feat: add option to bypass GHE for actions checkout (#1162)

* feat(#1161): add --through-action to assigned actions from GitHub

* docs(flags): add --through-action and --through-action-token flags description

* test(action, remote): add test case for ThroughAction

* refactor(command): rename command from --through-action to --actions-from-github

* refactor(command): rename command from --actions-from-github to --replace-ghe-action-with-github-com

README.md

@@ -159,42 +159,44 @@ It will save that information to `~/.actrc`, please refer to [Configuration](#co
 # Flags
 
 ```none
-  -a, --actor string                     user that triggered the event (default "nektos/act")
-      --artifact-server-path string      Defines the path where the artifact server stores uploads and retrieves downloads from. If not specified the artifact server will not start.
-      --artifact-server-port string      Defines the port where the artifact server listens (will only bind to localhost). (default "34567")
-  -b, --bind                             bind working directory to container, rather than copy
-      --container-architecture string    Architecture which should be used to run containers, e.g.: linux/amd64. If not specified, will use host default architecture. Requires Docker server API Version 1.41+. Ignored on earlier Docker server platforms.
-      --container-cap-add stringArray    kernel capabilities to add to the workflow containers (e.g. --container-cap-add SYS_PTRACE)
-      --container-cap-drop stringArray   kernel capabilities to remove from the workflow containers (e.g. --container-cap-drop SYS_PTRACE)
-      --container-daemon-socket string   Path to Docker daemon socket which will be mounted to containers (default "/var/run/docker.sock")
-      --defaultbranch string             the name of the main branch
-      --detect-event                     Use first event type from workflow as event that triggered the workflow
-  -C, --directory string                 working directory (default ".")
-  -n, --dryrun                           dryrun mode
-      --env stringArray                  env to make available to actions with optional value (e.g. --env myenv=foo or --env myenv)
-      --env-file string                  environment file to read and use as env in the containers (default ".env")
-  -e, --eventpath string                 path to event JSON file
-      --github-instance string           GitHub instance to use. Don't use this if you are not using GitHub Enterprise Server. (default "github.com")
-  -g, --graph                            draw workflows
-  -h, --help                             help for act
-      --insecure-secrets                 NOT RECOMMENDED! Doesn't hide secrets while printing logs.
-  -j, --job string                       run job
-  -l, --list                             list workflows
-      --no-recurse                       Flag to disable running workflows from subdirectories of specified path in '--workflows'/'-W' flag
-  -P, --platform stringArray             custom image to use per platform (e.g. -P ubuntu-18.04=nektos/act-environments-ubuntu:18.04)
-      --privileged                       use privileged mode
-  -p, --pull                             pull docker image(s) even if already present
-  -q, --quiet                            disable logging of output from steps
-      --rebuild                          rebuild local action docker image(s) even if already present
-  -r, --reuse                            don't remove container(s) on successfully completed workflow(s) to maintain state between runs
-      --rm                               automatically remove container(s)/volume(s) after a workflow(s) failure
-  -s, --secret stringArray               secret to make available to actions with optional value (e.g. -s mysecret=foo or -s mysecret)
-      --secret-file string               file with list of secrets to read from (e.g. --secret-file .secrets) (default ".secrets")
-      --use-gitignore                    Controls whether paths specified in .gitignore should be copied into container (default true)
-      --userns string                    user namespace to use
-  -v, --verbose                          verbose output
-  -w, --watch                            watch the contents of the local repo and run when files change
-  -W, --workflows string                 path to workflow file(s) (default "./.github/workflows/")
+  -a, --actor string                                user that triggered the event (default "nektos/act")
+      --replace-ghe-action-with-github-com          If you are using GitHub Enterprise Server and allow specified actions from GitHub (github.com), you can set actions on this. (e.g. --replace-ghe-action-with-github-com=github/super-linter)
+      --replace-ghe-action-token-with-github-com    If you are using replace-ghe-action-with-github-com and you want to use private actions on GitHub, you have to set personal access token
+      --artifact-server-path string                 Defines the path where the artifact server stores uploads and retrieves downloads from. If not specified the artifact server will not start.
+      --artifact-server-port string                 Defines the port where the artifact server listens (will only bind to localhost). (default "34567")
+  -b, --bind                                        bind working directory to container, rather than copy
+      --container-architecture string               Architecture which should be used to run containers, e.g.: linux/amd64. If not specified, will use host default architecture. Requires Docker server API Version 1.41+. Ignored on earlier Docker server platforms.
+      --container-cap-add stringArray               kernel capabilities to add to the workflow containers (e.g. --container-cap-add SYS_PTRACE)
+      --container-cap-drop stringArray              kernel capabilities to remove from the workflow containers (e.g. --container-cap-drop SYS_PTRACE)
+      --container-daemon-socket string              Path to Docker daemon socket which will be mounted to containers (default "/var/run/docker.sock")
+      --defaultbranch string                        the name of the main branch
+      --detect-event                                Use first event type from workflow as event that triggered the workflow
+  -C, --directory string                            working directory (default ".")
+  -n, --dryrun                                      dryrun mode
+      --env stringArray                             env to make available to actions with optional value (e.g. --env myenv=foo or --env myenv)
+      --env-file string                             environment file to read and use as env in the containers (default ".env")
+  -e, --eventpath string                            path to event JSON file
+      --github-instance string                      GitHub instance to use. Don't use this if you are not using GitHub Enterprise Server. (default "github.com")
+  -g, --graph                                       draw workflows
+  -h, --help                                        help for act
+      --insecure-secrets                            NOT RECOMMENDED! Doesn't hide secrets while printing logs.
+  -j, --job string                                  run job
+  -l, --list                                        list workflows
+      --no-recurse                                  Flag to disable running workflows from subdirectories of specified path in '--workflows'/'-W' flag
+  -P, --platform stringArray                        custom image to use per platform (e.g. -P ubuntu-18.04=nektos/act-environments-ubuntu:18.04)
+      --privileged                                  use privileged mode
+  -p, --pull                                        pull docker image(s) even if already present
+  -q, --quiet                                       disable logging of output from steps
+      --rebuild                                     rebuild local action docker image(s) even if already present
+  -r, --reuse                                       don't remove container(s) on successfully completed workflow(s) to maintain state between runs
+      --rm                                          automatically remove container(s)/volume(s) after a workflow(s) failure
+  -s, --secret stringArray                          secret to make available to actions with optional value (e.g. -s mysecret=foo or -s mysecret)
+      --secret-file string                          file with list of secrets to read from (e.g. --secret-file .secrets) (default ".secrets")
+      --use-gitignore                               Controls whether paths specified in .gitignore should be copied into container (default true)
+      --userns string                               user namespace to use
+  -v, --verbose                                     verbose output
+  -w, --watch                                       watch the contents of the local repo and run when files change
+  -W, --workflows string                            path to workflow file(s) (default "./.github/workflows/")
 ```
 
 ## `GITHUB_TOKEN`

cmd/input.go

@@ -8,39 +8,41 @@ import (
 
 // Input contains the input for the root command
 type Input struct {
-	actor                 string
-	workdir               string
-	workflowsPath         string
-	autodetectEvent       bool
-	eventPath             string
-	reuseContainers       bool
-	bindWorkdir           bool
-	secrets               []string
-	envs                  []string
-	platforms             []string
-	dryrun                bool
-	forcePull             bool
-	forceRebuild          bool
-	noOutput              bool
-	envfile               string
-	secretfile            string
-	insecureSecrets       bool
-	defaultBranch         string
-	privileged            bool
-	usernsMode            string
-	containerArchitecture string
-	containerDaemonSocket string
-	noWorkflowRecurse     bool
-	useGitIgnore          bool
-	githubInstance        string
-	containerCapAdd       []string
-	containerCapDrop      []string
-	autoRemove            bool
-	artifactServerPath    string
-	artifactServerPort    string
-	jsonLogger            bool
-	noSkipCheckout        bool
-	remoteName            string
+	actor                              string
+	workdir                            string
+	workflowsPath                      string
+	autodetectEvent                    bool
+	eventPath                          string
+	reuseContainers                    bool
+	bindWorkdir                        bool
+	secrets                            []string
+	envs                               []string
+	platforms                          []string
+	dryrun                             bool
+	forcePull                          bool
+	forceRebuild                       bool
+	noOutput                           bool
+	envfile                            string
+	secretfile                         string
+	insecureSecrets                    bool
+	defaultBranch                      string
+	privileged                         bool
+	usernsMode                         string
+	containerArchitecture              string
+	containerDaemonSocket              string
+	noWorkflowRecurse                  bool
+	useGitIgnore                       bool
+	githubInstance                     string
+	containerCapAdd                    []string
+	containerCapDrop                   []string
+	autoRemove                         bool
+	artifactServerPath                 string
+	artifactServerPort                 string
+	jsonLogger                         bool
+	noSkipCheckout                     bool
+	remoteName                         string
+	replaceGheActionWithGithubCom      []string
+	replaceGheActionTokenWithGithubCom string
 }
 
 func (i *Input) resolve(path string) string {

cmd/root.go

@@ -61,6 +61,8 @@ func Execute(ctx context.Context, version string) {
 	rootCmd.Flags().StringArrayVarP(&input.containerCapAdd, "container-cap-add", "", []string{}, "kernel capabilities to add to the workflow containers (e.g. --container-cap-add SYS_PTRACE)")
 	rootCmd.Flags().StringArrayVarP(&input.containerCapDrop, "container-cap-drop", "", []string{}, "kernel capabilities to remove from the workflow containers (e.g. --container-cap-drop SYS_PTRACE)")
 	rootCmd.Flags().BoolVar(&input.autoRemove, "rm", false, "automatically remove container(s)/volume(s) after a workflow(s) failure")
+	rootCmd.Flags().StringArrayVarP(&input.replaceGheActionWithGithubCom, "replace-ghe-action-with-github-com", "", []string{}, "If you are using GitHub Enterprise Server and allow specified actions from GitHub (github.com), you can set actions on this. (e.g. --replace-ghe-action-with-github-com =github/super-linter)")
+	rootCmd.Flags().StringVar(&input.replaceGheActionTokenWithGithubCom, "replace-ghe-action-token-with-github-com", "", "If you are using replace-ghe-action-with-github-com  and you want to use private actions on GitHub, you have to set personal access token")
 	rootCmd.PersistentFlags().StringVarP(&input.actor, "actor", "a", "nektos/act", "user that triggered the event")
 	rootCmd.PersistentFlags().StringVarP(&input.workflowsPath, "workflows", "W", "./.github/workflows/", "path to workflow file(s)")
 	rootCmd.PersistentFlags().BoolVarP(&input.noWorkflowRecurse, "no-recurse", "", false, "Flag to disable running workflows from subdirectories of specified path in '--workflows'/'-W' flag")
@@ -370,35 +372,37 @@ func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []str
 
 		// run the plan
 		config := &runner.Config{
-			Actor:                 input.actor,
-			EventName:             eventName,
-			EventPath:             input.EventPath(),
-			DefaultBranch:         defaultbranch,
-			ForcePull:             input.forcePull,
-			ForceRebuild:          input.forceRebuild,
-			ReuseContainers:       input.reuseContainers,
-			Workdir:               input.Workdir(),
-			BindWorkdir:           input.bindWorkdir,
-			LogOutput:             !input.noOutput,
-			JSONLogger:            input.jsonLogger,
-			Env:                   envs,
-			Secrets:               secrets,
-			Token:                 secrets["GITHUB_TOKEN"],
-			InsecureSecrets:       input.insecureSecrets,
-			Platforms:             input.newPlatforms(),
-			Privileged:            input.privileged,
-			UsernsMode:            input.usernsMode,
-			ContainerArchitecture: input.containerArchitecture,
-			ContainerDaemonSocket: input.containerDaemonSocket,
-			UseGitIgnore:          input.useGitIgnore,
-			GitHubInstance:        input.githubInstance,
-			ContainerCapAdd:       input.containerCapAdd,
-			ContainerCapDrop:      input.containerCapDrop,
-			AutoRemove:            input.autoRemove,
-			ArtifactServerPath:    input.artifactServerPath,
-			ArtifactServerPort:    input.artifactServerPort,
-			NoSkipCheckout:        input.noSkipCheckout,
-			RemoteName:            input.remoteName,
+			Actor:                              input.actor,
+			EventName:                          eventName,
+			EventPath:                          input.EventPath(),
+			DefaultBranch:                      defaultbranch,
+			ForcePull:                          input.forcePull,
+			ForceRebuild:                       input.forceRebuild,
+			ReuseContainers:                    input.reuseContainers,
+			Workdir:                            input.Workdir(),
+			BindWorkdir:                        input.bindWorkdir,
+			LogOutput:                          !input.noOutput,
+			JSONLogger:                         input.jsonLogger,
+			Env:                                envs,
+			Secrets:                            secrets,
+			Token:                              secrets["GITHUB_TOKEN"],
+			InsecureSecrets:                    input.insecureSecrets,
+			Platforms:                          input.newPlatforms(),
+			Privileged:                         input.privileged,
+			UsernsMode:                         input.usernsMode,
+			ContainerArchitecture:              input.containerArchitecture,
+			ContainerDaemonSocket:              input.containerDaemonSocket,
+			UseGitIgnore:                       input.useGitIgnore,
+			GitHubInstance:                     input.githubInstance,
+			ContainerCapAdd:                    input.containerCapAdd,
+			ContainerCapDrop:                   input.containerCapDrop,
+			AutoRemove:                         input.autoRemove,
+			ArtifactServerPath:                 input.artifactServerPath,
+			ArtifactServerPort:                 input.artifactServerPort,
+			NoSkipCheckout:                     input.noSkipCheckout,
+			RemoteName:                         input.remoteName,
+			ReplaceGheActionWithGithubCom:      input.replaceGheActionWithGithubCom,
+			ReplaceGheActionTokenWithGithubCom: input.replaceGheActionTokenWithGithubCom,
 		}
 		r, err := runner.New(config)
 		if err != nil {