act VS setup-node

When it comes to the alternatives to tmate, there is another great debugging tool that you could check out. It is called act and it allows you to run GitHub Actions code on your local machine making debugging even easier. It has its own limitations and some learning curve but overall it is another tool you should use if you can’t fix the CI bugs by connecting directly into the running action with the tmate.

Link: https://github.com/nektos/act

Could you upload your build of GitHub's runner image to Docker Hub?

This would be quite useful for users of other GitHub Actions clones like act [0].

[0]: https://github.com/nektos/act

> These kinds of commit messages are typically an indicator of a broken process where somebody needs to commit to see something happen, like a deployment or build process, and aren't able to assert that stuff works locally.

This is one of my biggest pet peeves with services like github actions. Something running locally like "act" [1] isn't sufficient because it doesn't have everything github has and is extra friction anyway to get everyone to use it for testing.

[1] https://github.com/nektos/act

View on GitHub

If you use Github actions, act is incredibly useful. It can be used to test your GH actions, but also serves as an interface for running tasks locally.

That's something that often is difficult or basically impossible. Except for maybe GitHub actions through Act (https://github.com/nektos/act). I'd still lean to something in the yaml sphere if it eventually would be used in deployment pipelines and such. For example a solution incorporating ansible.

It also seems to me that the argument you make is mostly focused on the building step? Earthly certainly seems focused on that aspect.

I feel I'm being trolled, but I'll bite and accept the resulting downvotes

I don't think treating every mention of act as an opportunity for airing of personal grievances is helpful in a discussion when there's already ample reports of people's concrete issues with it, had one looked at the 800 issues in its repo https://github.com/nektos/act/issues?q=is%3Aissue or the 239 from gitea's for https://gitea.com/gitea/act_runner/issues or whatever is going on with Forgejo's fork https://code.forgejo.org/forgejo/act .

But, as for me specifically, there are two and a half answers: I wanted to run VSCodium's build locally, which act for sure puked about. Then, while trying to troubleshoot that, I thought I'd try something simpler and have it run the lint job from act's own repo <https://github.com/nektos/act/blob/1252e551b8672b1e16dc8835d...> to rule out "you're holding it wrong" type junk. It died with

  [checks/lint]     Failure - Main actions/setup-go@v3

https://twitter.com/mitsuhiko/status/1720410479141487099 :

> GitHub Actions currently charges $0.16 per minute* for the macOS M1 Runners. That comes out to $84,096 for 1 machine year*

GitHub Runner is written in Go; it fetches tasks from GitHub Actions and posts the results back to the Pull Request that spawned the build.

nektos/act is how Gitea Actions builds GitHub Actions workflow YAML build definition documents. https://github.com/nektos/act

https://twitter.com/MatthewCroughan/status/17200423527675700... :

> This is the macOS Ventura installer running in 30 VMs, in 30 #nix derivations at once. It gets the installer from Apple, automates the installation using Tesseract OCR and TCL Expect scripts. This is to test the repeatability. A single function call `makeDarwinImage`.

With a Multi-Stage Dockerfile/Containerfild, you can have a dev environment like xcode or gcc+make in the first stage that builds the package, and then the second stage the package is installed and tested, and then the package is signed and published to a package repo / app store / OCI container image repository.

SLSA now specifies builders for signing things correctly in CI builds with keys in RAM on the build workers.

"Build your own SLSA 3+ provenance builder on GitHub Actions" https://slsa.dev/blog/2023/08/bring-your-own-builder-github

Setup environment with Nodejs and install dependencies with npm install, with Github Actions setup Node

No, PR review isn't the only thing that prevents these from being updated. In the yml it's set to a release branch. So it isn't especially fallible.

https://github.com/actions/setup-node/tree/releases/v2

➜ getting-started-with-act git:(master) act -j build WARN ⚠ You are using Apple M1 chip and you have not specified container architecture, you might encounter issues while running act. If so, try running it with '--container-architecture linux/amd64'. ⚠ [Node.js CI/build] 🚀 Start image=node:16-buster-slim [Node.js CI/build] 🐳 docker pull image=node:16-buster-slim platform= username= forcePull=false [Node.js CI/build] 🐳 docker create image=node:16-buster-slim platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] [Node.js CI/build] 🐳 docker run image=node:16-buster-slim platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] [Node.js CI/build] ☁ git clone 'https://github.com/actions/setup-node' # ref=v3 [Node.js CI/build] ☁ git clone 'https://github.com/actions/cache' # ref=v3 [Node.js CI/build] ☁ git clone 'https://github.com/actions/upload-artifact' # ref=v3 [Node.js CI/build] ⭐ Run Main actions/checkout@v3 [Node.js CI/build] 🐳 docker cp src=/Users/andrewevans/Documents/projects/getting-started-with-act/. dst=/Users/andrewevans/Documents/projects/getting-started-with-act [Node.js CI/build] ✅ Success - Main actions/checkout@v3 [Node.js CI/build] ⭐ Run Main Use Node.js 16.x [Node.js CI/build] 🐳 docker cp src=/Users/andrewevans/.cache/act/actions-setup-node@v3/ dst=/var/run/act/actions/actions-setup-node@v3/ [Node.js CI/build] 🐳 docker exec cmd=[node /var/run/act/actions/actions-setup-node@v3/dist/setup/index.js] user= workdir= [Node.js CI/build] 💬 ::debug::isExplicit: [Node.js CI/build] 💬 ::debug::explicit? false

steps: # Check out the current repository code - uses: actions/checkout@v3 # 3. https://github.com/actions/setup-node#usage - name: Setup node and build Gatsby uses: actions/setup-node@v1 with: node-version: '16.x' cache: 'npm' - run: npm install # This triggers `gatsby build` script in "package.json" - run: npm run build # 4. Deploy the gatsby build to Netlify - name: Deploy to netlify uses: netlify/actions/cli@master env: NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} with: # 5. "gatsby build" creates "public" folder, which is what we are deploying args: deploy --dir=public --prod secrets: '["NETLIFY_AUTH_TOKEN", "NETLIFY_SITE_ID"]'

If you see repeated build or preparation steps that do not change when your codebase changes, look into caching the results. Here is a straightforward guide to caching, but also be aware caching is built into a lot of marketplace actions anyway, e.g. actions/setup-node can cache npm dependencies.

The most popular ones are Node.js, Python, Java JDK, Go, .Net Core SDK.

diff --git a/.github/workflows/gh-pages.yaml b/.github/workflows/gh-pages.yaml index 401fd33..3ddf6dd 100644 --- a/.github/workflows/gh-pages.yaml +++ b/.github/workflows/gh-pages.yaml @@ -11,42 +11,48 @@ on: jobs: deploy: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 + # Ensure that only a single job or workflow + # https://docs.github.com/en/actions/using-jobs/using-concurrency concurrency: + # workflow - The name of the workflow. + # ref - The branch or tag ref that triggered the workflow run. group: ${{ github.workflow }}-${{ github.ref }} steps: - uses: actions/checkout@v3 with: - submodules: true # Fetch Hugo themes (true OR recursive) fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod + # https://github.com/peaceiris/actions-hugo - name: Setup Hugo uses: peaceiris/actions-hugo@v2 with: - hugo-version: '0.91.2' - # extended: true + hugo-version: '0.101.0' + # https://github.com/actions/setup-node - name: Setup Node uses: actions/setup-node@v3 with: - node-version: '14' - - - name: Cache dependencies - uses: actions/cache@v2 - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-node- - - - run: npm ci + node-version: '18.7.0' + cache: npm + # The action defaults to search for the dependency file (package-lock.json, + # npm-shrinkwrap.json or yarn.lock) in the repository root, and uses its + # hash as a part of the cache key. + # https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#caching-packages-data + cache-dependency-path: ./blog/package-lock.json + + - name: Install npm dependencies + working-directory: ./blog/ + run: npm ci - name: Build - run: hugo --minify + working-directory: ./blog/ + run: npm run build + # https://github.com/peaceiris/actions-gh-pages - name: Deploy uses: peaceiris/actions-gh-pages@v3 if: ${{ github.ref == 'refs/heads/main' }} with: github_token: ${{ secrets.GITHUB_TOKEN }} - publish_dir: ./public + publish_dir: ./blog/src/public

Well, let’s consider the scenario we had with the DevHub. We were using the third-party action setup-node to install and configure the Node.js programming language. This action lets you specify the node version to install but it can’t be a dynamically acquired value. You either have to hardcode it or interpolate the value.

This is hitting workflows that use caching [1][2].

- [1] https://github.com/actions/setup-node/issues/516

- [2] https://github.com/actions/cache/issues/820

As of now (11:28 UTC) the status page has been updated.

https://www.githubstatus.com