Merge tag 'nektos/v0.2.60'

2024-03-25 16:58:11 +08:00
parent a28ebf0a48 d3c8664d3d
commit 79a7577c15
58 changed files with 1662 additions and 935 deletions
--- a/pkg/container/container_types.go
+++ b/pkg/container/container_types.go
@@ -4,34 +4,36 @@ import (
 	"context"
 	"io"

+	"github.com/docker/go-connections/nat"
 	"github.com/nektos/act/pkg/common"
 )

 // NewContainerInput the input for the New function
 type NewContainerInput struct {
-	Image       string
-	Username    string
-	Password    string
-	Entrypoint  []string
-	Cmd         []string
-	WorkingDir  string
-	Env         []string
-	Binds       []string
-	Mounts      map[string]string
-	Name        string
-	Stdout      io.Writer
-	Stderr      io.Writer
-	NetworkMode string
-	Privileged  bool
-	UsernsMode  string
-	Platform    string
-	Options     string
+	Image          string
+	Username       string
+	Password       string
+	Entrypoint     []string
+	Cmd            []string
+	WorkingDir     string
+	Env            []string
+	Binds          []string
+	Mounts         map[string]string
+	Name           string
+	Stdout         io.Writer
+	Stderr         io.Writer
+	NetworkMode    string
+	Privileged     bool
+	UsernsMode     string
+	Platform       string
+	Options        string
+	NetworkAliases []string
+	ExposedPorts   nat.PortSet
+	PortBindings   nat.PortMap

 	// Gitea specific
-	AutoRemove bool
-
-	NetworkAliases []string
-	ValidVolumes   []string
+	AutoRemove   bool
+	ValidVolumes []string
 }

 // FileEntry is a file to copy to a container
--- a/pkg/container/docker_auth.go
+++ b/pkg/container/docker_auth.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_build.go
+++ b/pkg/container/docker_build.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_cli.go
+++ b/pkg/container/docker_cli.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 // This file is exact copy of https://github.com/docker/cli/blob/9ac8584acfd501c3f4da0e845e3a40ed15c85041/cli/command/container/opts.go
 // appended with license information.
--- a/pkg/container/docker_images.go
+++ b/pkg/container/docker_images.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_logger.go
+++ b/pkg/container/docker_logger.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_network.go
+++ b/pkg/container/docker_network.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

@@ -15,6 +15,20 @@ func NewDockerNetworkCreateExecutor(name string) common.Executor {
 		if err != nil {
 			return err
 		}
+		defer cli.Close()
+
+		// Only create the network if it doesn't exist
+		networks, err := cli.NetworkList(ctx, types.NetworkListOptions{})
+		if err != nil {
+			return err
+		}
+		common.Logger(ctx).Debugf("%v", networks)
+		for _, network := range networks {
+			if network.Name == name {
+				common.Logger(ctx).Debugf("Network %v exists", name)
+				return nil
+			}
+		}

 		_, err = cli.NetworkCreate(ctx, name, types.NetworkCreate{
 			Driver: "bridge",
@@ -34,7 +48,32 @@ func NewDockerNetworkRemoveExecutor(name string) common.Executor {
 		if err != nil {
 			return err
 		}
+		defer cli.Close()

-		return cli.NetworkRemove(ctx, name)
+		// Make shure that all network of the specified name are removed
+		// cli.NetworkRemove refuses to remove a network if there are duplicates
+		networks, err := cli.NetworkList(ctx, types.NetworkListOptions{})
+		if err != nil {
+			return err
+		}
+		common.Logger(ctx).Debugf("%v", networks)
+		for _, network := range networks {
+			if network.Name == name {
+				result, err := cli.NetworkInspect(ctx, network.ID, types.NetworkInspectOptions{})
+				if err != nil {
+					return err
+				}
+
+				if len(result.Containers) == 0 {
+					if err = cli.NetworkRemove(ctx, network.ID); err != nil {
+						common.Logger(ctx).Debugf("%v", err)
+					}
+				} else {
+					common.Logger(ctx).Debugf("Refusing to remove network %v because it still has active endpoints", name)
+				}
+			}
+		}
+
+		return err
 	}
 }
--- a/pkg/container/docker_pull.go
+++ b/pkg/container/docker_pull.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_run.go
+++ b/pkg/container/docker_run.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

@@ -38,6 +38,7 @@ import (
 	"golang.org/x/term"

 	"github.com/nektos/act/pkg/common"
+	"github.com/nektos/act/pkg/filecollector"
 )

 // NewContainer creates a reference to a container
@@ -86,7 +87,7 @@ func supportsContainerImagePlatform(ctx context.Context, cli client.APIClient) b

 func (cr *containerReference) Create(capAdd []string, capDrop []string) common.Executor {
 	return common.
-		NewInfoExecutor("%sdocker create image=%s platform=%s entrypoint=%+q cmd=%+q", logPrefix, cr.input.Image, cr.input.Platform, cr.input.Entrypoint, cr.input.Cmd).
+		NewInfoExecutor("%sdocker create image=%s platform=%s entrypoint=%+q cmd=%+q network=%+q", logPrefix, cr.input.Image, cr.input.Platform, cr.input.Entrypoint, cr.input.Cmd, cr.input.NetworkMode).
 		Then(
 			common.NewPipelineExecutor(
 				cr.connect(),
@@ -98,7 +99,7 @@ func (cr *containerReference) Create(capAdd []string, capDrop []string) common.E

 func (cr *containerReference) Start(attach bool) common.Executor {
 	return common.
-		NewInfoExecutor("%sdocker run image=%s platform=%s entrypoint=%+q cmd=%+q", logPrefix, cr.input.Image, cr.input.Platform, cr.input.Entrypoint, cr.input.Cmd).
+		NewInfoExecutor("%sdocker run image=%s platform=%s entrypoint=%+q cmd=%+q network=%+q", logPrefix, cr.input.Image, cr.input.Platform, cr.input.Entrypoint, cr.input.Cmd, cr.input.NetworkMode).
 		Then(
 			common.NewPipelineExecutor(
 				cr.connect(),
@@ -260,8 +261,10 @@ func RunnerArch(ctx context.Context) string {

 	archMapper := map[string]string{
 		"x86_64":  "X64",
+		"amd64":   "X64",
 		"386":     "X86",
 		"aarch64": "ARM64",
+		"arm64":   "ARM64",
 	}
 	if arch, ok := archMapper[info.Architecture]; ok {
 		return arch
@@ -365,15 +368,25 @@ func (cr *containerReference) mergeContainerConfigs(ctx context.Context, config
 		return nil, nil, fmt.Errorf("Cannot parse container options: '%s': '%w'", input.Options, err)
 	}

-	// If a service container's network is set to `host`, the container will not be able to
-	// connect to the specified network created for the job container and the service containers.
-	// So comment out the following code.
-
+	// FIXME: If everything is fine after gitea/act v0.260.0, remove the following comment.
+	// In the old fork version, the code is
 	// if len(copts.netMode.Value()) == 0 {
 	// 	if err = copts.netMode.Set("host"); err != nil {
 	// 		return nil, nil, fmt.Errorf("Cannot parse networkmode=host. This is an internal error and should not happen: '%w'", err)
 	// 	}
 	// }
+	// And it has been commented with:
+	//   If a service container's network is set to `host`, the container will not be able to
+	//   connect to the specified network created for the job container and the service containers.
+	//   So comment out the following code.
+	// Not the if it's necessary to comment it in the new version,
+	// since it's cr.input.NetworkMode now.
+
+	if len(copts.netMode.Value()) == 0 {
+		if err = copts.netMode.Set(cr.input.NetworkMode); err != nil {
+			return nil, nil, fmt.Errorf("Cannot parse networkmode=%s. This is an internal error and should not happen: '%w'", cr.input.NetworkMode, err)
+		}
+	}

 	// If the `privileged` config has been disabled, `copts.privileged` need to be forced to false,
 	// even if the user specifies `--privileged` in the options string.
@@ -426,10 +439,11 @@ func (cr *containerReference) create(capAdd []string, capDrop []string) common.E
 		input := cr.input

 		config := &container.Config{
-			Image:      input.Image,
-			WorkingDir: input.WorkingDir,
-			Env:        input.Env,
-			Tty:        isTerminal,
+			Image:        input.Image,
+			WorkingDir:   input.WorkingDir,
+			Env:          input.Env,
+			ExposedPorts: input.ExposedPorts,
+			Tty:          isTerminal,
 		}
 		logger.Debugf("Common container.Config ==> %+v", config)

@@ -465,14 +479,15 @@ func (cr *containerReference) create(capAdd []string, capDrop []string) common.E
 		}

 		hostConfig := &container.HostConfig{
-			CapAdd:      capAdd,
-			CapDrop:     capDrop,
-			Binds:       input.Binds,
-			Mounts:      mounts,
-			NetworkMode: container.NetworkMode(input.NetworkMode),
-			Privileged:  input.Privileged,
-			UsernsMode:  container.UsernsMode(input.UsernsMode),
-			AutoRemove:  input.AutoRemove,
+			CapAdd:       capAdd,
+			CapDrop:      capDrop,
+			Binds:        input.Binds,
+			Mounts:       mounts,
+			NetworkMode:  container.NetworkMode(input.NetworkMode),
+			Privileged:   input.Privileged,
+			UsernsMode:   container.UsernsMode(input.UsernsMode),
+			PortBindings: input.PortBindings,
+			AutoRemove:   input.AutoRemove,
 		}
 		logger.Debugf("Common container.HostConfig ==> %+v", hostConfig)

@@ -484,10 +499,11 @@ func (cr *containerReference) create(capAdd []string, capDrop []string) common.E
 		// For Gitea
 		config, hostConfig = cr.sanitizeConfig(ctx, config, hostConfig)

-		// For Gitea
-		// network-scoped alias is supported only for containers in user defined networks
 		var networkingConfig *network.NetworkingConfig
-		if hostConfig.NetworkMode.IsUserDefined() && len(input.NetworkAliases) > 0 {
+		logger.Debugf("input.NetworkAliases ==> %v", input.NetworkAliases)
+		n := hostConfig.NetworkMode
+		// IsUserDefined and IsHost are broken on windows
+		if n.IsUserDefined() && n != "host" && len(input.NetworkAliases) > 0 {
 			endpointConfig := &network.EndpointSettings{
 				Aliases: input.NetworkAliases,
 			}
@@ -709,10 +725,28 @@ func (cr *containerReference) waitForCommand(ctx context.Context, isTerminal boo
 }

 func (cr *containerReference) CopyTarStream(ctx context.Context, destPath string, tarStream io.Reader) error {
-	err := cr.cli.CopyToContainer(ctx, cr.id, destPath, tarStream, types.CopyToContainerOptions{})
+	// Mkdir
+	buf := &bytes.Buffer{}
+	tw := tar.NewWriter(buf)
+	_ = tw.WriteHeader(&tar.Header{
+		Name:     destPath,
+		Mode:     777,
+		Typeflag: tar.TypeDir,
+	})
+	tw.Close()
+	err := cr.cli.CopyToContainer(ctx, cr.id, "/", buf, types.CopyToContainerOptions{})
+	if err != nil {
+		return fmt.Errorf("failed to mkdir to copy content to container: %w", err)
+	}
+	// Copy Content
+	err = cr.cli.CopyToContainer(ctx, cr.id, destPath, tarStream, types.CopyToContainerOptions{})
 	if err != nil {
 		return fmt.Errorf("failed to copy content to container: %w", err)
 	}
+	// If this fails, then folders have wrong permissions on non root container
+	if cr.UID != 0 || cr.GID != 0 {
+		_ = cr.Exec([]string{"chown", "-R", fmt.Sprintf("%d:%d", cr.UID, cr.GID), destPath}, nil, "0", "")(ctx)
+	}
 	return nil
 }

@@ -753,12 +787,12 @@ func (cr *containerReference) copyDir(dstPath string, srcPath string, useGitIgno
 			ignorer = gitignore.NewMatcher(ps)
 		}

-		fc := &fileCollector{
-			Fs:        &defaultFs{},
+		fc := &filecollector.FileCollector{
+			Fs:        &filecollector.DefaultFs{},
 			Ignorer:   ignorer,
 			SrcPath:   srcPath,
 			SrcPrefix: srcPrefix,
-			Handler: &tarCollector{
+			Handler: &filecollector.TarCollector{
 				TarWriter: tw,
 				UID:       cr.UID,
 				GID:       cr.GID,
@@ -766,7 +800,7 @@ func (cr *containerReference) copyDir(dstPath string, srcPath string, useGitIgno
 			},
 		}

-		err = filepath.Walk(srcPath, fc.collectFiles(ctx, []string{}))
+		err = filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
 		if err != nil {
 			return err
 		}
--- a/pkg/container/docker_run_test.go
+++ b/pkg/container/docker_run_test.go
@@ -23,6 +23,7 @@ func TestDocker(t *testing.T) {
 	ctx := context.Background()
 	client, err := GetDockerClient(ctx)
 	assert.NoError(t, err)
+	defer client.Close()

 	dockerBuild := NewDockerBuildExecutor(NewDockerBuildExecutorInput{
 		ContextDir: "testdata",
--- a/pkg/container/docker_socket.go
+++ b/pkg/container/docker_socket.go
@@ -0,0 +1,134 @@
+package container
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+)
+
+var CommonSocketLocations = []string{
+	"/var/run/docker.sock",
+	"/run/podman/podman.sock",
+	"$HOME/.colima/docker.sock",
+	"$XDG_RUNTIME_DIR/docker.sock",
+	"$XDG_RUNTIME_DIR/podman/podman.sock",
+	`\\.\pipe\docker_engine`,
+	"$HOME/.docker/run/docker.sock",
+}
+
+// returns socket URI or false if not found any
+func socketLocation() (string, bool) {
+	if dockerHost, exists := os.LookupEnv("DOCKER_HOST"); exists {
+		return dockerHost, true
+	}
+
+	for _, p := range CommonSocketLocations {
+		if _, err := os.Lstat(os.ExpandEnv(p)); err == nil {
+			if strings.HasPrefix(p, `\\.\`) {
+				return "npipe://" + filepath.ToSlash(os.ExpandEnv(p)), true
+			}
+			return "unix://" + filepath.ToSlash(os.ExpandEnv(p)), true
+		}
+	}
+
+	return "", false
+}
+
+// This function, `isDockerHostURI`, takes a string argument `daemonPath`. It checks if the
+// `daemonPath` is a valid Docker host URI. It does this by checking if the scheme of the URI (the
+// part before "://") contains only alphabetic characters. If it does, the function returns true,
+// indicating that the `daemonPath` is a Docker host URI. If it doesn't, or if the "://" delimiter
+// is not found in the `daemonPath`, the function returns false.
+func isDockerHostURI(daemonPath string) bool {
+	if protoIndex := strings.Index(daemonPath, "://"); protoIndex != -1 {
+		scheme := daemonPath[:protoIndex]
+		if strings.IndexFunc(scheme, func(r rune) bool {
+			return (r < 'a' || r > 'z') && (r < 'A' || r > 'Z')
+		}) == -1 {
+			return true
+		}
+	}
+	return false
+}
+
+type SocketAndHost struct {
+	Socket string
+	Host   string
+}
+
+func GetSocketAndHost(containerSocket string) (SocketAndHost, error) {
+	log.Debugf("Handling container host and socket")
+
+	// Prefer DOCKER_HOST, don't override it
+	dockerHost, hasDockerHost := socketLocation()
+	socketHost := SocketAndHost{Socket: containerSocket, Host: dockerHost}
+
+	// ** socketHost.Socket cases **
+	// Case 1: User does _not_ want to mount a daemon socket (passes a dash)
+	// Case 2: User passes a filepath to the socket; is that even valid?
+	// Case 3: User passes a valid socket; do nothing
+	// Case 4: User omitted the flag; set a sane default
+
+	// ** DOCKER_HOST cases **
+	// Case A: DOCKER_HOST is set; use it, i.e. do nothing
+	// Case B: DOCKER_HOST is empty; use sane defaults
+
+	// Set host for sanity's sake, when the socket isn't useful
+	if !hasDockerHost && (socketHost.Socket == "-" || !isDockerHostURI(socketHost.Socket) || socketHost.Socket == "") {
+		// Cases: 1B, 2B, 4B
+		socket, found := socketLocation()
+		socketHost.Host = socket
+		hasDockerHost = found
+	}
+
+	// A - (dash) in socketHost.Socket means don't mount, preserve this value
+	// otherwise if socketHost.Socket is a filepath don't use it as socket
+	// Exit early if we're in an invalid state (e.g. when no DOCKER_HOST and user supplied "-", a dash or omitted)
+	if !hasDockerHost && socketHost.Socket != "" && !isDockerHostURI(socketHost.Socket) {
+		// Cases: 1B, 2B
+		// Should we early-exit here, since there is no host nor socket to talk to?
+		return SocketAndHost{}, fmt.Errorf("DOCKER_HOST was not set, couldn't be found in the usual locations, and the container daemon socket ('%s') is invalid", socketHost.Socket)
+	}
+
+	// Default to DOCKER_HOST if set
+	if socketHost.Socket == "" && hasDockerHost {
+		// Cases: 4A
+		log.Debugf("Defaulting container socket to DOCKER_HOST")
+		socketHost.Socket = socketHost.Host
+	}
+	// Set sane default socket location if user omitted it
+	if socketHost.Socket == "" {
+		// Cases: 4B
+		socket, _ := socketLocation()
+		// socket is empty if it isn't found, so assignment here is at worst a no-op
+		log.Debugf("Defaulting container socket to default '%s'", socket)
+		socketHost.Socket = socket
+	}
+
+	// Exit if both the DOCKER_HOST and socket are fulfilled
+	if hasDockerHost {
+		// Cases: 1A, 2A, 3A, 4A
+		if !isDockerHostURI(socketHost.Socket) {
+			// Cases: 1A, 2A
+			log.Debugf("DOCKER_HOST is set, but socket is invalid '%s'", socketHost.Socket)
+		}
+		return socketHost, nil
+	}
+
+	// Set a sane DOCKER_HOST default if we can
+	if isDockerHostURI(socketHost.Socket) {
+		// Cases: 3B
+		log.Debugf("Setting DOCKER_HOST to container socket '%s'", socketHost.Socket)
+		socketHost.Host = socketHost.Socket
+		// Both DOCKER_HOST and container socket are valid; short-circuit exit
+		return socketHost, nil
+	}
+
+	// Here there is no DOCKER_HOST _and_ the supplied container socket is not a valid URI (either invalid or a file path)
+	// Cases: 2B <- but is already handled at the top
+	// I.e. this path should never be taken
+	return SocketAndHost{}, fmt.Errorf("no DOCKER_HOST and an invalid container socket '%s'", socketHost.Socket)
+}
--- a/pkg/container/docker_socket_test.go
+++ b/pkg/container/docker_socket_test.go
@@ -0,0 +1,150 @@
+package container
+
+import (
+	"os"
+	"testing"
+
+	log "github.com/sirupsen/logrus"
+	assert "github.com/stretchr/testify/assert"
+)
+
+func init() {
+	log.SetLevel(log.DebugLevel)
+}
+
+var originalCommonSocketLocations = CommonSocketLocations
+
+func TestGetSocketAndHostWithSocket(t *testing.T) {
+	// Arrange
+	CommonSocketLocations = originalCommonSocketLocations
+	dockerHost := "unix:///my/docker/host.sock"
+	socketURI := "/path/to/my.socket"
+	os.Setenv("DOCKER_HOST", dockerHost)
+
+	// Act
+	ret, err := GetSocketAndHost(socketURI)
+
+	// Assert
+	assert.Nil(t, err)
+	assert.Equal(t, SocketAndHost{socketURI, dockerHost}, ret)
+}
+
+func TestGetSocketAndHostNoSocket(t *testing.T) {
+	// Arrange
+	dockerHost := "unix:///my/docker/host.sock"
+	os.Setenv("DOCKER_HOST", dockerHost)
+
+	// Act
+	ret, err := GetSocketAndHost("")
+
+	// Assert
+	assert.Nil(t, err)
+	assert.Equal(t, SocketAndHost{dockerHost, dockerHost}, ret)
+}
+
+func TestGetSocketAndHostOnlySocket(t *testing.T) {
+	// Arrange
+	socketURI := "/path/to/my.socket"
+	os.Unsetenv("DOCKER_HOST")
+	CommonSocketLocations = originalCommonSocketLocations
+	defaultSocket, defaultSocketFound := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost(socketURI)
+
+	// Assert
+	assert.NoError(t, err, "Expected no error from GetSocketAndHost")
+	assert.Equal(t, true, defaultSocketFound, "Expected to find default socket")
+	assert.Equal(t, socketURI, ret.Socket, "Expected socket to match common location")
+	assert.Equal(t, defaultSocket, ret.Host, "Expected ret.Host to match default socket location")
+}
+
+func TestGetSocketAndHostDontMount(t *testing.T) {
+	// Arrange
+	CommonSocketLocations = originalCommonSocketLocations
+	dockerHost := "unix:///my/docker/host.sock"
+	os.Setenv("DOCKER_HOST", dockerHost)
+
+	// Act
+	ret, err := GetSocketAndHost("-")
+
+	// Assert
+	assert.Nil(t, err)
+	assert.Equal(t, SocketAndHost{"-", dockerHost}, ret)
+}
+
+func TestGetSocketAndHostNoHostNoSocket(t *testing.T) {
+	// Arrange
+	CommonSocketLocations = originalCommonSocketLocations
+	os.Unsetenv("DOCKER_HOST")
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost("")
+
+	// Assert
+	assert.Equal(t, true, found, "Expected a default socket to be found")
+	assert.Nil(t, err, "Expected no error from GetSocketAndHost")
+	assert.Equal(t, SocketAndHost{defaultSocket, defaultSocket}, ret, "Expected to match default socket location")
+}
+
+// Catch
+// > Your code breaks setting DOCKER_HOST if shouldMount is false.
+// > This happens if neither DOCKER_HOST nor --container-daemon-socket has a value, but socketLocation() returns a URI
+func TestGetSocketAndHostNoHostNoSocketDefaultLocation(t *testing.T) {
+	// Arrange
+	mySocketFile, tmpErr := os.CreateTemp("", "act-*.sock")
+	mySocket := mySocketFile.Name()
+	unixSocket := "unix://" + mySocket
+	defer os.RemoveAll(mySocket)
+	assert.NoError(t, tmpErr)
+	os.Unsetenv("DOCKER_HOST")
+
+	CommonSocketLocations = []string{mySocket}
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost("")
+
+	// Assert
+	assert.Equal(t, unixSocket, defaultSocket, "Expected default socket to match common socket location")
+	assert.Equal(t, true, found, "Expected default socket to be found")
+	assert.Nil(t, err, "Expected no error from GetSocketAndHost")
+	assert.Equal(t, SocketAndHost{unixSocket, unixSocket}, ret, "Expected to match default socket location")
+}
+
+func TestGetSocketAndHostNoHostInvalidSocket(t *testing.T) {
+	// Arrange
+	os.Unsetenv("DOCKER_HOST")
+	mySocket := "/my/socket/path.sock"
+	CommonSocketLocations = []string{"/unusual", "/socket", "/location"}
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost(mySocket)
+
+	// Assert
+	assert.Equal(t, false, found, "Expected no default socket to be found")
+	assert.Equal(t, "", defaultSocket, "Expected no default socket to be found")
+	assert.Equal(t, SocketAndHost{}, ret, "Expected to match default socket location")
+	assert.Error(t, err, "Expected an error in invalid state")
+}
+
+func TestGetSocketAndHostOnlySocketValidButUnusualLocation(t *testing.T) {
+	// Arrange
+	socketURI := "unix:///path/to/my.socket"
+	CommonSocketLocations = []string{"/unusual", "/location"}
+	os.Unsetenv("DOCKER_HOST")
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost(socketURI)
+
+	// Assert
+	// Default socket locations
+	assert.Equal(t, "", defaultSocket, "Expect default socket location to be empty")
+	assert.Equal(t, false, found, "Expected no default socket to be found")
+	// Sane default
+	assert.Nil(t, err, "Expect no error from GetSocketAndHost")
+	assert.Equal(t, socketURI, ret.Host, "Expect host to default to unusual socket")
+}
--- a/pkg/container/docker_stub.go
+++ b/pkg/container/docker_stub.go
@@ -1,4 +1,4 @@
-//go:build WITHOUT_DOCKER || !(linux || darwin || windows)
+//go:build WITHOUT_DOCKER || !(linux || darwin || windows || netbsd)

 package container

--- a/pkg/container/docker_volume.go
+++ b/pkg/container/docker_volume.go
@@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/file_collector.go
+++ b/pkg/container/file_collector.go
@@ -1,210 +0,0 @@
-package container
-
-import (
-	"archive/tar"
-	"context"
-	"fmt"
-	"io"
-	"io/fs"
-	"os"
-	"path"
-	"path/filepath"
-	"strings"
-
-	git "github.com/go-git/go-git/v5"
-	"github.com/go-git/go-git/v5/plumbing/filemode"
-	"github.com/go-git/go-git/v5/plumbing/format/gitignore"
-	"github.com/go-git/go-git/v5/plumbing/format/index"
-)
-
-type fileCollectorHandler interface {
-	WriteFile(path string, fi fs.FileInfo, linkName string, f io.Reader) error
-}
-
-type tarCollector struct {
-	TarWriter *tar.Writer
-	UID       int
-	GID       int
-	DstDir    string
-}
-
-func (tc tarCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string, f io.Reader) error {
-	// create a new dir/file header
-	header, err := tar.FileInfoHeader(fi, linkName)
-	if err != nil {
-		return err
-	}
-
-	// update the name to correctly reflect the desired destination when untaring
-	header.Name = path.Join(tc.DstDir, fpath)
-	header.Mode = int64(fi.Mode())
-	header.ModTime = fi.ModTime()
-	header.Uid = tc.UID
-	header.Gid = tc.GID
-
-	// write the header
-	if err := tc.TarWriter.WriteHeader(header); err != nil {
-		return err
-	}
-
-	// this is a symlink no reader provided
-	if f == nil {
-		return nil
-	}
-
-	// copy file data into tar writer
-	if _, err := io.Copy(tc.TarWriter, f); err != nil {
-		return err
-	}
-	return nil
-}
-
-type copyCollector struct {
-	DstDir string
-}
-
-func (cc *copyCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string, f io.Reader) error {
-	fdestpath := filepath.Join(cc.DstDir, fpath)
-	if err := os.MkdirAll(filepath.Dir(fdestpath), 0o777); err != nil {
-		return err
-	}
-	if f == nil {
-		return os.Symlink(linkName, fdestpath)
-	}
-	df, err := os.OpenFile(fdestpath, os.O_CREATE|os.O_WRONLY, fi.Mode())
-	if err != nil {
-		return err
-	}
-	defer df.Close()
-	if _, err := io.Copy(df, f); err != nil {
-		return err
-	}
-	return nil
-}
-
-type fileCollector struct {
-	Ignorer   gitignore.Matcher
-	SrcPath   string
-	SrcPrefix string
-	Fs        fileCollectorFs
-	Handler   fileCollectorHandler
-}
-
-type fileCollectorFs interface {
-	Walk(root string, fn filepath.WalkFunc) error
-	OpenGitIndex(path string) (*index.Index, error)
-	Open(path string) (io.ReadCloser, error)
-	Readlink(path string) (string, error)
-}
-
-type defaultFs struct {
-}
-
-func (*defaultFs) Walk(root string, fn filepath.WalkFunc) error {
-	return filepath.Walk(root, fn)
-}
-
-func (*defaultFs) OpenGitIndex(path string) (*index.Index, error) {
-	r, err := git.PlainOpen(path)
-	if err != nil {
-		return nil, err
-	}
-	i, err := r.Storer.Index()
-	if err != nil {
-		return nil, err
-	}
-	return i, nil
-}
-
-func (*defaultFs) Open(path string) (io.ReadCloser, error) {
-	return os.Open(path)
-}
-
-func (*defaultFs) Readlink(path string) (string, error) {
-	return os.Readlink(path)
-}
-
-//nolint:gocyclo
-func (fc *fileCollector) collectFiles(ctx context.Context, submodulePath []string) filepath.WalkFunc {
-	i, _ := fc.Fs.OpenGitIndex(path.Join(fc.SrcPath, path.Join(submodulePath...)))
-	return func(file string, fi os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-		if ctx != nil {
-			select {
-			case <-ctx.Done():
-				return fmt.Errorf("copy cancelled")
-			default:
-			}
-		}
-
-		sansPrefix := strings.TrimPrefix(file, fc.SrcPrefix)
-		split := strings.Split(sansPrefix, string(filepath.Separator))
-		// The root folders should be skipped, submodules only have the last path component set to "." by filepath.Walk
-		if fi.IsDir() && len(split) > 0 && split[len(split)-1] == "." {
-			return nil
-		}
-		var entry *index.Entry
-		if i != nil {
-			entry, err = i.Entry(strings.Join(split[len(submodulePath):], "/"))
-		} else {
-			err = index.ErrEntryNotFound
-		}
-		if err != nil && fc.Ignorer != nil && fc.Ignorer.Match(split, fi.IsDir()) {
-			if fi.IsDir() {
-				if i != nil {
-					ms, err := i.Glob(strings.Join(append(split[len(submodulePath):], "**"), "/"))
-					if err != nil || len(ms) == 0 {
-						return filepath.SkipDir
-					}
-				} else {
-					return filepath.SkipDir
-				}
-			} else {
-				return nil
-			}
-		}
-		if err == nil && entry.Mode == filemode.Submodule {
-			err = fc.Fs.Walk(file, fc.collectFiles(ctx, split))
-			if err != nil {
-				return err
-			}
-			return filepath.SkipDir
-		}
-		path := filepath.ToSlash(sansPrefix)
-
-		// return on non-regular files (thanks to [kumo](https://medium.com/@komuw/just-like-you-did-fbdd7df829d3) for this suggested update)
-		if fi.Mode()&os.ModeSymlink == os.ModeSymlink {
-			linkName, err := fc.Fs.Readlink(file)
-			if err != nil {
-				return fmt.Errorf("unable to readlink '%s': %w", file, err)
-			}
-			return fc.Handler.WriteFile(path, fi, linkName, nil)
-		} else if !fi.Mode().IsRegular() {
-			return nil
-		}
-
-		// open file
-		f, err := fc.Fs.Open(file)
-		if err != nil {
-			return err
-		}
-		defer f.Close()
-
-		if ctx != nil {
-			// make io.Copy cancellable by closing the file
-			cpctx, cpfinish := context.WithCancel(ctx)
-			defer cpfinish()
-			go func() {
-				select {
-				case <-cpctx.Done():
-				case <-ctx.Done():
-					f.Close()
-				}
-			}()
-		}
-
-		return fc.Handler.WriteFile(path, fi, "", f)
-	}
-}
--- a/pkg/container/file_collector_test.go
+++ b/pkg/container/file_collector_test.go
@@ -1,117 +0,0 @@
-package container
-
-import (
-	"archive/tar"
-	"context"
-	"io"
-	"path/filepath"
-	"strings"
-	"testing"
-
-	"github.com/go-git/go-billy/v5"
-	"github.com/go-git/go-billy/v5/memfs"
-	git "github.com/go-git/go-git/v5"
-	"github.com/go-git/go-git/v5/plumbing/cache"
-	"github.com/go-git/go-git/v5/plumbing/format/gitignore"
-	"github.com/go-git/go-git/v5/plumbing/format/index"
-	"github.com/go-git/go-git/v5/storage/filesystem"
-	"github.com/stretchr/testify/assert"
-)
-
-type memoryFs struct {
-	billy.Filesystem
-}
-
-func (mfs *memoryFs) walk(root string, fn filepath.WalkFunc) error {
-	dir, err := mfs.ReadDir(root)
-	if err != nil {
-		return err
-	}
-	for i := 0; i < len(dir); i++ {
-		filename := filepath.Join(root, dir[i].Name())
-		err = fn(filename, dir[i], nil)
-		if dir[i].IsDir() {
-			if err == filepath.SkipDir {
-				err = nil
-			} else if err := mfs.walk(filename, fn); err != nil {
-				return err
-			}
-		}
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (mfs *memoryFs) Walk(root string, fn filepath.WalkFunc) error {
-	stat, err := mfs.Lstat(root)
-	if err != nil {
-		return err
-	}
-	err = fn(strings.Join([]string{root, "."}, string(filepath.Separator)), stat, nil)
-	if err != nil {
-		return err
-	}
-	return mfs.walk(root, fn)
-}
-
-func (mfs *memoryFs) OpenGitIndex(path string) (*index.Index, error) {
-	f, _ := mfs.Filesystem.Chroot(filepath.Join(path, ".git"))
-	storage := filesystem.NewStorage(f, cache.NewObjectLRUDefault())
-	i, err := storage.Index()
-	if err != nil {
-		return nil, err
-	}
-	return i, nil
-}
-
-func (mfs *memoryFs) Open(path string) (io.ReadCloser, error) {
-	return mfs.Filesystem.Open(path)
-}
-
-func (mfs *memoryFs) Readlink(path string) (string, error) {
-	return mfs.Filesystem.Readlink(path)
-}
-
-func TestIgnoredTrackedfile(t *testing.T) {
-	fs := memfs.New()
-	_ = fs.MkdirAll("mygitrepo/.git", 0o777)
-	dotgit, _ := fs.Chroot("mygitrepo/.git")
-	worktree, _ := fs.Chroot("mygitrepo")
-	repo, _ := git.Init(filesystem.NewStorage(dotgit, cache.NewObjectLRUDefault()), worktree)
-	f, _ := worktree.Create(".gitignore")
-	_, _ = f.Write([]byte(".*\n"))
-	f.Close()
-	// This file shouldn't be in the tar
-	f, _ = worktree.Create(".env")
-	_, _ = f.Write([]byte("test=val1\n"))
-	f.Close()
-	w, _ := repo.Worktree()
-	// .gitignore is in the tar after adding it to the index
-	_, _ = w.Add(".gitignore")
-
-	tmpTar, _ := fs.Create("temp.tar")
-	tw := tar.NewWriter(tmpTar)
-	ps, _ := gitignore.ReadPatterns(worktree, []string{})
-	ignorer := gitignore.NewMatcher(ps)
-	fc := &fileCollector{
-		Fs:        &memoryFs{Filesystem: fs},
-		Ignorer:   ignorer,
-		SrcPath:   "mygitrepo",
-		SrcPrefix: "mygitrepo" + string(filepath.Separator),
-		Handler: &tarCollector{
-			TarWriter: tw,
-		},
-	}
-	err := fc.Fs.Walk("mygitrepo", fc.collectFiles(context.Background(), []string{}))
-	assert.NoError(t, err, "successfully collect files")
-	tw.Close()
-	_, _ = tmpTar.Seek(0, io.SeekStart)
-	tr := tar.NewReader(tmpTar)
-	h, err := tr.Next()
-	assert.NoError(t, err, "tar must not be empty")
-	assert.Equal(t, ".gitignore", h.Name)
-	_, err = tr.Next()
-	assert.ErrorIs(t, err, io.EOF, "tar must only contain one element")
-}
--- a/pkg/container/host_environment.go
+++ b/pkg/container/host_environment.go
@@ -21,6 +21,7 @@ import (
 	"golang.org/x/term"

 	"github.com/nektos/act/pkg/common"
+	"github.com/nektos/act/pkg/filecollector"
 	"github.com/nektos/act/pkg/lookpath"
 )

@@ -71,7 +72,7 @@ func (e *HostEnvironment) CopyTarStream(ctx context.Context, destPath string, ta
 		return err
 	}
 	tr := tar.NewReader(tarStream)
-	cp := &copyCollector{
+	cp := &filecollector.CopyCollector{
 		DstDir: destPath,
 	}
 	for {
@@ -110,16 +111,16 @@ func (e *HostEnvironment) CopyDir(destPath string, srcPath string, useGitIgnore

 			ignorer = gitignore.NewMatcher(ps)
 		}
-		fc := &fileCollector{
-			Fs:        &defaultFs{},
+		fc := &filecollector.FileCollector{
+			Fs:        &filecollector.DefaultFs{},
 			Ignorer:   ignorer,
 			SrcPath:   srcPath,
 			SrcPrefix: srcPrefix,
-			Handler: &copyCollector{
+			Handler: &filecollector.CopyCollector{
 				DstDir: destPath,
 			},
 		}
-		return filepath.Walk(srcPath, fc.collectFiles(ctx, []string{}))
+		return filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
 	}
 }

@@ -132,21 +133,21 @@ func (e *HostEnvironment) GetContainerArchive(ctx context.Context, srcPath strin
 	if err != nil {
 		return nil, err
 	}
-	tc := &tarCollector{
+	tc := &filecollector.TarCollector{
 		TarWriter: tw,
 	}
 	if fi.IsDir() {
-		srcPrefix := filepath.Dir(srcPath)
+		srcPrefix := srcPath
 		if !strings.HasSuffix(srcPrefix, string(filepath.Separator)) {
 			srcPrefix += string(filepath.Separator)
 		}
-		fc := &fileCollector{
-			Fs:        &defaultFs{},
+		fc := &filecollector.FileCollector{
+			Fs:        &filecollector.DefaultFs{},
 			SrcPath:   srcPath,
 			SrcPrefix: srcPrefix,
 			Handler:   tc,
 		}
-		err = filepath.Walk(srcPath, fc.collectFiles(ctx, []string{}))
+		err = filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
 		if err != nil {
 			return nil, err
 		}
--- a/pkg/container/host_environment_test.go
+++ b/pkg/container/host_environment_test.go
@@ -1,4 +1,71 @@
 package container

+import (
+	"archive/tar"
+	"context"
+	"io"
+	"os"
+	"path"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
 // Type assert HostEnvironment implements ExecutionsEnvironment
 var _ ExecutionsEnvironment = &HostEnvironment{}
+
+func TestCopyDir(t *testing.T) {
+	dir, err := os.MkdirTemp("", "test-host-env-*")
+	assert.NoError(t, err)
+	defer os.RemoveAll(dir)
+	ctx := context.Background()
+	e := &HostEnvironment{
+		Path:      filepath.Join(dir, "path"),
+		TmpDir:    filepath.Join(dir, "tmp"),
+		ToolCache: filepath.Join(dir, "tool_cache"),
+		ActPath:   filepath.Join(dir, "act_path"),
+		StdOut:    os.Stdout,
+		Workdir:   path.Join("testdata", "scratch"),
+	}
+	_ = os.MkdirAll(e.Path, 0700)
+	_ = os.MkdirAll(e.TmpDir, 0700)
+	_ = os.MkdirAll(e.ToolCache, 0700)
+	_ = os.MkdirAll(e.ActPath, 0700)
+	err = e.CopyDir(e.Workdir, e.Path, true)(ctx)
+	assert.NoError(t, err)
+}
+
+func TestGetContainerArchive(t *testing.T) {
+	dir, err := os.MkdirTemp("", "test-host-env-*")
+	assert.NoError(t, err)
+	defer os.RemoveAll(dir)
+	ctx := context.Background()
+	e := &HostEnvironment{
+		Path:      filepath.Join(dir, "path"),
+		TmpDir:    filepath.Join(dir, "tmp"),
+		ToolCache: filepath.Join(dir, "tool_cache"),
+		ActPath:   filepath.Join(dir, "act_path"),
+		StdOut:    os.Stdout,
+		Workdir:   path.Join("testdata", "scratch"),
+	}
+	_ = os.MkdirAll(e.Path, 0700)
+	_ = os.MkdirAll(e.TmpDir, 0700)
+	_ = os.MkdirAll(e.ToolCache, 0700)
+	_ = os.MkdirAll(e.ActPath, 0700)
+	expectedContent := []byte("sdde/7sh")
+	err = os.WriteFile(filepath.Join(e.Path, "action.yml"), expectedContent, 0600)
+	assert.NoError(t, err)
+	archive, err := e.GetContainerArchive(ctx, e.Path)
+	assert.NoError(t, err)
+	defer archive.Close()
+	reader := tar.NewReader(archive)
+	h, err := reader.Next()
+	assert.NoError(t, err)
+	assert.Equal(t, "action.yml", h.Name)
+	content, err := io.ReadAll(reader)
+	assert.NoError(t, err)
+	assert.Equal(t, expectedContent, content)
+	_, err = reader.Next()
+	assert.ErrorIs(t, err, io.EOF)
+}
--- a/pkg/container/testdata/scratch/test.txt
+++ b/pkg/container/testdata/scratch/test.txt
@@ -0,0 +1 @@
+testfile