nektos/act

Add support for `--no-container` to run windows/macos

chenrui333 opened this issue ยท 69 comments

Thanks for creating this wonderful tool. It would be nice to have MacOS also supported as well.

cplee commented

All steps for act run in a docker container...not sure how to accomplish that with MacOS runner. Would you want it to NOT use a container and just run the commands directly on the mac that act is running on?

Kinda related: Sometime I think you really don't want to run stuff in containers, for example when act is invoked in a container itself which contains the required software already. Not sure if this is in scope, but it would be kind of nice if it had a --no-container flag which would do what it does now, except for using the locally installed tools..

How feasible would this be?

cplee commented

I like the idea @fwilhe - would like to see a flag --no-container that runs all the steps directly on your local workstation, and assumes the right tools are installed. This would enable both windows and macos environments.

@cplee I have a rough but working implementation I'm using locally to test some macOS-based actions. It should also be easy enough to have it working in Windows. Please take a look here:

https://github.com/nektos/act/compare/master...albertofem:feature/running_on_host?expand=1

If you think this approach is good, I'll go ahead and make the PR once I have a better implementation and have tested extensively on both Mac and Windows.

cplee commented

@albertofem - this looks really promising! What do you think about also supporting --no-container to force the platform to be host?

@cplee,

I've been experimenting with running act inside GitHub Codespaces.

image

If there was a --no-container option to run actions on the host VM, that would be great!

Unfortunately the actions/setup-dotnet action is failing at the moment. I'm guessing this will be the same for many setup actions.

In my experience it is a viable workaround for failing setup actions to build a docker image that has everything your build needs. Provides you the same experience locally and in actions if you run your workflow in the image.

@fwilhe I did wonder about doing that. It's good to hear that it works well in practice!

Since you can optionally specify an image to use with Codespaces, this could be a good opportunity to sync-up build and development environments. ๐Ÿค”

@cplee Yes, I think the flag makes more sense for the general case rather than assuming non-supported hosts. I'm gonna rework my brach and come back as soon as I have something ready for review.

Issue is stale and will be closed in 7 days unless there is new activity

Not stale. Any updates?

Issue is stale and will be closed in 7 days unless there is new activity

Still watching and hoping. ๐Ÿ™‚

Issue is stale and will be closed in 7 days unless there is new activity

I still care!

Still care +1. This may also solve certain scenarios as in #119 and #107 without having to download a 20GB image.

Still care

vdo commented

I still care

Hi guys, can you please not spam/post unhelpful messages, it's creating unnecessary emails/notifications.
Stalebot has been adjusted and it won't close the issue so fast like it did before so there is no need to bump all the time in such short period of time.
as for the feature itself I'm working very slowly on implementing that in this (messy) branch: https://github.com/catthehacker/act-fork/tree/no-container

Issue is stale and will be closed in 14 days unless there is new activity

Not stale. Just busy. ๐Ÿ˜”

any way we could use this for macos on linux?
https://github.com/sickcodes/Docker-OSX

@hnspn act currently doesn't support running workflows without Docker.

Regarding the --no-container flag. I think it would best to run the non-linux runners in a VM instead of directly on the host. For Windows xhyve [1] can be used. It's a very lightweight hypervisor built on top of the Apple's Hypervisor framework. For macOS, there's another project called Anka [2] which also provides very lightweight VMs. I've used xhyve, but not for Windows guests. It's quite fast, a FreeBSD guest boots in around 10 seconds. I have not used Anka.

[1] https://github.com/machyve/xhyve
[2] https://veertu.com/download-anka-develop

That's too much work for such little project especially since what you linked, those projects are not written in Go so it will be hard to make them work together.
Docker supports Windows containers and that's something I want to implement but also give the ability to run actions directly on host.
If you would like to run them in VM, run act in VM.

Docker supports Windows containers

Isn't that only supported on Windows?

"Windows requires the host OS version to match the container OS version" [1] and:

$ uname
Darwin
$ docker run mcr.microsoft.com/windows/servercore:ltsc2019
Unable to find image 'mcr.microsoft.com/windows/servercore:ltsc2019' locally
ltsc2019: Pulling from windows/servercore
docker: no matching manifest for linux/amd64 in the manifest list entries.
See 'docker run --help'.

If you would like to run them in VM, run act in VM.

Yeah, that's a good point.

[1] https://hub.docker.com/_/microsoft-windows-base-os-images

Xhyve only works on macOS, I didn't think that through. Anka also only works on macOS but you're only allowed to virtualize macOS on a native Mac.

Isn't that only supported on Windows?

Yes, you can't run Windows Docker containers on any other OS than Windows since those don't have Windows kernel.
Just like Linux containers work only on Linux.

"Windows requires the host OS version to match the container OS version"

With Hyper-V isolation it's possible to run other versions of Windows OS containers.

$ uname
Darwin

Macs can't run anything on their own. Sorry.

Xhyve only works on macOS, I didn't think that through. Anka also only works on macOS but you're only allowed to virtualize macOS on a native Mac.

https://github.com/sickcodes/Docker-OSX
This is what I'm using for bare testing of MacOS, it kinda works but to run Docker (inside MacOS VM) you need Intel CPU for nested virtualisation
But I would like to not add any specific implementations for such weird hacks. All of that will work over SSH + DOCKER_HOST envvar.

https://github.com/sickcodes/Docker-OSX
This is what I'm using for bare testing of MacOS, it kinda works but to run Docker (inside MacOS VM) you need Intel CPU for nested virtualisation

I see.

Also, PSA: the issue is not stale. I didn't had much time to get back into drafting working PR (and because someone broke act on Windows which is my main dev machine, IntelliJ ๐Ÿ™ please make proper SSH remote dev support like VSCode) but I've written quite a plan regarding this and other features and how to handle them properly so we don't get stuck with weird flags and implementations in future, just waiting for @cplee feedback if it looks all good and maybe later do something similar publicly to get feedback.

Hi everyone,
Nice utility guys, really appreciate it.
But I've faced similar issue as the guys above, trying to run github actions on my local linux environment for package are going to be built for windows and macos.
So I've made little research and encountered Vagrant and Packer as kinda clues to how github actions could be mimiced fully locally.
Windows examples: https://github.com/devopsjourney1/packer-windows
Youtube explanation: https://www.youtube.com/watch?v=Cwk0ricWsiE

So, in the end of the day, I'd like to add my thoughts to this soup and I would be glad if they will help you and support for other platforms comes sooner. Hope if I'll be able to contribute in future :)

On the README.md at the project root, it says "Below platforms are currently unsupported and won't work (see issue #97)", which of course, is a link to this issue.

I don't really care about "--no-container", I just want to be able to use the "windows-latest" Docker image because that's what our GitHub actions use. That, of course, is if I'm understanding this (from our yml file) correctly.

    # Even though we build for multiple platforms, we only need to run
    # on a single host operating system. This is because we utilize cross-
    # build functionality of the dotnet build system.
    runs-on: windows-latest

Is this issue really related to this?

@jamiehankins

Is this issue really related to this?

Not sure what you mean by that, but dotnet is not related at all to this project.

Is this issue really related to this?

Not sure what you mean by that, but dotnet is not related at all to this project.

The README.md says "Below platforms are currently unsupported and won't work (see issue #97)". This is issue #97. One of the "(b)elow platforms" is "windows-latest".

I don't know what you mean by "dotnet is not related at all to this project." I'm not asking about dotnet. I'm asking how this issue is related to not being able to use the "windows-latest" Docker image, which is what my GitHub action needs.

Because running Windows docker containers is not implemented, that's why it says the platform is unsupported.

I am getting Skipping unsupported platform 'windows-latest' can this be fixed?

I am getting Skipping unsupported platform 'windows-latest' can this be fixed?

No, please read my messages above

I have read through the discussion above and making act run on windows-latest definitely seems complex, but an interesting thing would be allowing it to connect to an Azure VM at users' request by using their tokens and credentials and running it in a VM on their account where it syncs up if the user wants to use windows-latest as the image and can run the action in such a way.

The Azure SDK has a go version https://github.com/Azure/azure-sdk-for-go which can help in setting this up. Furthermore, the VM machine can either be allowed control by the user or can be managed by act through the SDK. Not sure if this is feasible or what makes this infeasible for the act. Would appreciate a response on either

There are multiple interesting ways of implementing this, each with pros & cons but all of them depend on being actually written/implemented first.

Not sure if this is feasible or what makes this infeasible for the act.

Most likely paying for the resources in Azure?

I have to get back on that but it's been so much more important (and easier) to fix current issues than to implement new features.

I started another atempt to implement something like --no-container as -P windows-latest=-self-hosted.
As of now it seems to be fully functional if you have node in version 12 in your PATH, before running it.
You cannot use any docker actions while using this self-hosted mode, this currently leads to undefined behavior.
You may have to change the default shell manually to cmd / pwsh or powershell on windows, because act doesn't check if bash exists.
actions/setup-node might alter the node version during a workflow run.
Some parts now even work on freebsd and other platforms (with stubbed docker support)
The self-hosted runner mode was tested by me on windows and freebsd.
I had to replace hardcoded file paths with dynamic ones and fix a huge number of bugs which aren't even reported yet.

PS C:\Users\Christopher\Downloads\acttest> ..\act.exe -P windows-latest=-self-hosted
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
[main.yml/windows] โญ  Run actions/checkout@v2
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
[main.yml/windows]   โœ…  Success - actions/checkout@v2
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:58+02:00" level=warning msg="unable to get git ref: unable to find git repo"
[main.yml/windows] โญ  Run echo Hello World3
| Hello World3
[main.yml/windows]   โœ…  Success - echo Hello World3
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git ref: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git ref: unable to find git repo"
[main.yml/windows] โญ  Run dir
|  Volume in Laufwerk C: hat keine Bezeichnung.
|  Volumeseriennummer: 3E61-C6BE
|
|  Verzeichnis von C:\Users\Christopher\.cache\act\d1a916d6-c77e-49f8-8f22-bd87a29e6deb\hostexecutor
|
| 30.06.2021  22:38    <DIR>          .
| 30.06.2021  22:38    <DIR>          ..
| 30.06.2021  22:38    <DIR>          .github
|                0 Datei(en),              0 Bytes
|                3 Verzeichnis(se), 28.663.570.432 Bytes frei
[main.yml/windows]   โœ…  Success - dir
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git ref: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git repo: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git revision: unable to find git repo"
time="2021-06-30T22:38:59+02:00" level=warning msg="unable to get git ref: unable to find git repo"
[main.yml/windows] โญ  Run type .github\workflows\main.yml
| on: push
| defaults:
|   run:
|     shell: cmd
| jobs:
|   windows:
|     runs-on: windows-latest
|     steps:
|     - uses: actions/checkout@v2
|     - run: echo Hello World3
|     - run: dir
[main.yml/windows]   โœ…  Success - type .github\workflows\main.yml
Error: error during connect: This error may indicate that the docker daemon is not running.: Get "http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.24/volumes": open //./pipe/docker_engine: Das System kann die angegebene Datei nicht finden.

If you are interested, you find the code in my fork and a prebuild of act based on act v0.2.23.
Used by my self-hosted runner prototype for github (feature request of act) to have a native freebsd runner.
If my modification of act will ever going to be merged, it most likly will take over 6 month (One of my PR depends on another one e.g. this depends on #719).

You all are clearly quite ahead of me but one more thought I'd like to add, perhaps adding support for qemu might be interesting. It would likely be a lot more work, but it would pave the way to for full macOS and Windows support.

qemu has absolutely terrible performance and breaks easily

Are the plans to add support for windows & mac still active?

I'm also wondering that...

Are the plans to add support for windows & mac still active?

The issue is not closed so...

You all are clearly quite ahead of me but one more thought I'd like to add, perhaps adding support for qemu might be interesting. It would likely be a lot more work, but it would pave the way to for full macOS and Windows support.

macOS on QEMU on KVM is against Apple EULA (End User License Agreement), FYI. This at least mean that support will be limited, and bug will be expected.

Not sure about Windows; perhaps they allow you to run Windows VM without a license?

macOS on QEMU on KVM is against Apple EULA

You're allowed to virtualize macOS on Apple hardware.

That's too much work for such little project especially since what you linked, those projects are not written in Go so it will be hard to make them work together.

How about https://github.com/penberg/go-osxhv? Direct cgo binding of Hypervisor Framework (i.e. the backend of xhyve).

macOS on QEMU on KVM is against Apple EULA (End User License Agreement), FYI. This at least mean that support will be limited, and bug will be expected.

Not sure about Windows; perhaps they allow you to run Windows VM without a license?

It's not up to this project to figure out licensing anyway. It's up to the individual user of it to ensure they don't run Windows and macOS against Microsoft/Apple ToS.

qemu has absolutely terrible performance and breaks easily

I guess when I said qemu I meant qemu-kvm which should provide near native speeds. I can't say much about it breaking easily though as I've always used it through frontends.

How about https://github.com/penberg/go-osxhv? Direct cgo binding of Hypervisor Framework (i.e. the backend of xhyve).

You would need to reimplement a hypervisor, basically what Xhyve and QEMU are already doing. Probably a huge amount of work.

Just to throw it out there: If โฌ‡๏ธ ever gets done then that might be another way to support Windows runners?

Perhaps a point others have considered. But why would running locally be the default for no-container, versus something like specifying an IP to a machine; which could just be a vagrant to use a VM to run in? I Feel like this must be what GitHub is doing anyway if they are providing a clean-room on every run. Just build a box (nee golden image); provide ssh to connect to and pull files from, run some commands. When done, run a command to "clean" the box (in case of a VM, stop it, delete it, spin up another for next-time command runs).

But why would running locally be the default for no-container, versus something like specifying an IP to a machine; which could just be a vagrant to use a VM to run in?

Because you can just use ssh and then act inside it. Sure it's less convenient, but re-implementing remote execution or implementing 3rd party lib adds a maintainenace burden and requires manpower.

I'm fairly certain the request is because this won't run windows or macosx regardless of them being in a vm, but okay. Thanks for quick response.

lotyp commented

Maybe this can help ? https://github.com/sickcodes/Docker-OSX

Run Mac OS X in Docker with near-native performance! X11 Forwarding! iMessage security research! iPhone USB working! > macOS in a Docker container!

This project is built on top of upstream project: https://github.com/kholia/OSX-KVM

Maybe this can help ? sickcodes/Docker-OSX

Run Mac OS X in Docker with near-native performance! X11 Forwarding! iMessage security research! iPhone USB working! > macOS in a Docker container!

This project is built on top of upstream project: kholia/OSX-KVM

Please read before posting. I already mentioned it and it doesn't solve the issue as it runs Docker inside Linux VM inside macOS VM as Docker container.

lotyp commented

Maybe this can help ? sickcodes/Docker-OSX

Run Mac OS X in Docker with near-native performance! X11 Forwarding! iMessage security research! iPhone USB working! > macOS in a Docker container!

This project is built on top of upstream project: kholia/OSX-KVM

Please read before posting. I already mentioned it and it doesn't solve the issue as it runs Docker inside Linux VM inside macOS VM as Docker container.

Sorry, but this thread is so long, and your answer was under spoiler. You can check that on this screen:

image

Just to let you know, on macOS, we're experimenting with a custom shim for bash that lets us employ local "runners" (setup from the pool of dedicated macOS users) over ssh. We did not get it to perfection atm, but you get the idea.

I finally created a PR of my non docker execution environment: #1293, based on my initial work #97 (comment)

This just runs commands on your host device, without any virtualization technology. If you want to exec commands on a VM, just download act to it and run it there. Docker actions are not supported.

Maybe you can help finding bugs, because it has limited test cases for non linux platforms.

As for Windows, we could go the route of Docker Desktop or the even cooler route of "forcing" docker to run inside a WSL 2 container so we then can have windows running WSL 2 which then has a docker instance to then run windows VMs.

what about https://hub.docker.com/_/microsoft-windows-base-os-images windows based images to have a "real" runner?

any updates?

I also need to run tests in macos. I want to build software that I hope can support.

TLDR;
act -P macos-latest=-self-hosted

For anybody looking at this in the future and wants to run their actions that require macOS like building and iOS app.
You can do it locally with that command.

I think this should be stated in the readme directly, you are linking this issue while the flag in the title does not exist

TLDR;
act -P macos-latest=-self-hosted

Is Windows support added too.. as like MacOS?

There are a lot more possibilities to use that experimental mode.

Just to name a few

act -P windows-latest=-self-hosted
act -P ubuntu-latest=-self-hosted
act -P macos-latest=-self-hosted
act -P freebsd-latest=-self-hosted

<label>=-self-hosted, <label> can be replaced by what you use in runs-on. Due to a bug in act choose only one of possible many labels of your runs-on. E.g. runs-on: [abc, bcd] both -P abc=-self-hosted and -P bcd=-self-hosted would work.

You must be running act on that operating system or it is logically wrong. The -self-hosted pseudo image platform is a replacement for the docker image normally used inside that option.

Problems with --no-container and why it doesn't exist yet.

  • What if you use a self-hosted Runner with a custom runner label?
  • Should act run all platforms on your host including those logging unsupported? That would run macOS jobs on a windows rost and vice versa.

Never heard from freebsd-latest? It's a possible platform like solaris, netbsd, plan9 and more in github-act-runner a self-hosted runner for GitHub Actions using their protocol for accepting jobs

This is experimental, almost no tests run in CI for macos and windows in that mode. I wouldn't use the word supported in this context

The ci checks of this experimental mode are not required, that means if dependablebot opens a PR whichs breaks the mode it will be merged without waiting for any maintainer