJSON(needs.job1.outputs.versions) }}` into an array happens **before** `Matrix()` is called — in `EvaluateYamlNode` inside `pkg/runner/runner.go`. This PR does not change that evaluation path. If evaluation succeeds → the YAML node already contains a proper array → `Matrix()` decodes it normally. If evaluation **fails or is skipped** (e.g., expression not yet resolved) → the scalar string is now wrapped as `["${{ fromJSON(...) }}"]` → the job runs **one iteration with the literal unexpanded string** as the matrix value. > **Note:** The test `TestJobMatrix/matrix_with_template_expression` covers this fallback path, not the successful resolution path. The literal-wrap behavior is the fallback, not the primary mechanism for template expression support. --- ## 🔑 Key Changes ### 1. Flexible Matrix Decoding (`pkg/model/workflow.go`) #### New Helper Function: `normalizeMatrixValue` ```go func normalizeMatrixValue(key string, val interface{}) ([]interface{}, error) ``` - Converts a single matrix value to the expected array format - Handles three cases: 1. **Arrays**: Pass through unchanged 2. **Scalars**: Wrap in single-element array (including template expressions) 3. **Invalid types** (maps, etc.): Return error to detect misconfigurations early **Supported scalar types:** - `string` — including unevaluated template expressions - `int`, `float64` — numeric values - `bool` — boolean values - `nil` — null values #### Enhanced `Matrix()` Method **Before:** ```go func (j *Job) Matrix() map[string][]interface{} { if j.Strategy.RawMatrix.Kind == yaml.MappingNode { var val map[string][]interface{} if !decodeNode(j.Strategy.RawMatrix, &val) { return nil } return val } return nil } ``` **After:** ```go func (j *Job) Matrix() map[string][]interface{} { if j.Strategy == nil || j.Strategy.RawMatrix.Kind != yaml.MappingNode { return nil } // First decode to flexible map[string]interface{} to handle scalars and arrays var flexVal map[string]interface{} err := j.Strategy.RawMatrix.Decode(&flexVal) if err != nil { // If that fails, try the strict array format var val map[string][]interface{} if !decodeNode(j.Strategy.RawMatrix, &val) { return nil } return val } // Convert flexible format to expected format with validation val := make(map[string][]interface{}) for k, v := range flexVal { normalized, err := normalizeMatrixValue(k, v) if err != nil { log.Errorf("matrix validation error: %v", err) return nil } val[k] = normalized } return val } ``` **Key improvements:** - Handles unevaluated template expressions as scalar strings - Automatic conversion to array format for consistent processing - Validation to catch nested maps and invalid configurations - Fallback to strict array format decoding for backward compatibility - Early nil check for strategy to prevent nil pointer panics --- ## 🎁 Use Cases ### Example 1: Template Expression in Matrix (primary motivation) ```yaml jobs: setup: runs-on: ubuntu-latest outputs: versions: ${{ steps.version-map.outputs.versions }} steps: - id: version-map run: echo "versions=[\"1.17\",\"1.18\",\"1.19\"]" >> $GITHUB_OUTPUT test: needs: setup strategy: matrix: # EvaluateYamlNode resolves this to an array before Matrix() is called version: ${{ fromJSON(needs.setup.outputs.versions) }} runs-on: ubuntu-latest steps: - run: echo "Testing version ${{ matrix.version }}" ``` ### Example 2: Mixed Scalar and Array Values ```yaml jobs: build: strategy: matrix: os: [ubuntu-latest, windows-latest] # Array — unchanged go-version: 1.19 # Scalar — wrapped to [1.19] node: [14, 16, 18] # Array — unchanged runs-on: ${{ matrix.os }} ``` ### Example 3: Single Value Matrix ```yaml jobs: deploy: strategy: matrix: environment: production # Scalar — wrapped to ["production"] runs-on: ubuntu-latest ``` --- ## ✅ Benefits - ✨ **Feature Parity with GitHub Actions**: Supports template expressions in matrix strategies - 🔒 **Robust Validation**: Detects misconfigured matrices (nested maps) early - 🔄 **Backward Compatible**: Existing array-based workflows continue to work - 📝 **Clear Error Messages**: Helpful validation messages for debugging - 🛡️ **Type Safety**: Handles all YAML scalar types correctly --- ## 🚀 Breaking Changes **Technically none in a strictly backward-incompatible sense**, but two semantic changes exist (see [⚠️ Semantic Changes](#️-semantic-changes-read-before-merging) above): 1. Scalar matrix values now iterate (previously they caused a `nil` matrix / no iteration) 2. Unevaluated template strings now produce a literal iteration instead of skipping Both changes are improvements in practice, but downstream users should be aware. --- ## 📚 Related Work - Related Gitea Server PR: [go-gitea/gitea#36564](https://github.com/go-gitea/gitea/pull/36564) - Enables dynamic matrix generation from job outputs - Supports advanced CI/CD patterns used in GitHub Actions ## 🔗 References - [GitHub Actions: Matrix strategies](https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs) - [GitHub Actions: Expression syntax](https://docs.github.com/en/actions/learn-github-actions/expressions) - [GitHub Actions: `fromJSON` in matrix context](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix) Reviewed-on: https://gitea.com/gitea/act/pulls/149 Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com> Co-authored-by: Pascal Zimmermann <pascal.zimmermann@theiotstudio.com> Co-committed-by: Pascal Zimmermann <pascal.zimmermann@theiotstudio.com>
332 lines
14 KiB
Go
332 lines
14 KiB
Go
package runner
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"os"
|
|
"runtime"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/nektos/act/pkg/common"
|
|
"github.com/nektos/act/pkg/model"
|
|
|
|
docker_container "github.com/docker/docker/api/types/container"
|
|
log "github.com/sirupsen/logrus"
|
|
)
|
|
|
|
// Runner provides capabilities to run GitHub actions
|
|
type Runner interface {
|
|
NewPlanExecutor(plan *model.Plan) common.Executor
|
|
}
|
|
|
|
// Config contains the config for a new runner
|
|
type Config struct {
|
|
Actor string // the user that triggered the event
|
|
Workdir string // path to working directory
|
|
ActionCacheDir string // path used for caching action contents
|
|
ActionOfflineMode bool // when offline, use caching action contents
|
|
BindWorkdir bool // bind the workdir to the job container
|
|
EventName string // name of event to run
|
|
EventPath string // path to JSON file to use for event.json in containers
|
|
DefaultBranch string // name of the main branch for this repository
|
|
ReuseContainers bool // reuse containers to maintain state
|
|
ForcePull bool // force pulling of the image, even if already present
|
|
ForceRebuild bool // force rebuilding local docker image action
|
|
LogOutput bool // log the output from docker run
|
|
JSONLogger bool // use json or text logger
|
|
LogPrefixJobID bool // switches from the full job name to the job id
|
|
Env map[string]string // env for containers
|
|
Inputs map[string]string // manually passed action inputs
|
|
Secrets map[string]string // list of secrets
|
|
Vars map[string]string // list of vars
|
|
Token string // GitHub token
|
|
InsecureSecrets bool // switch hiding output when printing to terminal
|
|
Platforms map[string]string // list of platforms
|
|
Privileged bool // use privileged mode
|
|
UsernsMode string // user namespace to use
|
|
ContainerArchitecture string // Desired OS/architecture platform for running containers
|
|
ContainerDaemonSocket string // Path to Docker daemon socket
|
|
ContainerOptions string // Options for the job container
|
|
UseGitIgnore bool // controls if paths in .gitignore should not be copied into container, default true
|
|
GitHubInstance string // GitHub instance to use, default "github.com"
|
|
ContainerCapAdd []string // list of kernel capabilities to add to the containers
|
|
ContainerCapDrop []string // list of kernel capabilities to remove from the containers
|
|
AutoRemove bool // controls if the container is automatically removed upon workflow completion
|
|
ArtifactServerPath string // the path where the artifact server stores uploads
|
|
ArtifactServerAddr string // the address the artifact server binds to
|
|
ArtifactServerPort string // the port the artifact server binds to
|
|
NoSkipCheckout bool // do not skip actions/checkout
|
|
RemoteName string // remote name in local git repo config
|
|
ReplaceGheActionWithGithubCom []string // Use actions from GitHub Enterprise instance to GitHub
|
|
ReplaceGheActionTokenWithGithubCom string // Token of private action repo on GitHub.
|
|
Matrix map[string]map[string]bool // Matrix config to run
|
|
ContainerNetworkMode docker_container.NetworkMode // the network mode of job containers (the value of --network)
|
|
ActionCache ActionCache // Use a custom ActionCache Implementation
|
|
|
|
PresetGitHubContext *model.GithubContext // the preset github context, overrides some fields like DefaultBranch, Env, Secrets etc.
|
|
EventJSON string // the content of JSON file to use for event.json in containers, overrides EventPath
|
|
ContainerNamePrefix string // the prefix of container name
|
|
ContainerMaxLifetime time.Duration // the max lifetime of job containers
|
|
DefaultActionInstance string // the default actions web site
|
|
PlatformPicker func(labels []string) string // platform picker, it will take precedence over Platforms if isn't nil
|
|
JobLoggerLevel *log.Level // the level of job logger
|
|
ValidVolumes []string // only volumes (and bind mounts) in this slice can be mounted on the job container or service containers
|
|
InsecureSkipTLS bool // whether to skip verifying TLS certificate of the Gitea instance
|
|
MaxParallel int // max parallel jobs to run across all workflows (0 = no limit, uses CPU count)
|
|
}
|
|
|
|
// GetToken: Adapt to Gitea
|
|
func (c Config) GetToken() string {
|
|
token := c.Secrets["GITHUB_TOKEN"]
|
|
if c.Secrets["GITEA_TOKEN"] != "" {
|
|
token = c.Secrets["GITEA_TOKEN"]
|
|
}
|
|
return token
|
|
}
|
|
|
|
type caller struct {
|
|
runContext *RunContext
|
|
|
|
updateResultLock sync.Mutex // For Gitea
|
|
reusedWorkflowJobResults map[string]string // For Gitea
|
|
}
|
|
|
|
type runnerImpl struct {
|
|
config *Config
|
|
eventJSON string
|
|
caller *caller // the job calling this runner (caller of a reusable workflow)
|
|
}
|
|
|
|
// New Creates a new Runner
|
|
func New(runnerConfig *Config) (Runner, error) {
|
|
runner := &runnerImpl{
|
|
config: runnerConfig,
|
|
}
|
|
|
|
return runner.configure()
|
|
}
|
|
|
|
func (runner *runnerImpl) configure() (Runner, error) {
|
|
runner.eventJSON = "{}"
|
|
if runner.config.EventJSON != "" {
|
|
runner.eventJSON = runner.config.EventJSON
|
|
} else if runner.config.EventPath != "" {
|
|
log.Debugf("Reading event.json from %s", runner.config.EventPath)
|
|
eventJSONBytes, err := os.ReadFile(runner.config.EventPath)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
runner.eventJSON = string(eventJSONBytes)
|
|
} else if len(runner.config.Inputs) != 0 {
|
|
eventMap := map[string]map[string]string{
|
|
"inputs": runner.config.Inputs,
|
|
}
|
|
eventJSON, err := json.Marshal(eventMap)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
runner.eventJSON = string(eventJSON)
|
|
}
|
|
return runner, nil
|
|
}
|
|
|
|
// NewPlanExecutor ...
|
|
//
|
|
//nolint:gocyclo // function handles many cases
|
|
func (runner *runnerImpl) NewPlanExecutor(plan *model.Plan) common.Executor {
|
|
maxJobNameLen := 0
|
|
|
|
stagePipeline := make([]common.Executor, 0)
|
|
log.Debugf("Plan Stages: %v", plan.Stages)
|
|
|
|
for i := range plan.Stages {
|
|
stage := plan.Stages[i]
|
|
stagePipeline = append(stagePipeline, func(ctx context.Context) error {
|
|
pipeline := make([]common.Executor, 0)
|
|
for _, run := range stage.Runs {
|
|
log.Debugf("Stages Runs: %v", stage.Runs)
|
|
stageExecutor := make([]common.Executor, 0)
|
|
job := run.Job()
|
|
log.Debugf("Job.Name: %v", job.Name)
|
|
log.Debugf("Job.RawNeeds: %v", job.RawNeeds)
|
|
log.Debugf("Job.RawRunsOn: %v", job.RawRunsOn)
|
|
log.Debugf("Job.Env: %v", job.Env)
|
|
log.Debugf("Job.If: %v", job.If)
|
|
for step := range job.Steps {
|
|
if nil != job.Steps[step] {
|
|
log.Debugf("Job.Steps: %v", job.Steps[step].String())
|
|
}
|
|
}
|
|
log.Debugf("Job.TimeoutMinutes: %v", job.TimeoutMinutes)
|
|
log.Debugf("Job.Services: %v", job.Services)
|
|
log.Debugf("Job.Strategy: %v", job.Strategy)
|
|
log.Debugf("Job.RawContainer: %v", job.RawContainer)
|
|
log.Debugf("Job.Defaults.Run.Shell: %v", job.Defaults.Run.Shell)
|
|
log.Debugf("Job.Defaults.Run.WorkingDirectory: %v", job.Defaults.Run.WorkingDirectory)
|
|
log.Debugf("Job.Outputs: %v", job.Outputs)
|
|
log.Debugf("Job.Uses: %v", job.Uses)
|
|
log.Debugf("Job.With: %v", job.With)
|
|
// log.Debugf("Job.RawSecrets: %v", job.RawSecrets)
|
|
log.Debugf("Job.Result: %v", job.Result)
|
|
|
|
if job.Strategy != nil {
|
|
log.Debugf("Job.Strategy.FailFast: %v", job.Strategy.FailFast)
|
|
log.Debugf("Job.Strategy.MaxParallel: %v", job.Strategy.MaxParallel)
|
|
log.Debugf("Job.Strategy.FailFastString: %v", job.Strategy.FailFastString)
|
|
log.Debugf("Job.Strategy.MaxParallelString: %v", job.Strategy.MaxParallelString)
|
|
log.Debugf("Job.Strategy.RawMatrix: %v", job.Strategy.RawMatrix)
|
|
|
|
strategyRc := runner.newRunContext(ctx, run, nil)
|
|
// Resolve template expressions in the matrix node before Matrix() is called.
|
|
// On failure the literal string is kept and normalizeMatrixValue wraps it as a fallback.
|
|
if err := strategyRc.NewExpressionEvaluator(ctx).EvaluateYamlNode(ctx, &job.Strategy.RawMatrix); err != nil {
|
|
log.Errorf("Error while evaluating matrix: %v", err)
|
|
}
|
|
}
|
|
|
|
var matrixes []map[string]any
|
|
if m, err := job.GetMatrixes(); err != nil {
|
|
log.Errorf("Error while get job's matrix: %v", err)
|
|
} else {
|
|
log.Debugf("Job Matrices: %v", m)
|
|
log.Debugf("Runner Matrices: %v", runner.config.Matrix)
|
|
matrixes = selectMatrixes(m, runner.config.Matrix)
|
|
}
|
|
log.Debugf("Final matrix after applying user inclusions '%v'", matrixes)
|
|
|
|
maxParallel := 4
|
|
if job.Strategy != nil {
|
|
// Ensure GetMaxParallel() is called if MaxParallel is still 0
|
|
if job.Strategy.MaxParallel == 0 {
|
|
job.Strategy.MaxParallel = job.Strategy.GetMaxParallel()
|
|
}
|
|
maxParallel = job.Strategy.MaxParallel
|
|
log.Debugf("Using job.Strategy.MaxParallel: %d", maxParallel)
|
|
}
|
|
|
|
if len(matrixes) < maxParallel {
|
|
log.Debugf("Adjusting maxParallel from %d to %d (number of matrix combinations)", maxParallel, len(matrixes))
|
|
maxParallel = len(matrixes)
|
|
}
|
|
|
|
log.Infof("Running job with maxParallel=%d for %d matrix combinations", maxParallel, len(matrixes))
|
|
|
|
for i, matrix := range matrixes {
|
|
rc := runner.newRunContext(ctx, run, matrix)
|
|
rc.JobName = rc.Name
|
|
if len(matrixes) > 1 {
|
|
rc.Name = fmt.Sprintf("%s-%d", rc.Name, i+1)
|
|
}
|
|
if len(rc.String()) > maxJobNameLen {
|
|
maxJobNameLen = len(rc.String())
|
|
}
|
|
if rc.caller != nil { // For Gitea
|
|
rc.caller.setReusedWorkflowJobResult(rc.JobName, "pending")
|
|
}
|
|
stageExecutor = append(stageExecutor, func(ctx context.Context) error {
|
|
jobName := fmt.Sprintf("%-*s", maxJobNameLen, rc.String())
|
|
executor, err := rc.Executor()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return executor(common.WithJobErrorContainer(WithJobLogger(ctx, rc.Run.JobID, jobName, rc.Config, &rc.Masks, matrix)))
|
|
})
|
|
}
|
|
pipeline = append(pipeline, common.NewParallelExecutor(maxParallel, stageExecutor...))
|
|
}
|
|
|
|
// For pipeline execution:
|
|
// - If only 1 element: run it directly (no need for additional parallelization)
|
|
// - If multiple elements: run them in parallel up to maxParallel or ncpu
|
|
if len(pipeline) == 0 {
|
|
return nil
|
|
}
|
|
|
|
if len(pipeline) == 1 {
|
|
// Single run/job: execute directly without additional parallelization wrapper
|
|
// This ensures max-parallel is the only limiting factor
|
|
log.Debugf("Single pipeline element, executing directly")
|
|
return pipeline[0](ctx)
|
|
}
|
|
|
|
// Multiple runs/jobs: execute in parallel up to maxParallel (if set) or ncpu
|
|
parallelism := runtime.NumCPU()
|
|
|
|
// If MaxParallel is set in config, use it
|
|
if runner.config.MaxParallel > 0 {
|
|
parallelism = runner.config.MaxParallel
|
|
log.Debugf("Using configured max-parallel: %d", parallelism)
|
|
} else {
|
|
log.Debugf("Using CPU count for parallelism: %d", parallelism)
|
|
}
|
|
|
|
// Don't exceed the number of pipeline elements
|
|
if parallelism > len(pipeline) {
|
|
parallelism = len(pipeline)
|
|
}
|
|
|
|
log.Infof("Executing %d pipeline elements with parallelism %d", len(pipeline), parallelism)
|
|
return common.NewParallelExecutor(parallelism, pipeline...)(ctx)
|
|
})
|
|
}
|
|
|
|
return common.NewPipelineExecutor(stagePipeline...).Then(handleFailure(plan))
|
|
}
|
|
|
|
func handleFailure(plan *model.Plan) common.Executor {
|
|
return func(ctx context.Context) error {
|
|
for _, stage := range plan.Stages {
|
|
for _, run := range stage.Runs {
|
|
if run.Job().Result == "failure" {
|
|
return fmt.Errorf("Job '%s' failed", run.String())
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func selectMatrixes(originalMatrixes []map[string]any, targetMatrixValues map[string]map[string]bool) []map[string]any {
|
|
matrixes := make([]map[string]any, 0)
|
|
for _, original := range originalMatrixes {
|
|
flag := true
|
|
for key, val := range original {
|
|
if allowedVals, ok := targetMatrixValues[key]; ok {
|
|
valToString := fmt.Sprintf("%v", val)
|
|
if _, ok := allowedVals[valToString]; !ok {
|
|
flag = false
|
|
}
|
|
}
|
|
}
|
|
if flag {
|
|
matrixes = append(matrixes, original)
|
|
}
|
|
}
|
|
return matrixes
|
|
}
|
|
|
|
func (runner *runnerImpl) newRunContext(ctx context.Context, run *model.Run, matrix map[string]any) *RunContext {
|
|
rc := &RunContext{
|
|
Config: runner.config,
|
|
Run: run,
|
|
EventJSON: runner.eventJSON,
|
|
StepResults: make(map[string]*model.StepResult),
|
|
Matrix: matrix,
|
|
caller: runner.caller,
|
|
}
|
|
rc.ExprEval = rc.NewExpressionEvaluator(ctx)
|
|
rc.Name = rc.ExprEval.Interpolate(ctx, run.String())
|
|
|
|
return rc
|
|
}
|
|
|
|
// For Gitea
|
|
func (c *caller) setReusedWorkflowJobResult(jobName, result string) {
|
|
c.updateResultLock.Lock()
|
|
defer c.updateResultLock.Unlock()
|
|
c.reusedWorkflowJobResults[jobName] = result
|
|
}
|