build(deps): bump golang.org/x/term from 0.17.0 to 0.18.0 (#2244 )

Bumps [golang.org/x/term](https://github.com/golang/term) from 0.17.0 to 0.18.0. - [Commits](https://github.com/golang/term/compare/v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fix: rootless permission bits (new actions cache) (#2242 )
2024-03-11 02:28:21 +00:00 · 2024-03-08 01:25:03 +00:00 · 2024-03-06 14:20:06 +00:00 · 2024-03-05 06:04:54 +00:00 · 2024-03-04 03:08:44 +00:00 · 2024-03-01 02:12:58 +00:00
48 changed files with 1295 additions and 755 deletions
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@ -26,7 +26,7 @@ jobs:
        with:
          version: v1.53
          only-new-issues: true
-      - uses: megalinter/megalinter/flavors/go@v7.7.0
+      - uses: megalinter/megalinter/flavors/go@v7.8.0
        env:
          DEFAULT_BRANCH: master
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@ -61,7 +61,7 @@ jobs:
      - name: Run act from cli
        run: go run main.go -P ubuntu-latest=node:16-buster-slim -C ./pkg/runner/testdata/ -W ./basic/push.yml
      - name: Upload Codecov report
-        uses: codecov/codecov-action@v3.1.4
+        uses: codecov/codecov-action@v3.1.5
        with:
          files: coverage.txt
          fail_ci_if_error: true # optional (default = false)
@ -111,67 +111,67 @@ jobs:
          args: release --snapshot --clean
      - name: Capture x86_64 (64-bit) Linux binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-linux-amd64
          path: dist/act_linux_amd64_v1/act
      - name: Capture i386 (32-bit) Linux binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-linux-i386
          path: dist/act_linux_386/act
      - name: Capture arm64 (64-bit) Linux binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-linux-arm64
          path: dist/act_linux_arm64/act
      - name: Capture armv6 (32-bit) Linux binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-linux-armv6
          path: dist/act_linux_arm_6/act
      - name: Capture armv7 (32-bit) Linux binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-linux-armv7
          path: dist/act_linux_arm_7/act
      - name: Capture x86_64 (64-bit) Windows binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-windows-amd64
          path: dist/act_windows_amd64_v1/act.exe
      - name: Capture i386 (32-bit) Windows binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-windows-i386
          path: dist/act_windows_386/act.exe
      - name: Capture arm64 (64-bit) Windows binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-windows-arm64
          path: dist/act_windows_arm64/act.exe
      - name: Capture armv7 (32-bit) Windows binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-windows-armv7
          path: dist/act_windows_arm_7/act.exe
      - name: Capture x86_64 (64-bit) MacOS binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-macos-amd64
          path: dist/act_darwin_amd64_v1/act
      - name: Capture arm64 (64-bit) MacOS binary
        if: ${{ !env.ACT }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: act-macos-arm64
          path: dist/act_darwin_arm64/act
--- a/.mergify.yml
+++ b/.mergify.yml
@ -71,6 +71,10 @@ pull_request_rules:
          - and:
              - 'approved-reviews-by=@nektos/act-maintainers'
              - '#approved-reviews-by>=2'
+          - and:
+              - 'author=@nektos/act-maintainers'
+              - 'approved-reviews-by=@nektos/act-maintainers'
+              - '#approved-reviews-by>=1'
      - -draft
      - -merged
      - -closed
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-![act-logo](https://github.com/nektos/act/wiki/img/logo-150.png)
+![act-logo](https://raw.githubusercontent.com/wiki/nektos/act/img/logo-150.png)

 # Overview [![push](https://github.com/nektos/act/workflows/push/badge.svg?branch=master&event=push)](https://github.com/nektos/act/actions) [![Join the chat at https://gitter.im/nektos/act](https://badges.gitter.im/nektos/act.svg)](https://gitter.im/nektos/act?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Go Report Card](https://goreportcard.com/badge/github.com/nektos/act)](https://goreportcard.com/report/github.com/nektos/act) [![awesome-runners](https://img.shields.io/badge/listed%20on-awesome--runners-blue.svg)](https://github.com/jonico/awesome-runners)

@ -15,462 +15,12 @@ When you run `act` it reads in your GitHub Actions from `.github/workflows/` and

 Let's see it in action with a [sample repo](https://github.com/cplee/github-actions-demo)!

-![Demo](https://github.com/nektos/act/wiki/quickstart/act-quickstart-2.gif)
+![Demo](https://raw.githubusercontent.com/wiki/nektos/act/quickstart/act-quickstart-2.gif)

 # Act User Guide

 Please look at the [act user guide](https://nektosact.com) for more documentation.

-# Installation
-
-## Necessary prerequisites for running `act`
-
-`act` depends on `docker` to run workflows.
-
-If you are using macOS, please be sure to follow the steps outlined in [Docker Docs for how to install Docker Desktop for Mac](https://docs.docker.com/docker-for-mac/install/).
-
-If you are using Windows, please follow steps for [installing Docker Desktop on Windows](https://docs.docker.com/docker-for-windows/install/).
-
-If you are using Linux, you will need to [install Docker Engine](https://docs.docker.com/engine/install/).
-
-`act` is currently not supported with `podman` or other container backends (it might work, but it's not guaranteed). Please see [#303](https://github.com/nektos/act/issues/303) for updates.
-
-## Installation through package managers
-
-### [Homebrew](https://brew.sh/) (Linux/macOS)
-
-[![homebrew version](https://img.shields.io/homebrew/v/act)](https://github.com/Homebrew/homebrew-core/blob/master/Formula/act.rb)
-
-```shell
-brew install act
-```
-
-or if you want to install version based on latest commit, you can run below (it requires compiler to be installed but Homebrew will suggest you how to install it, if you don't have it):
-
-```shell
-brew install act --HEAD
-```
-
-### [MacPorts](https://www.macports.org) (macOS)
-
-[![MacPorts package](https://repology.org/badge/version-for-repo/macports/act-run-github-actions.svg)](https://repology.org/project/act-run-github-actions/versions)
-
-```shell
-sudo port install act
-```
-
-### [Chocolatey](https://chocolatey.org/) (Windows)
-
-[![choco-shield](https://img.shields.io/chocolatey/v/act-cli)](https://community.chocolatey.org/packages/act-cli)
-
-```shell
-choco install act-cli
-```
-
-### [Scoop](https://scoop.sh/) (Windows)
-
-[![scoop-shield](https://img.shields.io/scoop/v/act)](https://github.com/ScoopInstaller/Main/blob/master/bucket/act.json)
-
-```shell
-scoop install act
-```
-
-### [Winget](https://learn.microsoft.com/en-us/windows/package-manager/) (Windows)
-
-[![Winget package](https://repology.org/badge/version-for-repo/winget/act-run-github-actions.svg)](https://repology.org/project/act-run-github-actions/versions)
-
-```shell
-winget install nektos.act
-```
-
-### [AUR](https://aur.archlinux.org/packages/act/) (Linux)
-
-[![aur-shield](https://img.shields.io/aur/version/act)](https://aur.archlinux.org/packages/act/)
-
-```shell
-yay -Syu act
-```
-
-### [COPR](https://copr.fedorainfracloud.org/coprs/rubemlrm/act-cli/) (Linux)
-
-```shell
-dnf copr enable rubemlrm/act-cli
-dnf install act-cli
-```
-
-### [Nix](https://nixos.org) (Linux/macOS)
-
-[Nix recipe](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/tools/misc/act/default.nix)
-
-Global install:
-
-```sh
-nix-env -iA nixpkgs.act
-```
-
-or through `nix-shell`:
-
-```sh
-nix-shell -p act
-```
-
-Using the latest [Nix command](https://nixos.wiki/wiki/Nix_command), you can run directly :
-
-```sh
-nix run nixpkgs#act
-```
-
-## Installation as GitHub CLI extension
-
-Act can be installed as a [GitHub CLI](https://cli.github.com/) extension:
-
-```sh
-gh extension install https://github.com/nektos/gh-act
-```
-
-## Other install options
-
-### Bash script
-
-Run this command in your terminal:
-
-```shell
-curl -s https://raw.githubusercontent.com/nektos/act/master/install.sh | sudo bash
-```
-
-### Manual download
-
-Download the [latest release](https://github.com/nektos/act/releases/latest) and add the path to your binary into your PATH.
-
-# Example commands
-
-```sh
-# Command structure:
-act [<event>] [options]
-If no event name passed, will default to "on: push"
-If actions handles only one event it will be used as default instead of "on: push"
-
-# List all actions for all events:
-act -l
-
-# List the actions for a specific event:
-act workflow_dispatch -l
-
-# List the actions for a specific job:
-act -j test -l
-
-# Run the default (`push`) event:
-act
-
-# Run a specific event:
-act pull_request
-
-# Run a specific job:
-act -j test
-
-# Collect artifacts to the /tmp/artifacts folder:
-act --artifact-server-path /tmp/artifacts
-
-# Run a job in a specific workflow (useful if you have duplicate job names)
-act -j lint -W .github/workflows/checks.yml
-
-# Run in dry-run mode:
-act -n
-
-# Enable verbose-logging (can be used with any of the above commands)
-act -v
-```
-
-## First `act` run
-
-When running `act` for the first time, it will ask you to choose image to be used as default.
-It will save that information to `~/.actrc`, please refer to [Configuration](#configuration) for more information about `.actrc` and to [Runners](#runners) for information about used/available Docker images.
-
-## `GITHUB_TOKEN`
-
-GitHub [automatically provides](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret) a `GITHUB_TOKEN` secret when running workflows inside GitHub.
-
-If your workflow depends on this token, you need to create a [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) and pass it to `act` as a secret:
-
-```bash
-act -s GITHUB_TOKEN=[insert token or leave blank and omit equals for secure input]
-```
-
-If [GitHub CLI](https://cli.github.com/) is installed, the [`gh auth token`](https://cli.github.com/manual/gh_auth_token) command can be used to automatically pass the token to act
-
-```bash
-act -s GITHUB_TOKEN="$(gh auth token)"
-```
-
-**WARNING**: `GITHUB_TOKEN` will be logged in shell history if not inserted through secure input or (depending on your shell config) the command is prefixed with a whitespace.
-
-# Known Issues
-
-## Services
-
-Services are not currently supported but are being worked on. See: [#173](https://github.com/nektos/act/issues/173)
-
-## `MODULE_NOT_FOUND`
-
-A `MODULE_NOT_FOUND` during `docker cp` command [#228](https://github.com/nektos/act/issues/228) can happen if you are relying on local changes that have not been pushed. This can get triggered if the action is using a path, like:
-
-```yaml
- name: test action locally
-  uses: ./
-```
-
-In this case, you _must_ use `actions/checkout@v2` with a path that _has the same name as your repository_. If your repository is called _my-action_, then your checkout step would look like:
-
-```yaml
-steps:
-  - name: Checkout
-    uses: actions/checkout@v2
-    with:
-      path: "my-action"
-```
-
-If the `path:` value doesn't match the name of the repository, a `MODULE_NOT_FOUND` will be thrown.
-
-## `docker context` support
-
-The current `docker context` isn't respected ([#583](https://github.com/nektos/act/issues/583)).
-
-You can work around this by setting `DOCKER_HOST` before running `act`, with e.g:
-
-```bash
-export DOCKER_HOST=$(docker context inspect --format '{{.Endpoints.docker.Host}}')
-```
-
-# Runners
-
-GitHub Actions offers managed [virtual environments](https://help.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners) for running workflows. In order for `act` to run your workflows locally, it must run a container for the runner defined in your workflow file. Here are the images that `act` uses for each runner type and size:
-
-| GitHub Runner   | Micro Docker Image               | Medium Docker Image                               | Large Docker Image                                 |
-| --------------- | -------------------------------- | ------------------------------------------------- | -------------------------------------------------- |
-| `ubuntu-latest` | [`node:16-buster-slim`][micro]   | [`catthehacker/ubuntu:act-latest`][docker_images] | [`catthehacker/ubuntu:full-latest`][docker_images] |
-| `ubuntu-22.04`  | [`node:16-bullseye-slim`][micro] | [`catthehacker/ubuntu:act-22.04`][docker_images]  | `unavailable`                                      |
-| `ubuntu-20.04`  | [`node:16-buster-slim`][micro]   | [`catthehacker/ubuntu:act-20.04`][docker_images]  | [`catthehacker/ubuntu:full-20.04`][docker_images]  |
-| `ubuntu-18.04`  | [`node:16-buster-slim`][micro]   | [`catthehacker/ubuntu:act-18.04`][docker_images]  | [`catthehacker/ubuntu:full-18.04`][docker_images]  |
-
-[micro]: https://hub.docker.com/_/buildpack-deps
-[docker_images]: https://github.com/catthehacker/docker_images
-
-Windows and macOS based platforms are currently **unsupported and won't work** (see issue [#97](https://github.com/nektos/act/issues/97))
-
-## Please see [IMAGES.md](./IMAGES.md) for more information about the Docker images that can be used with `act`
-
-## Default runners are intentionally incomplete
-
-These default images do **not** contain **all** the tools that GitHub Actions offers by default in their runners.
-Many things can work improperly or not at all while running those image.
-Additionally, some software might still not work even if installed properly, since GitHub Actions are running in fully virtualized machines while `act` is using Docker containers (e.g. Docker does not support running `systemd`).
-In case of any problems [please create issue](https://github.com/nektos/act/issues/new/choose) in respective repository (issues with `act` in this repository, issues with `nektos/act-environments-ubuntu:18.04` in [`nektos/act-environments`](https://github.com/nektos/act-environments) and issues with any image from user `catthehacker` in [`catthehacker/docker_images`](https://github.com/catthehacker/docker_images))
-
-## Alternative runner images
-
-If you need an environment that works just like the corresponding GitHub runner then consider using an image provided by [nektos/act-environments](https://github.com/nektos/act-environments):
-
- [`nektos/act-environments-ubuntu:18.04`](https://hub.docker.com/r/nektos/act-environments-ubuntu/tags) - built from the Packer file GitHub uses in [actions/virtual-environments](https://github.com/actions/runner).
-
-:warning: :elephant: `*** WARNING - this image is >18GB 😱***`
-
- [`catthehacker/ubuntu:full-*`](https://github.com/catthehacker/docker_images/pkgs/container/ubuntu) - built from Packer template provided by GitHub, see [catthehacker/virtual-environments-fork](https://github.com/catthehacker/virtual-environments-fork) or [catthehacker/docker_images](https://github.com/catthehacker/docker_images) for more information
-
-## Using local runner images
-
-The `--pull` flag is set to true by default due to a breaking on older default docker images. This would pull the docker image everytime act is executed.
-
-Set `--pull` to false if a local docker image is needed
-```sh
-  act --pull=false
-```
-
-## Use an alternative runner image
-
-To use a different image for the runner, use the `-P` option.
-
-```sh
-act -P <platform>=<docker-image>
-```
-
-If your workflow uses `ubuntu-18.04`, consider below line as an example for changing Docker image used to run that workflow:
-
-```sh
-act -P ubuntu-18.04=nektos/act-environments-ubuntu:18.04
-```
-
-If you use multiple platforms in your workflow, you have to specify them to change which image is used.
-For example, if your workflow uses `ubuntu-18.04`, `ubuntu-16.04` and `ubuntu-latest`, specify all platforms like below
-
-```sh
-act -P ubuntu-18.04=nektos/act-environments-ubuntu:18.04 -P ubuntu-latest=ubuntu:latest -P ubuntu-16.04=node:16-buster-slim
-```
-
-# Secrets
-
-To run `act` with secrets, you can enter them interactively, supply them as environment variables or load them from a file. The following options are available for providing secrets:
-
- `act -s MY_SECRET=somevalue` - use `somevalue` as the value for `MY_SECRET`.
- `act -s MY_SECRET` - check for an environment variable named `MY_SECRET` and use it if it exists. If the environment variable is not defined, prompt the user for a value.
- `act --secret-file my.secrets` - load secrets values from `my.secrets` file.
-  - secrets file format is the same as `.env` format
-
-# Vars
-
-To run `act` with repository variables that are acessible inside the workflow via ${{ vars.VARIABLE }}, you can enter them interactively or load them from a file. The following options are available for providing github repository variables:
-
- `act --var VARIABLE=somevalue` - use `somevalue` as the value for `VARIABLE`.
- `act --var-file my.variables` - load variables values from `my.variables` file.
-  - variables file format is the same as `.env` format
-
-# Configuration
-
-You can provide default configuration flags to `act` by either creating a `./.actrc` or a `~/.actrc` file. Any flags in the files will be applied before any flags provided directly on the command line. For example, a file like below will always use the `nektos/act-environments-ubuntu:18.04` image for the `ubuntu-latest` runner:
-
-```sh
-# sample .actrc file
-P ubuntu-latest=nektos/act-environments-ubuntu:18.04
-```
-
-Additionally, act supports loading environment variables from an `.env` file. The default is to look in the working directory for the file but can be overridden by:
-
-```sh
-act --env-file my.env
-```
-
-`.env`:
-
-```env
-MY_ENV_VAR=MY_ENV_VAR_VALUE
-MY_2ND_ENV_VAR="my 2nd env var value"
-```
-
-# Skipping jobs
-
-You cannot use the `env` context in job level if conditions, but you can add a custom event property to the `github` context. You can use this method also on step level if conditions.
-
-```yml
-on: push
-jobs:
-  deploy:
-    if: ${{ !github.event.act }} # skip during local actions testing
-    runs-on: ubuntu-latest
-    steps:
-    - run: exit 0
-```
-
-And use this `event.json` file with act otherwise the Job will run:
-
-```json
-{
-    "act": true
-}
-```
-
-Run act like
-
-```sh
-act -e event.json
-```
-
-_Hint: you can add / append `-e event.json` as a line into `./.actrc`_
-
-# Skipping steps
-
-Act adds a special environment variable `ACT` that can be used to skip a step that you
-don't want to run locally. E.g. a step that posts a Slack message or bumps a version number.
-**You cannot use this method in job level if conditions, see [Skipping jobs](#skipping-jobs)**
-
-```yml
- name: Some step
-  if: ${{ !env.ACT }}
-  run: |
-    ...
-```
-
-# Events
-
-Every [GitHub event](https://developer.github.com/v3/activity/events/types) is accompanied by a payload. You can provide these events in JSON format with the `--eventpath` to simulate specific GitHub events kicking off an action. For example:
-
-```json
-{
-  "pull_request": {
-    "head": {
-      "ref": "sample-head-ref"
-    },
-    "base": {
-      "ref": "sample-base-ref"
-    }
-  }
-}
-```
-
-```sh
-act pull_request -e pull-request.json
-```
-
-Act will properly provide `github.head_ref` and `github.base_ref` to the action as expected.
-
-# Pass Inputs to Manually Triggered Workflows
-
-Example workflow file
-
-```yaml
-on:
-  workflow_dispatch:
-    inputs:
-      NAME:
-        description: "A random input name for the workflow"
-        type: string
-      SOME_VALUE:
-        description: "Some other input to pass"
-        type: string
-
-jobs:
-  test:
-    name: Test
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Test with inputs
-        run: |
-          echo "Hello ${{ github.event.inputs.NAME }} and ${{ github.event.inputs.SOME_VALUE }}!"
-```
-
-## via input or input-file flag
-
- `act --input NAME=somevalue` - use `somevalue` as the value for `NAME` input.
- `act --input-file my.input` - load input values from `my.input` file.
-  - input file format is the same as `.env` format
-
-## via JSON
-
-Example JSON payload file conveniently named `payload.json`
-
-```json
-{
-  "inputs": {
-    "NAME": "Manual Workflow",
-    "SOME_VALUE": "ABC"
-  }
-}
-```
-
-Command for triggering the workflow
-
-```sh
-act workflow_dispatch -e payload.json
-```
-
-# GitHub Enterprise
-
-Act supports using and authenticating against private GitHub Enterprise servers.
-To use your custom GHE server, set the CLI flag `--github-instance` to your hostname (e.g. `github.company.com`).
-
-Please note that if your GHE server requires authentication, we will use the secret provided via `GITHUB_TOKEN`.
-
-Please also see the [official documentation for GitHub actions on GHE](https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/about-using-actions-in-your-enterprise) for more information on how to use actions.
-
 # Support

 Need help? Ask on [Gitter](https://gitter.im/nektos/act)!
--- a/2
+++ b/2
@ -1 +1 @@
-0.2.57
+0.2.60
--- a/cmd/input.go
+++ b/cmd/input.go
@ -55,8 +55,11 @@ type Input struct {
 	replaceGheActionTokenWithGithubCom string
 	matrix                             []string
 	actionCachePath                    string
+	actionOfflineMode                  bool
 	logPrefixJobID                     bool
 	networkName                        string
+	useNewActionCache                  bool
+	localRepository                    []string
 }

 func (i *Input) resolve(path string) string {
--- a/cmd/root.go
+++ b/cmd/root.go
@ -32,7 +32,7 @@ import (
 // Execute is the entry point to running the CLI
 func Execute(ctx context.Context, version string) {
 	input := new(Input)
-	var rootCmd = &cobra.Command{
+	rootCmd := &cobra.Command{
 		Use:               "act [event name to run] [flags]\n\nIf no event name passed, will default to \"on: push\"\nIf actions handles only one event it will be used as default instead of \"on: push\"",
 		Short:             "Run GitHub actions locally by specifying the event name (e.g. `push`) or an action name directly.",
 		Args:              cobra.MaximumNArgs(1),
@ -97,7 +97,10 @@ func Execute(ctx context.Context, version string) {
 	rootCmd.PersistentFlags().StringVarP(&input.cacheServerAddr, "cache-server-addr", "", common.GetOutboundIP().String(), "Defines the address to which the cache server binds.")
 	rootCmd.PersistentFlags().Uint16VarP(&input.cacheServerPort, "cache-server-port", "", 0, "Defines the port where the artifact server listens. 0 means a randomly available port.")
 	rootCmd.PersistentFlags().StringVarP(&input.actionCachePath, "action-cache-path", "", filepath.Join(CacheHomeDir, "act"), "Defines the path where the actions get cached and host workspaces created.")
+	rootCmd.PersistentFlags().BoolVarP(&input.actionOfflineMode, "action-offline-mode", "", false, "If action contents exists, it will not be fetch and pull again. If turn on this,will turn off force pull")
 	rootCmd.PersistentFlags().StringVarP(&input.networkName, "network", "", "host", "Sets a docker network name. Defaults to host.")
+	rootCmd.PersistentFlags().BoolVarP(&input.useNewActionCache, "use-new-action-cache", "", false, "Enable using the new Action Cache for storing Actions locally")
+	rootCmd.PersistentFlags().StringArrayVarP(&input.localRepository, "local-repository", "", []string{}, "Replaces the specified repository and ref with a local folder (e.g. https://github.com/test/test@v0=/home/act/test or test/test@v0=/home/act/test, the latter matches any hosts or protocols)")
 	rootCmd.SetArgs(args())

 	if err := rootCmd.Execute(); err != nil {
@ -105,51 +108,22 @@ func Execute(ctx context.Context, version string) {
 	}
 }

+// Return locations where Act's config can be found in order: XDG spec, .actrc in HOME directory, .actrc in invocation directory
 func configLocations() []string {
 	configFileName := ".actrc"

-	// reference: https://specifications.freedesktop.org/basedir-spec/latest/ar01s03.html
-	var actrcXdg string
-	for _, fileName := range []string{"act/actrc", configFileName} {
-		if foundConfig, err := xdg.SearchConfigFile(fileName); foundConfig != "" && err == nil {
-			actrcXdg = foundConfig
-			break
-		}
+	homePath := filepath.Join(UserHomeDir, configFileName)
+	invocationPath := filepath.Join(".", configFileName)
+
+	// Though named xdg, adrg's lib support macOS and Windows config paths as well
+	// It also takes cares of creating the parent folder so we don't need to bother later
+	specPath, err := xdg.ConfigFile("act/actrc")
+	if err != nil {
+		specPath = homePath
 	}

-	return []string{
-		filepath.Join(UserHomeDir, configFileName),
-		actrcXdg,
-		filepath.Join(".", configFileName),
-	}
-}
-
-var commonSocketPaths = []string{
-	"/var/run/docker.sock",
-	"/run/podman/podman.sock",
-	"$HOME/.colima/docker.sock",
-	"$XDG_RUNTIME_DIR/docker.sock",
-	"$XDG_RUNTIME_DIR/podman/podman.sock",
-	`\\.\pipe\docker_engine`,
-	"$HOME/.docker/run/docker.sock",
-}
-
-// returns socket path or false if not found any
-func socketLocation() (string, bool) {
-	if dockerHost, exists := os.LookupEnv("DOCKER_HOST"); exists {
-		return dockerHost, true
-	}
-
-	for _, p := range commonSocketPaths {
-		if _, err := os.Lstat(os.ExpandEnv(p)); err == nil {
-			if strings.HasPrefix(p, `\\.\`) {
-				return "npipe://" + filepath.ToSlash(os.ExpandEnv(p)), true
-			}
-			return "unix://" + filepath.ToSlash(os.ExpandEnv(p)), true
-		}
-	}
-
-	return "", false
+	// This order should be enforced since the survey part relies on it
+	return []string{specPath, homePath, invocationPath}
 }

 func args() []string {
@ -184,7 +158,7 @@ func bugReport(ctx context.Context, version string) error {

 	report += sprintf("Docker host:", dockerHost)
 	report += fmt.Sprintln("Sockets found:")
-	for _, p := range commonSocketPaths {
+	for _, p := range container.CommonSocketLocations {
 		if _, err := os.Lstat(os.ExpandEnv(p)); err != nil {
 			continue
 		} else if _, err := os.Stat(os.ExpandEnv(p)); err != nil {
@ -294,19 +268,17 @@ func cleanup(inputs *Input) func(*cobra.Command, []string) {
 	}
 }

-func parseEnvs(env []string, envs map[string]string) bool {
-	if env != nil {
-		for _, envVar := range env {
-			e := strings.SplitN(envVar, `=`, 2)
-			if len(e) == 2 {
-				envs[e[0]] = e[1]
-			} else {
-				envs[e[0]] = ""
-			}
+func parseEnvs(env []string) map[string]string {
+	envs := make(map[string]string, len(env))
+	for _, envVar := range env {
+		e := strings.SplitN(envVar, `=`, 2)
+		if len(e) == 2 {
+			envs[e[0]] = e[1]
+		} else {
+			envs[e[0]] = ""
 		}
-		return true
 	}
-	return false
+	return envs
 }

 func readYamlFile(file string) (map[string]string, error) {
@ -357,18 +329,6 @@ func parseMatrix(matrix []string) map[string]map[string]bool {
 	return matrixes
 }

-func isDockerHostURI(daemonPath string) bool {
-	if protoIndex := strings.Index(daemonPath, "://"); protoIndex != -1 {
-		scheme := daemonPath[:protoIndex]
-		if strings.IndexFunc(scheme, func(r rune) bool {
-			return (r < 'a' || r > 'z') && (r < 'A' || r > 'Z')
-		}) == -1 {
-			return true
-		}
-	}
-	return false
-}
-
 //nolint:gocyclo
 func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []string) error {
 	return func(cmd *cobra.Command, args []string) error {
@ -379,27 +339,12 @@ func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []str
 		if ok, _ := cmd.Flags().GetBool("bug-report"); ok {
 			return bugReport(ctx, cmd.Version)
 		}
-
-		// Prefer DOCKER_HOST, don't override it
-		socketPath, hasDockerHost := os.LookupEnv("DOCKER_HOST")
-		if !hasDockerHost {
-			// a - in containerDaemonSocket means don't mount, preserve this value
-			// otherwise if input.containerDaemonSocket is a filepath don't use it as socketPath
-			skipMount := input.containerDaemonSocket == "-" || !isDockerHostURI(input.containerDaemonSocket)
-			if input.containerDaemonSocket != "" && !skipMount {
-				socketPath = input.containerDaemonSocket
-			} else {
-				socket, found := socketLocation()
-				if !found {
-					log.Errorln("daemon Docker Engine socket not found and containerDaemonSocket option was not set")
-				} else {
-					socketPath = socket
-				}
-				if !skipMount {
-					input.containerDaemonSocket = socketPath
-				}
-			}
-			os.Setenv("DOCKER_HOST", socketPath)
+		if ret, err := container.GetSocketAndHost(input.containerDaemonSocket); err != nil {
+			log.Warnf("Couldn't get a valid docker connection: %+v", err)
+		} else {
+			os.Setenv("DOCKER_HOST", ret.Host)
+			input.containerDaemonSocket = ret.Socket
+			log.Infof("Using docker host '%s', and daemon socket '%s'", ret.Host, ret.Socket)
 		}

 		if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" && input.containerArchitecture == "" {
@ -412,13 +357,11 @@ func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []str
 		}

 		log.Debugf("Loading environment from %s", input.Envfile())
-		envs := make(map[string]string)
-		_ = parseEnvs(input.envs, envs)
+		envs := parseEnvs(input.envs)
 		_ = readEnvs(input.Envfile(), envs)

 		log.Debugf("Loading action inputs from %s", input.Inputfile())
-		inputs := make(map[string]string)
-		_ = parseEnvs(input.inputs, inputs)
+		inputs := parseEnvs(input.inputs)
 		_ = readEnvs(input.Inputfile(), inputs)

 		log.Debugf("Loading secrets from %s", input.Secretfile())
@ -555,6 +498,7 @@ func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []str
 				}
 			}
 			if !cfgFound && len(cfgLocations) > 0 {
+				// The first config location refers to the global config folder one
 				if err := defaultImageSurvey(cfgLocations[0]); err != nil {
 					log.Fatal(err)
 				}
@ -581,11 +525,12 @@ func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []str
 			EventName:                          eventName,
 			EventPath:                          input.EventPath(),
 			DefaultBranch:                      defaultbranch,
-			ForcePull:                          input.forcePull,
+			ForcePull:                          !input.actionOfflineMode && input.forcePull,
 			ForceRebuild:                       input.forceRebuild,
 			ReuseContainers:                    input.reuseContainers,
 			Workdir:                            input.Workdir(),
 			ActionCacheDir:                     input.actionCachePath,
+			ActionOfflineMode:                  input.actionOfflineMode,
 			BindWorkdir:                        input.bindWorkdir,
 			LogOutput:                          !input.noOutput,
 			JSONLogger:                         input.jsonLogger,
@ -617,6 +562,31 @@ func newRunCommand(ctx context.Context, input *Input) func(*cobra.Command, []str
 			Matrix:                             matrixes,
 			ContainerNetworkMode:               docker_container.NetworkMode(input.networkName),
 		}
+		if input.useNewActionCache || len(input.localRepository) > 0 {
+			if input.actionOfflineMode {
+				config.ActionCache = &runner.GoGitActionCacheOfflineMode{
+					Parent: runner.GoGitActionCache{
+						Path: config.ActionCacheDir,
+					},
+				}
+			} else {
+				config.ActionCache = &runner.GoGitActionCache{
+					Path: config.ActionCacheDir,
+				}
+			}
+			if len(input.localRepository) > 0 {
+				localRepositories := map[string]string{}
+				for _, l := range input.localRepository {
+					k, v, _ := strings.Cut(l, "=")
+					localRepositories[k] = v
+				}
+				config.ActionCache = &runner.LocalRepositoryCache{
+					Parent:            config.ActionCache,
+					LocalRepositories: localRepositories,
+					CacheDirCache:     map[string]string{},
+				}
+			}
+		}
 		r, err := runner.New(config)
 		if err != nil {
 			return err
--- a/go.mod
+++ b/go.mod
@ -19,20 +19,20 @@ require (
 	github.com/julienschmidt/httprouter v1.3.0
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
 	github.com/mattn/go-isatty v0.0.20
-	github.com/moby/buildkit v0.12.4
+	github.com/moby/buildkit v0.12.5
 	github.com/moby/patternmatcher v0.6.0
-	github.com/opencontainers/image-spec v1.1.0-rc5
+	github.com/opencontainers/image-spec v1.1.0
 	github.com/opencontainers/selinux v1.11.0
 	github.com/pkg/errors v0.9.1
-	github.com/rhysd/actionlint v1.6.26
+	github.com/rhysd/actionlint v1.6.27
 	github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/pflag v1.0.5
-	github.com/stretchr/testify v1.8.4
+	github.com/stretchr/testify v1.9.0
 	github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a
-	go.etcd.io/bbolt v1.3.8
-	golang.org/x/term v0.15.0
+	go.etcd.io/bbolt v1.3.9
+	golang.org/x/term v0.18.0
 	gopkg.in/yaml.v3 v3.0.1
 	gotest.tools/v3 v3.5.1
 )
@ -41,15 +41,15 @@ require (
 	dario.cat/mergo v1.0.0 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
-	github.com/cloudflare/circl v1.3.3 // indirect
-	github.com/containerd/containerd v1.7.11 // indirect
+	github.com/cloudflare/circl v1.3.7 // indirect
+	github.com/containerd/containerd v1.7.2 // indirect
 	github.com/cyphar/filepath-securejoin v0.2.4 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/distribution/reference v0.5.0 // indirect
 	github.com/docker/docker-credential-helpers v0.7.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
-	github.com/fatih/color v1.15.0 // indirect
+	github.com/fatih/color v1.16.0 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
@ -66,14 +66,14 @@ require (
 	github.com/moby/sys/sequential v0.5.0 // indirect
 	github.com/moby/term v0.0.0-20200312100748-672ec06f55cd // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/runc v1.1.7 // indirect
+	github.com/opencontainers/runc v1.1.12 // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/robfig/cron/v3 v3.0.1 // indirect
 	github.com/sergi/go-diff v1.2.0 // indirect
 	github.com/skeema/knownhosts v1.2.1 // indirect
-	github.com/stretchr/objx v0.5.0 // indirect
+	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
@ -81,8 +81,8 @@ require (
 	golang.org/x/crypto v0.17.0 // indirect
 	golang.org/x/mod v0.12.0 // indirect
 	golang.org/x/net v0.19.0 // indirect
-	golang.org/x/sync v0.3.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/tools v0.13.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
--- a/go.sum
+++ b/go.sum
@ -1,6 +1,6 @@
 dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
 dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
-github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 h1:EKPd1INOIyr5hWOWhvpmQpY6tKjeG0hT1s3AMC/9fic=
 github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
 github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
@ -10,7 +10,7 @@ github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF0
 github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
 github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
 github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
-github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8=
+github.com/Microsoft/hcsshim v0.10.0-rc.8 h1:YSZVvlIIDD1UxQpJp0h+dnpLUw+TrY0cx8obKsp3bek=
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
 github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg=
@ -22,10 +22,11 @@ github.com/andreaskoch/go-fswatch v1.0.0/go.mod h1:r5/iV+4jfwoY2sYqBkg8vpF04ehOv
 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
 github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
-github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs=
 github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
-github.com/containerd/containerd v1.7.11 h1:lfGKw3eU35sjV0aG2eYZTiwFEY1pCzxdzicHP3SZILw=
-github.com/containerd/containerd v1.7.11/go.mod h1:5UluHxHTX2rdvYuZ5OJTC5m/KJNs0Zs9wVoJm9zf5ZE=
+github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU=
+github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA=
+github.com/containerd/containerd v1.7.2 h1:UF2gdONnxO8I6byZXDi5sXWiWvlW3D/sci7dTQimEJo=
+github.com/containerd/containerd v1.7.2/go.mod h1:afcz74+K10M/+cjGHIVQrCt3RAQhUSCAjJ9iMYhhkuI=
 github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/creack/pty v1.1.21 h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0=
@ -52,8 +53,8 @@ github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD
 github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
 github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
-github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
-github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
+github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
+github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
 github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
@ -111,8 +112,8 @@ github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1f
 github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
 github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE=
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
-github.com/moby/buildkit v0.12.4 h1:yKZDsObXLKarXqUx7YMnaB+TKv810bBhq0XLFWbkjT0=
-github.com/moby/buildkit v0.12.4/go.mod h1:XG74uz06nPWQpnxYwgCryrVidvor0+ElUxGosbZPQG4=
+github.com/moby/buildkit v0.12.5 h1:RNHH1l3HDhYyZafr5EgstEu8aGNCwyfvMtrQDtjH9T0=
+github.com/moby/buildkit v0.12.5/go.mod h1:YGwjA2loqyiYfZeEo8FtI7z4x5XponAaIWsWcSjWwso=
 github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
 github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
 github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc=
@ -123,10 +124,10 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
 github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
-github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI=
-github.com/opencontainers/image-spec v1.1.0-rc5/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8=
-github.com/opencontainers/runc v1.1.7 h1:y2EZDS8sNng4Ksf0GUYNhKbTShZJPJg1FiXJNH/uoCk=
-github.com/opencontainers/runc v1.1.7/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50=
+github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
+github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
+github.com/opencontainers/runc v1.1.12 h1:BOIssBaW1La0/qbNZHXOOa71dZfZEQOzW7dqQf3phss=
+github.com/opencontainers/runc v1.1.12/go.mod h1:S+lQwSfncpBha7XTy/5lBwWgm5+y5Ma/O44Ekby9FK8=
 github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU=
 github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec=
 github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4=
@ -136,11 +137,11 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rhysd/actionlint v1.6.26 h1:zi7jPZf3Ks14gCXYAAL47uBziyFlX7+Xwilqhexct9g=
-github.com/rhysd/actionlint v1.6.26/go.mod h1:TIj1DlCgtYLOv5CH9wCK+WJTOr1qAdnFzkGi0IgSCO4=
+github.com/rhysd/actionlint v1.6.27 h1:xxwe8YmveBcC8lydW6GoHMGmB6H/MTqUU60F2p10wjw=
+github.com/rhysd/actionlint v1.6.27/go.mod h1:m2nFUjAnOrxCMXuOMz9evYBRCLUsMnKY2IJl/N5umbk=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
-github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
 github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
 github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
@ -162,18 +163,15 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a h1:oIi7H/bwFUYKYhzKbHc+3MvHRWqhQwXVB4LweLMiVy0=
 github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a/go.mod h1:iSvujNDmpZ6eQX+bg/0X3lF7LEmZ8N77g2a/J/+Zt2U=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
@ -189,8 +187,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
-go.etcd.io/bbolt v1.3.8 h1:xs88BrvEv273UsB79e0hcVrlUWmS0a8upikMFhSyAtA=
-go.etcd.io/bbolt v1.3.8/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
+go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI=
+go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@ -224,8 +222,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
-golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
+golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
+golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@ -247,15 +245,15 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
-golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
--- a/pkg/artifactcache/handler.go
+++ b/pkg/artifactcache/handler.go
@ -9,6 +9,7 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"regexp"
 	"strconv"
 	"strings"
 	"sync/atomic"
@ -384,9 +385,14 @@ func (h *Handler) findCache(db *bolthold.Store, keys []string, version string) (
 	}
 	stop := fmt.Errorf("stop")

-	for _, prefix := range keys[1:] {
+	for _, prefix := range keys {
 		found := false
-		if err := db.ForEach(bolthold.Where("Key").Ge(prefix).And("Version").Eq(version).SortBy("Key"), func(v *Cache) error {
+		prefixPattern := fmt.Sprintf("^%s", regexp.QuoteMeta(prefix))
+		re, err := regexp.Compile(prefixPattern)
+		if err != nil {
+			continue
+		}
+		if err := db.ForEach(bolthold.Where("Key").RegExp(re).And("Version").Eq(version).SortBy("CreatedAt").Reverse(), func(v *Cache) error {
 			if !strings.HasPrefix(v.Key, prefix) {
 				return stop
 			}
--- a/pkg/common/git/git.go
+++ b/pkg/common/git/git.go
@ -221,10 +221,11 @@ func findGitSlug(url string, githubInstance string) (string, string, error) {

 // NewGitCloneExecutorInput the input for the NewGitCloneExecutor
 type NewGitCloneExecutorInput struct {
-	URL   string
-	Ref   string
-	Dir   string
-	Token string
+	URL         string
+	Ref         string
+	Dir         string
+	Token       string
+	OfflineMode bool
 }

 // CloneIfRequired ...
@ -302,12 +303,16 @@ func NewGitCloneExecutor(input NewGitCloneExecutorInput) common.Executor {
 			return err
 		}

+		isOfflineMode := input.OfflineMode
+
 		// fetch latest changes
 		fetchOptions, pullOptions := gitOptions(input.Token)

-		err = r.Fetch(&fetchOptions)
-		if err != nil && !errors.Is(err, git.NoErrAlreadyUpToDate) {
-			return err
+		if !isOfflineMode {
+			err = r.Fetch(&fetchOptions)
+			if err != nil && !errors.Is(err, git.NoErrAlreadyUpToDate) {
+				return err
+			}
 		}

 		var hash *plumbing.Hash
@ -367,9 +372,10 @@ func NewGitCloneExecutor(input NewGitCloneExecutorInput) common.Executor {
 				return err
 			}
 		}
-
-		if err = w.Pull(&pullOptions); err != nil && err != git.NoErrAlreadyUpToDate {
-			logger.Debugf("Unable to pull %s: %v", refName, err)
+		if !isOfflineMode {
+			if err = w.Pull(&pullOptions); err != nil && err != git.NoErrAlreadyUpToDate {
+				logger.Debugf("Unable to pull %s: %v", refName, err)
+			}
 		}
 		logger.Debugf("Cloned %s to %s", input.URL, input.Dir)

--- a/pkg/container/docker_auth.go
+++ b/pkg/container/docker_auth.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_build.go
+++ b/pkg/container/docker_build.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_cli.go
+++ b/pkg/container/docker_cli.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 // This file is exact copy of https://github.com/docker/cli/blob/9ac8584acfd501c3f4da0e845e3a40ed15c85041/cli/command/container/opts.go
 // appended with license information.
--- a/pkg/container/docker_images.go
+++ b/pkg/container/docker_images.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_logger.go
+++ b/pkg/container/docker_logger.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_network.go
+++ b/pkg/container/docker_network.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_pull.go
+++ b/pkg/container/docker_pull.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/docker_run.go
+++ b/pkg/container/docker_run.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

@ -35,6 +35,7 @@ import (
 	"golang.org/x/term"

 	"github.com/nektos/act/pkg/common"
+	"github.com/nektos/act/pkg/filecollector"
 )

 // NewContainer creates a reference to a container
@ -238,8 +239,10 @@ func RunnerArch(ctx context.Context) string {

 	archMapper := map[string]string{
 		"x86_64":  "X64",
+		"amd64":   "X64",
 		"386":     "X86",
 		"aarch64": "ARM64",
+		"arm64":   "ARM64",
 	}
 	if arch, ok := archMapper[info.Architecture]; ok {
 		return arch
@ -671,10 +674,28 @@ func (cr *containerReference) waitForCommand(ctx context.Context, isTerminal boo
 }

 func (cr *containerReference) CopyTarStream(ctx context.Context, destPath string, tarStream io.Reader) error {
-	err := cr.cli.CopyToContainer(ctx, cr.id, destPath, tarStream, types.CopyToContainerOptions{})
+	// Mkdir
+	buf := &bytes.Buffer{}
+	tw := tar.NewWriter(buf)
+	_ = tw.WriteHeader(&tar.Header{
+		Name:     destPath,
+		Mode:     0o777,
+		Typeflag: tar.TypeDir,
+	})
+	tw.Close()
+	err := cr.cli.CopyToContainer(ctx, cr.id, "/", buf, types.CopyToContainerOptions{})
+	if err != nil {
+		return fmt.Errorf("failed to mkdir to copy content to container: %w", err)
+	}
+	// Copy Content
+	err = cr.cli.CopyToContainer(ctx, cr.id, destPath, tarStream, types.CopyToContainerOptions{})
 	if err != nil {
 		return fmt.Errorf("failed to copy content to container: %w", err)
 	}
+	// If this fails, then folders have wrong permissions on non root container
+	if cr.UID != 0 || cr.GID != 0 {
+		_ = cr.Exec([]string{"chown", "-R", fmt.Sprintf("%d:%d", cr.UID, cr.GID), destPath}, nil, "0", "")(ctx)
+	}
 	return nil
 }

@ -715,12 +736,12 @@ func (cr *containerReference) copyDir(dstPath string, srcPath string, useGitIgno
 			ignorer = gitignore.NewMatcher(ps)
 		}

-		fc := &fileCollector{
-			Fs:        &defaultFs{},
+		fc := &filecollector.FileCollector{
+			Fs:        &filecollector.DefaultFs{},
 			Ignorer:   ignorer,
 			SrcPath:   srcPath,
 			SrcPrefix: srcPrefix,
-			Handler: &tarCollector{
+			Handler: &filecollector.TarCollector{
 				TarWriter: tw,
 				UID:       cr.UID,
 				GID:       cr.GID,
@ -728,7 +749,7 @@ func (cr *containerReference) copyDir(dstPath string, srcPath string, useGitIgno
 			},
 		}

-		err = filepath.Walk(srcPath, fc.collectFiles(ctx, []string{}))
+		err = filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
 		if err != nil {
 			return err
 		}
--- a/pkg/container/docker_run_test.go
+++ b/pkg/container/docker_run_test.go
@ -2,7 +2,9 @@ package container

 import (
 	"bufio"
+	"bytes"
 	"context"
+	"fmt"
 	"io"
 	"net"
 	"strings"
@ -75,6 +77,11 @@ func (m *mockDockerClient) ContainerExecInspect(ctx context.Context, execID stri
 	return args.Get(0).(types.ContainerExecInspect), args.Error(1)
 }

+func (m *mockDockerClient) CopyToContainer(ctx context.Context, id string, path string, content io.Reader, options types.CopyToContainerOptions) error {
+	args := m.Called(ctx, id, path, content, options)
+	return args.Error(0)
+}
+
 type endlessReader struct {
 	io.Reader
 }
@ -165,5 +172,77 @@ func TestDockerExecFailure(t *testing.T) {
 	client.AssertExpectations(t)
 }

+func TestDockerCopyTarStream(t *testing.T) {
+	ctx := context.Background()
+
+	conn := &mockConn{}
+
+	client := &mockDockerClient{}
+	client.On("CopyToContainer", ctx, "123", "/", mock.Anything, mock.AnythingOfType("types.CopyToContainerOptions")).Return(nil)
+	client.On("CopyToContainer", ctx, "123", "/var/run/act", mock.Anything, mock.AnythingOfType("types.CopyToContainerOptions")).Return(nil)
+	cr := &containerReference{
+		id:  "123",
+		cli: client,
+		input: &NewContainerInput{
+			Image: "image",
+		},
+	}
+
+	_ = cr.CopyTarStream(ctx, "/var/run/act", &bytes.Buffer{})
+
+	conn.AssertExpectations(t)
+	client.AssertExpectations(t)
+}
+
+func TestDockerCopyTarStreamErrorInCopyFiles(t *testing.T) {
+	ctx := context.Background()
+
+	conn := &mockConn{}
+
+	merr := fmt.Errorf("Failure")
+
+	client := &mockDockerClient{}
+	client.On("CopyToContainer", ctx, "123", "/", mock.Anything, mock.AnythingOfType("types.CopyToContainerOptions")).Return(merr)
+	client.On("CopyToContainer", ctx, "123", "/", mock.Anything, mock.AnythingOfType("types.CopyToContainerOptions")).Return(merr)
+	cr := &containerReference{
+		id:  "123",
+		cli: client,
+		input: &NewContainerInput{
+			Image: "image",
+		},
+	}
+
+	err := cr.CopyTarStream(ctx, "/var/run/act", &bytes.Buffer{})
+	assert.ErrorIs(t, err, merr)
+
+	conn.AssertExpectations(t)
+	client.AssertExpectations(t)
+}
+
+func TestDockerCopyTarStreamErrorInMkdir(t *testing.T) {
+	ctx := context.Background()
+
+	conn := &mockConn{}
+
+	merr := fmt.Errorf("Failure")
+
+	client := &mockDockerClient{}
+	client.On("CopyToContainer", ctx, "123", "/", mock.Anything, mock.AnythingOfType("types.CopyToContainerOptions")).Return(nil)
+	client.On("CopyToContainer", ctx, "123", "/var/run/act", mock.Anything, mock.AnythingOfType("types.CopyToContainerOptions")).Return(merr)
+	cr := &containerReference{
+		id:  "123",
+		cli: client,
+		input: &NewContainerInput{
+			Image: "image",
+		},
+	}
+
+	err := cr.CopyTarStream(ctx, "/var/run/act", &bytes.Buffer{})
+	assert.ErrorIs(t, err, merr)
+
+	conn.AssertExpectations(t)
+	client.AssertExpectations(t)
+}
+
 // Type assert containerReference implements ExecutionsEnvironment
 var _ ExecutionsEnvironment = &containerReference{}
--- a/pkg/container/docker_socket.go
+++ b/pkg/container/docker_socket.go
@ -0,0 +1,134 @@
+package container
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+)
+
+var CommonSocketLocations = []string{
+	"/var/run/docker.sock",
+	"/run/podman/podman.sock",
+	"$HOME/.colima/docker.sock",
+	"$XDG_RUNTIME_DIR/docker.sock",
+	"$XDG_RUNTIME_DIR/podman/podman.sock",
+	`\\.\pipe\docker_engine`,
+	"$HOME/.docker/run/docker.sock",
+}
+
+// returns socket URI or false if not found any
+func socketLocation() (string, bool) {
+	if dockerHost, exists := os.LookupEnv("DOCKER_HOST"); exists {
+		return dockerHost, true
+	}
+
+	for _, p := range CommonSocketLocations {
+		if _, err := os.Lstat(os.ExpandEnv(p)); err == nil {
+			if strings.HasPrefix(p, `\\.\`) {
+				return "npipe://" + filepath.ToSlash(os.ExpandEnv(p)), true
+			}
+			return "unix://" + filepath.ToSlash(os.ExpandEnv(p)), true
+		}
+	}
+
+	return "", false
+}
+
+// This function, `isDockerHostURI`, takes a string argument `daemonPath`. It checks if the
+// `daemonPath` is a valid Docker host URI. It does this by checking if the scheme of the URI (the
+// part before "://") contains only alphabetic characters. If it does, the function returns true,
+// indicating that the `daemonPath` is a Docker host URI. If it doesn't, or if the "://" delimiter
+// is not found in the `daemonPath`, the function returns false.
+func isDockerHostURI(daemonPath string) bool {
+	if protoIndex := strings.Index(daemonPath, "://"); protoIndex != -1 {
+		scheme := daemonPath[:protoIndex]
+		if strings.IndexFunc(scheme, func(r rune) bool {
+			return (r < 'a' || r > 'z') && (r < 'A' || r > 'Z')
+		}) == -1 {
+			return true
+		}
+	}
+	return false
+}
+
+type SocketAndHost struct {
+	Socket string
+	Host   string
+}
+
+func GetSocketAndHost(containerSocket string) (SocketAndHost, error) {
+	log.Debugf("Handling container host and socket")
+
+	// Prefer DOCKER_HOST, don't override it
+	dockerHost, hasDockerHost := socketLocation()
+	socketHost := SocketAndHost{Socket: containerSocket, Host: dockerHost}
+
+	// ** socketHost.Socket cases **
+	// Case 1: User does _not_ want to mount a daemon socket (passes a dash)
+	// Case 2: User passes a filepath to the socket; is that even valid?
+	// Case 3: User passes a valid socket; do nothing
+	// Case 4: User omitted the flag; set a sane default
+
+	// ** DOCKER_HOST cases **
+	// Case A: DOCKER_HOST is set; use it, i.e. do nothing
+	// Case B: DOCKER_HOST is empty; use sane defaults
+
+	// Set host for sanity's sake, when the socket isn't useful
+	if !hasDockerHost && (socketHost.Socket == "-" || !isDockerHostURI(socketHost.Socket) || socketHost.Socket == "") {
+		// Cases: 1B, 2B, 4B
+		socket, found := socketLocation()
+		socketHost.Host = socket
+		hasDockerHost = found
+	}
+
+	// A - (dash) in socketHost.Socket means don't mount, preserve this value
+	// otherwise if socketHost.Socket is a filepath don't use it as socket
+	// Exit early if we're in an invalid state (e.g. when no DOCKER_HOST and user supplied "-", a dash or omitted)
+	if !hasDockerHost && socketHost.Socket != "" && !isDockerHostURI(socketHost.Socket) {
+		// Cases: 1B, 2B
+		// Should we early-exit here, since there is no host nor socket to talk to?
+		return SocketAndHost{}, fmt.Errorf("DOCKER_HOST was not set, couldn't be found in the usual locations, and the container daemon socket ('%s') is invalid", socketHost.Socket)
+	}
+
+	// Default to DOCKER_HOST if set
+	if socketHost.Socket == "" && hasDockerHost {
+		// Cases: 4A
+		log.Debugf("Defaulting container socket to DOCKER_HOST")
+		socketHost.Socket = socketHost.Host
+	}
+	// Set sane default socket location if user omitted it
+	if socketHost.Socket == "" {
+		// Cases: 4B
+		socket, _ := socketLocation()
+		// socket is empty if it isn't found, so assignment here is at worst a no-op
+		log.Debugf("Defaulting container socket to default '%s'", socket)
+		socketHost.Socket = socket
+	}
+
+	// Exit if both the DOCKER_HOST and socket are fulfilled
+	if hasDockerHost {
+		// Cases: 1A, 2A, 3A, 4A
+		if !isDockerHostURI(socketHost.Socket) {
+			// Cases: 1A, 2A
+			log.Debugf("DOCKER_HOST is set, but socket is invalid '%s'", socketHost.Socket)
+		}
+		return socketHost, nil
+	}
+
+	// Set a sane DOCKER_HOST default if we can
+	if isDockerHostURI(socketHost.Socket) {
+		// Cases: 3B
+		log.Debugf("Setting DOCKER_HOST to container socket '%s'", socketHost.Socket)
+		socketHost.Host = socketHost.Socket
+		// Both DOCKER_HOST and container socket are valid; short-circuit exit
+		return socketHost, nil
+	}
+
+	// Here there is no DOCKER_HOST _and_ the supplied container socket is not a valid URI (either invalid or a file path)
+	// Cases: 2B <- but is already handled at the top
+	// I.e. this path should never be taken
+	return SocketAndHost{}, fmt.Errorf("no DOCKER_HOST and an invalid container socket '%s'", socketHost.Socket)
+}
--- a/pkg/container/docker_socket_test.go
+++ b/pkg/container/docker_socket_test.go
@ -0,0 +1,150 @@
+package container
+
+import (
+	"os"
+	"testing"
+
+	log "github.com/sirupsen/logrus"
+	assert "github.com/stretchr/testify/assert"
+)
+
+func init() {
+	log.SetLevel(log.DebugLevel)
+}
+
+var originalCommonSocketLocations = CommonSocketLocations
+
+func TestGetSocketAndHostWithSocket(t *testing.T) {
+	// Arrange
+	CommonSocketLocations = originalCommonSocketLocations
+	dockerHost := "unix:///my/docker/host.sock"
+	socketURI := "/path/to/my.socket"
+	os.Setenv("DOCKER_HOST", dockerHost)
+
+	// Act
+	ret, err := GetSocketAndHost(socketURI)
+
+	// Assert
+	assert.Nil(t, err)
+	assert.Equal(t, SocketAndHost{socketURI, dockerHost}, ret)
+}
+
+func TestGetSocketAndHostNoSocket(t *testing.T) {
+	// Arrange
+	dockerHost := "unix:///my/docker/host.sock"
+	os.Setenv("DOCKER_HOST", dockerHost)
+
+	// Act
+	ret, err := GetSocketAndHost("")
+
+	// Assert
+	assert.Nil(t, err)
+	assert.Equal(t, SocketAndHost{dockerHost, dockerHost}, ret)
+}
+
+func TestGetSocketAndHostOnlySocket(t *testing.T) {
+	// Arrange
+	socketURI := "/path/to/my.socket"
+	os.Unsetenv("DOCKER_HOST")
+	CommonSocketLocations = originalCommonSocketLocations
+	defaultSocket, defaultSocketFound := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost(socketURI)
+
+	// Assert
+	assert.NoError(t, err, "Expected no error from GetSocketAndHost")
+	assert.Equal(t, true, defaultSocketFound, "Expected to find default socket")
+	assert.Equal(t, socketURI, ret.Socket, "Expected socket to match common location")
+	assert.Equal(t, defaultSocket, ret.Host, "Expected ret.Host to match default socket location")
+}
+
+func TestGetSocketAndHostDontMount(t *testing.T) {
+	// Arrange
+	CommonSocketLocations = originalCommonSocketLocations
+	dockerHost := "unix:///my/docker/host.sock"
+	os.Setenv("DOCKER_HOST", dockerHost)
+
+	// Act
+	ret, err := GetSocketAndHost("-")
+
+	// Assert
+	assert.Nil(t, err)
+	assert.Equal(t, SocketAndHost{"-", dockerHost}, ret)
+}
+
+func TestGetSocketAndHostNoHostNoSocket(t *testing.T) {
+	// Arrange
+	CommonSocketLocations = originalCommonSocketLocations
+	os.Unsetenv("DOCKER_HOST")
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost("")
+
+	// Assert
+	assert.Equal(t, true, found, "Expected a default socket to be found")
+	assert.Nil(t, err, "Expected no error from GetSocketAndHost")
+	assert.Equal(t, SocketAndHost{defaultSocket, defaultSocket}, ret, "Expected to match default socket location")
+}
+
+// Catch
+// > Your code breaks setting DOCKER_HOST if shouldMount is false.
+// > This happens if neither DOCKER_HOST nor --container-daemon-socket has a value, but socketLocation() returns a URI
+func TestGetSocketAndHostNoHostNoSocketDefaultLocation(t *testing.T) {
+	// Arrange
+	mySocketFile, tmpErr := os.CreateTemp("", "act-*.sock")
+	mySocket := mySocketFile.Name()
+	unixSocket := "unix://" + mySocket
+	defer os.RemoveAll(mySocket)
+	assert.NoError(t, tmpErr)
+	os.Unsetenv("DOCKER_HOST")
+
+	CommonSocketLocations = []string{mySocket}
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost("")
+
+	// Assert
+	assert.Equal(t, unixSocket, defaultSocket, "Expected default socket to match common socket location")
+	assert.Equal(t, true, found, "Expected default socket to be found")
+	assert.Nil(t, err, "Expected no error from GetSocketAndHost")
+	assert.Equal(t, SocketAndHost{unixSocket, unixSocket}, ret, "Expected to match default socket location")
+}
+
+func TestGetSocketAndHostNoHostInvalidSocket(t *testing.T) {
+	// Arrange
+	os.Unsetenv("DOCKER_HOST")
+	mySocket := "/my/socket/path.sock"
+	CommonSocketLocations = []string{"/unusual", "/socket", "/location"}
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost(mySocket)
+
+	// Assert
+	assert.Equal(t, false, found, "Expected no default socket to be found")
+	assert.Equal(t, "", defaultSocket, "Expected no default socket to be found")
+	assert.Equal(t, SocketAndHost{}, ret, "Expected to match default socket location")
+	assert.Error(t, err, "Expected an error in invalid state")
+}
+
+func TestGetSocketAndHostOnlySocketValidButUnusualLocation(t *testing.T) {
+	// Arrange
+	socketURI := "unix:///path/to/my.socket"
+	CommonSocketLocations = []string{"/unusual", "/location"}
+	os.Unsetenv("DOCKER_HOST")
+	defaultSocket, found := socketLocation()
+
+	// Act
+	ret, err := GetSocketAndHost(socketURI)
+
+	// Assert
+	// Default socket locations
+	assert.Equal(t, "", defaultSocket, "Expect default socket location to be empty")
+	assert.Equal(t, false, found, "Expected no default socket to be found")
+	// Sane default
+	assert.Nil(t, err, "Expect no error from GetSocketAndHost")
+	assert.Equal(t, socketURI, ret.Host, "Expect host to default to unusual socket")
+}
--- a/pkg/container/docker_stub.go
+++ b/pkg/container/docker_stub.go
@ -1,4 +1,4 @@
-//go:build WITHOUT_DOCKER || !(linux || darwin || windows)
+//go:build WITHOUT_DOCKER || !(linux || darwin || windows || netbsd)

 package container

--- a/pkg/container/docker_volume.go
+++ b/pkg/container/docker_volume.go
@ -1,4 +1,4 @@
-//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows))
+//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))

 package container

--- a/pkg/container/host_environment.go
+++ b/pkg/container/host_environment.go
@ -21,6 +21,7 @@ import (
 	"golang.org/x/term"

 	"github.com/nektos/act/pkg/common"
+	"github.com/nektos/act/pkg/filecollector"
 	"github.com/nektos/act/pkg/lookpath"
 )

@ -65,7 +66,7 @@ func (e *HostEnvironment) CopyTarStream(ctx context.Context, destPath string, ta
 		return err
 	}
 	tr := tar.NewReader(tarStream)
-	cp := &copyCollector{
+	cp := &filecollector.CopyCollector{
 		DstDir: destPath,
 	}
 	for {
@ -104,16 +105,16 @@ func (e *HostEnvironment) CopyDir(destPath string, srcPath string, useGitIgnore

 			ignorer = gitignore.NewMatcher(ps)
 		}
-		fc := &fileCollector{
-			Fs:        &defaultFs{},
+		fc := &filecollector.FileCollector{
+			Fs:        &filecollector.DefaultFs{},
 			Ignorer:   ignorer,
 			SrcPath:   srcPath,
 			SrcPrefix: srcPrefix,
-			Handler: &copyCollector{
+			Handler: &filecollector.CopyCollector{
 				DstDir: destPath,
 			},
 		}
-		return filepath.Walk(srcPath, fc.collectFiles(ctx, []string{}))
+		return filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
 	}
 }

@ -126,21 +127,21 @@ func (e *HostEnvironment) GetContainerArchive(ctx context.Context, srcPath strin
 	if err != nil {
 		return nil, err
 	}
-	tc := &tarCollector{
+	tc := &filecollector.TarCollector{
 		TarWriter: tw,
 	}
 	if fi.IsDir() {
-		srcPrefix := filepath.Dir(srcPath)
+		srcPrefix := srcPath
 		if !strings.HasSuffix(srcPrefix, string(filepath.Separator)) {
 			srcPrefix += string(filepath.Separator)
 		}
-		fc := &fileCollector{
-			Fs:        &defaultFs{},
+		fc := &filecollector.FileCollector{
+			Fs:        &filecollector.DefaultFs{},
 			SrcPath:   srcPath,
 			SrcPrefix: srcPrefix,
 			Handler:   tc,
 		}
-		err = filepath.Walk(srcPath, fc.collectFiles(ctx, []string{}))
+		err = filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
 		if err != nil {
 			return nil, err
 		}
--- a/pkg/container/host_environment_test.go
+++ b/pkg/container/host_environment_test.go
@ -1,4 +1,71 @@
 package container

+import (
+	"archive/tar"
+	"context"
+	"io"
+	"os"
+	"path"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
 // Type assert HostEnvironment implements ExecutionsEnvironment
 var _ ExecutionsEnvironment = &HostEnvironment{}
+
+func TestCopyDir(t *testing.T) {
+	dir, err := os.MkdirTemp("", "test-host-env-*")
+	assert.NoError(t, err)
+	defer os.RemoveAll(dir)
+	ctx := context.Background()
+	e := &HostEnvironment{
+		Path:      filepath.Join(dir, "path"),
+		TmpDir:    filepath.Join(dir, "tmp"),
+		ToolCache: filepath.Join(dir, "tool_cache"),
+		ActPath:   filepath.Join(dir, "act_path"),
+		StdOut:    os.Stdout,
+		Workdir:   path.Join("testdata", "scratch"),
+	}
+	_ = os.MkdirAll(e.Path, 0700)
+	_ = os.MkdirAll(e.TmpDir, 0700)
+	_ = os.MkdirAll(e.ToolCache, 0700)
+	_ = os.MkdirAll(e.ActPath, 0700)
+	err = e.CopyDir(e.Workdir, e.Path, true)(ctx)
+	assert.NoError(t, err)
+}
+
+func TestGetContainerArchive(t *testing.T) {
+	dir, err := os.MkdirTemp("", "test-host-env-*")
+	assert.NoError(t, err)
+	defer os.RemoveAll(dir)
+	ctx := context.Background()
+	e := &HostEnvironment{
+		Path:      filepath.Join(dir, "path"),
+		TmpDir:    filepath.Join(dir, "tmp"),
+		ToolCache: filepath.Join(dir, "tool_cache"),
+		ActPath:   filepath.Join(dir, "act_path"),
+		StdOut:    os.Stdout,
+		Workdir:   path.Join("testdata", "scratch"),
+	}
+	_ = os.MkdirAll(e.Path, 0700)
+	_ = os.MkdirAll(e.TmpDir, 0700)
+	_ = os.MkdirAll(e.ToolCache, 0700)
+	_ = os.MkdirAll(e.ActPath, 0700)
+	expectedContent := []byte("sdde/7sh")
+	err = os.WriteFile(filepath.Join(e.Path, "action.yml"), expectedContent, 0600)
+	assert.NoError(t, err)
+	archive, err := e.GetContainerArchive(ctx, e.Path)
+	assert.NoError(t, err)
+	defer archive.Close()
+	reader := tar.NewReader(archive)
+	h, err := reader.Next()
+	assert.NoError(t, err)
+	assert.Equal(t, "action.yml", h.Name)
+	content, err := io.ReadAll(reader)
+	assert.NoError(t, err)
+	assert.Equal(t, expectedContent, content)
+	_, err = reader.Next()
+	assert.ErrorIs(t, err, io.EOF)
+}
--- a/pkg/container/testdata/scratch/test.txt
+++ b/pkg/container/testdata/scratch/test.txt
@ -0,0 +1 @@
+testfile
--- a/pkg/filecollector/file_collector.go
+++ b/pkg/filecollector/file_collector.go
@ -1,4 +1,4 @@
-package container
+package filecollector

 import (
 	"archive/tar"
@ -17,18 +17,18 @@ import (
 	"github.com/go-git/go-git/v5/plumbing/format/index"
 )

-type fileCollectorHandler interface {
+type Handler interface {
 	WriteFile(path string, fi fs.FileInfo, linkName string, f io.Reader) error
 }

-type tarCollector struct {
+type TarCollector struct {
 	TarWriter *tar.Writer
 	UID       int
 	GID       int
 	DstDir    string
 }

-func (tc tarCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string, f io.Reader) error {
+func (tc TarCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string, f io.Reader) error {
 	// create a new dir/file header
 	header, err := tar.FileInfoHeader(fi, linkName)
 	if err != nil {
@ -59,11 +59,11 @@ func (tc tarCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string,
 	return nil
 }

-type copyCollector struct {
+type CopyCollector struct {
 	DstDir string
 }

-func (cc *copyCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string, f io.Reader) error {
+func (cc *CopyCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string, f io.Reader) error {
 	fdestpath := filepath.Join(cc.DstDir, fpath)
 	if err := os.MkdirAll(filepath.Dir(fdestpath), 0o777); err != nil {
 		return err
@ -82,29 +82,29 @@ func (cc *copyCollector) WriteFile(fpath string, fi fs.FileInfo, linkName string
 	return nil
 }

-type fileCollector struct {
+type FileCollector struct {
 	Ignorer   gitignore.Matcher
 	SrcPath   string
 	SrcPrefix string
-	Fs        fileCollectorFs
-	Handler   fileCollectorHandler
+	Fs        Fs
+	Handler   Handler
 }

-type fileCollectorFs interface {
+type Fs interface {
 	Walk(root string, fn filepath.WalkFunc) error
 	OpenGitIndex(path string) (*index.Index, error)
 	Open(path string) (io.ReadCloser, error)
 	Readlink(path string) (string, error)
 }

-type defaultFs struct {
+type DefaultFs struct {
 }

-func (*defaultFs) Walk(root string, fn filepath.WalkFunc) error {
+func (*DefaultFs) Walk(root string, fn filepath.WalkFunc) error {
 	return filepath.Walk(root, fn)
 }

-func (*defaultFs) OpenGitIndex(path string) (*index.Index, error) {
+func (*DefaultFs) OpenGitIndex(path string) (*index.Index, error) {
 	r, err := git.PlainOpen(path)
 	if err != nil {
 		return nil, err
@ -116,16 +116,16 @@ func (*defaultFs) OpenGitIndex(path string) (*index.Index, error) {
 	return i, nil
 }

-func (*defaultFs) Open(path string) (io.ReadCloser, error) {
+func (*DefaultFs) Open(path string) (io.ReadCloser, error) {
 	return os.Open(path)
 }

-func (*defaultFs) Readlink(path string) (string, error) {
+func (*DefaultFs) Readlink(path string) (string, error) {
 	return os.Readlink(path)
 }

 //nolint:gocyclo
-func (fc *fileCollector) collectFiles(ctx context.Context, submodulePath []string) filepath.WalkFunc {
+func (fc *FileCollector) CollectFiles(ctx context.Context, submodulePath []string) filepath.WalkFunc {
 	i, _ := fc.Fs.OpenGitIndex(path.Join(fc.SrcPath, path.Join(submodulePath...)))
 	return func(file string, fi os.FileInfo, err error) error {
 		if err != nil {
@ -166,7 +166,7 @@ func (fc *fileCollector) collectFiles(ctx context.Context, submodulePath []strin
 			}
 		}
 		if err == nil && entry.Mode == filemode.Submodule {
-			err = fc.Fs.Walk(file, fc.collectFiles(ctx, split))
+			err = fc.Fs.Walk(file, fc.CollectFiles(ctx, split))
 			if err != nil {
 				return err
 			}
--- a/pkg/filecollector/file_collector_test.go
+++ b/pkg/filecollector/file_collector_test.go
@ -1,4 +1,4 @@
-package container
+package filecollector

 import (
 	"archive/tar"
@ -95,16 +95,16 @@ func TestIgnoredTrackedfile(t *testing.T) {
 	tw := tar.NewWriter(tmpTar)
 	ps, _ := gitignore.ReadPatterns(worktree, []string{})
 	ignorer := gitignore.NewMatcher(ps)
-	fc := &fileCollector{
+	fc := &FileCollector{
 		Fs:        &memoryFs{Filesystem: fs},
 		Ignorer:   ignorer,
 		SrcPath:   "mygitrepo",
 		SrcPrefix: "mygitrepo" + string(filepath.Separator),
-		Handler: &tarCollector{
+		Handler: &TarCollector{
 			TarWriter: tw,
 		},
 	}
-	err := fc.Fs.Walk("mygitrepo", fc.collectFiles(context.Background(), []string{}))
+	err := fc.Fs.Walk("mygitrepo", fc.CollectFiles(context.Background(), []string{}))
 	assert.NoError(t, err, "successfully collect files")
 	tw.Close()
 	_, _ = tmpTar.Seek(0, io.SeekStart)
@ -115,3 +115,58 @@ func TestIgnoredTrackedfile(t *testing.T) {
 	_, err = tr.Next()
 	assert.ErrorIs(t, err, io.EOF, "tar must only contain one element")
 }
+
+func TestSymlinks(t *testing.T) {
+	fs := memfs.New()
+	_ = fs.MkdirAll("mygitrepo/.git", 0o777)
+	dotgit, _ := fs.Chroot("mygitrepo/.git")
+	worktree, _ := fs.Chroot("mygitrepo")
+	repo, _ := git.Init(filesystem.NewStorage(dotgit, cache.NewObjectLRUDefault()), worktree)
+	// This file shouldn't be in the tar
+	f, err := worktree.Create(".env")
+	assert.NoError(t, err)
+	_, err = f.Write([]byte("test=val1\n"))
+	assert.NoError(t, err)
+	f.Close()
+	err = worktree.Symlink(".env", "test.env")
+	assert.NoError(t, err)
+
+	w, err := repo.Worktree()
+	assert.NoError(t, err)
+
+	// .gitignore is in the tar after adding it to the index
+	_, err = w.Add(".env")
+	assert.NoError(t, err)
+	_, err = w.Add("test.env")
+	assert.NoError(t, err)
+
+	tmpTar, _ := fs.Create("temp.tar")
+	tw := tar.NewWriter(tmpTar)
+	ps, _ := gitignore.ReadPatterns(worktree, []string{})
+	ignorer := gitignore.NewMatcher(ps)
+	fc := &FileCollector{
+		Fs:        &memoryFs{Filesystem: fs},
+		Ignorer:   ignorer,
+		SrcPath:   "mygitrepo",
+		SrcPrefix: "mygitrepo" + string(filepath.Separator),
+		Handler: &TarCollector{
+			TarWriter: tw,
+		},
+	}
+	err = fc.Fs.Walk("mygitrepo", fc.CollectFiles(context.Background(), []string{}))
+	assert.NoError(t, err, "successfully collect files")
+	tw.Close()
+	_, _ = tmpTar.Seek(0, io.SeekStart)
+	tr := tar.NewReader(tmpTar)
+	h, err := tr.Next()
+	files := map[string]tar.Header{}
+	for err == nil {
+		files[h.Name] = *h
+		h, err = tr.Next()
+	}
+
+	assert.Equal(t, ".env", files[".env"].Name)
+	assert.Equal(t, "test.env", files["test.env"].Name)
+	assert.Equal(t, ".env", files["test.env"].Linkname)
+	assert.ErrorIs(t, err, io.EOF, "tar must be read cleanly to EOF")
+}
--- a/pkg/model/github_context.go
+++ b/pkg/model/github_context.go
@ -168,7 +168,7 @@ func (ghc *GithubContext) SetRepositoryAndOwner(ctx context.Context, githubInsta
 	if ghc.Repository == "" {
 		repo, err := git.FindGithubRepo(ctx, repoPath, githubInstance, remoteName)
 		if err != nil {
-			common.Logger(ctx).Warningf("unable to get git repo: %v", err)
+			common.Logger(ctx).Warningf("unable to get git repo (githubInstance: %v; remoteName: %v, repoPath: %v): %v", githubInstance, remoteName, repoPath, err)
 			return
 		}
 		ghc.Repository = repo
--- a/pkg/model/planner.go
+++ b/pkg/model/planner.go
@ -148,12 +148,10 @@ func NewWorkflowPlanner(path string, noWorkflowRecurse bool) (WorkflowPlanner, e
 				workflow.Name = wf.workflowDirEntry.Name()
 			}

-			jobNameRegex := regexp.MustCompile(`^([[:alpha:]_][[:alnum:]_\-]*)$`)
-			for k := range workflow.Jobs {
-				if ok := jobNameRegex.MatchString(k); !ok {
-					_ = f.Close()
-					return nil, fmt.Errorf("workflow is not valid. '%s': Job name '%s' is invalid. Names must start with a letter or '_' and contain only alphanumeric characters, '-', or '_'", workflow.Name, k)
-				}
+			err = validateJobName(workflow)
+			if err != nil {
+				_ = f.Close()
+				return nil, err
 			}

 			wp.workflows = append(wp.workflows, workflow)
@ -164,6 +162,42 @@ func NewWorkflowPlanner(path string, noWorkflowRecurse bool) (WorkflowPlanner, e
 	return wp, nil
 }

+func NewSingleWorkflowPlanner(name string, f io.Reader) (WorkflowPlanner, error) {
+	wp := new(workflowPlanner)
+
+	log.Debugf("Reading workflow %s", name)
+	workflow, err := ReadWorkflow(f)
+	if err != nil {
+		if err == io.EOF {
+			return nil, fmt.Errorf("unable to read workflow '%s': file is empty: %w", name, err)
+		}
+		return nil, fmt.Errorf("workflow is not valid. '%s': %w", name, err)
+	}
+	workflow.File = name
+	if workflow.Name == "" {
+		workflow.Name = name
+	}
+
+	err = validateJobName(workflow)
+	if err != nil {
+		return nil, err
+	}
+
+	wp.workflows = append(wp.workflows, workflow)
+
+	return wp, nil
+}
+
+func validateJobName(workflow *Workflow) error {
+	jobNameRegex := regexp.MustCompile(`^([[:alpha:]_][[:alnum:]_\-]*)$`)
+	for k := range workflow.Jobs {
+		if ok := jobNameRegex.MatchString(k); !ok {
+			return fmt.Errorf("workflow is not valid. '%s': Job name '%s' is invalid. Names must start with a letter or '_' and contain only alphanumeric characters, '-', or '_'", workflow.Name, k)
+		}
+	}
+	return nil
+}
+
 type workflowPlanner struct {
 	workflows []*Workflow
 }
--- a/pkg/model/workflow.go
+++ b/pkg/model/workflow.go
@ -79,22 +79,40 @@ type WorkflowDispatch struct {
 }

 func (w *Workflow) WorkflowDispatchConfig() *WorkflowDispatch {
-	if w.RawOn.Kind != yaml.MappingNode {
+	switch w.RawOn.Kind {
+	case yaml.ScalarNode:
+		var val string
+		if !decodeNode(w.RawOn, &val) {
+			return nil
+		}
+		if val == "workflow_dispatch" {
+			return &WorkflowDispatch{}
+		}
+	case yaml.SequenceNode:
+		var val []string
+		if !decodeNode(w.RawOn, &val) {
+			return nil
+		}
+		for _, v := range val {
+			if v == "workflow_dispatch" {
+				return &WorkflowDispatch{}
+			}
+		}
+	case yaml.MappingNode:
+		var val map[string]yaml.Node
+		if !decodeNode(w.RawOn, &val) {
+			return nil
+		}
+
+		n, found := val["workflow_dispatch"]
+		var workflowDispatch WorkflowDispatch
+		if found && decodeNode(n, &workflowDispatch) {
+			return &workflowDispatch
+		}
+	default:
 		return nil
 	}
-
-	var val map[string]yaml.Node
-	if !decodeNode(w.RawOn, &val) {
-		return nil
-	}
-
-	var config WorkflowDispatch
-	node := val["workflow_dispatch"]
-	if !decodeNode(node, &config) {
-		return nil
-	}
-
-	return &config
+	return nil
 }

 type WorkflowCallInput struct {
@ -325,7 +343,7 @@ func environment(yml yaml.Node) map[string]string {
 	return env
 }

-// Environments returns string-based key=value map for a job
+// Environment returns string-based key=value map for a job
 func (j *Job) Environment() map[string]string {
 	return environment(j.Env)
 }
@ -560,7 +578,7 @@ func (s *Step) String() string {
 	return s.ID
 }

-// Environments returns string-based key=value map for a step
+// Environment returns string-based key=value map for a step
 func (s *Step) Environment() map[string]string {
 	return environment(s.Env)
 }
--- a/pkg/model/workflow_test.go
+++ b/pkg/model/workflow_test.go
@ -417,3 +417,107 @@ func TestStep_ShellCommand(t *testing.T) {
 		})
 	}
 }
+
+func TestReadWorkflow_WorkflowDispatchConfig(t *testing.T) {
+	yaml := `
+    name: local-action-docker-url
+    `
+	workflow, err := ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch := workflow.WorkflowDispatchConfig()
+	assert.Nil(t, workflowDispatch)
+
+	yaml = `
+    name: local-action-docker-url
+    on: push
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.Nil(t, workflowDispatch)
+
+	yaml = `
+    name: local-action-docker-url
+    on: workflow_dispatch
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.NotNil(t, workflowDispatch)
+	assert.Nil(t, workflowDispatch.Inputs)
+
+	yaml = `
+    name: local-action-docker-url
+    on: [push, pull_request]
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.Nil(t, workflowDispatch)
+
+	yaml = `
+    name: local-action-docker-url
+    on: [push, workflow_dispatch]
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.NotNil(t, workflowDispatch)
+	assert.Nil(t, workflowDispatch.Inputs)
+
+	yaml = `
+    name: local-action-docker-url
+    on:
+        - push
+        - workflow_dispatch
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.NotNil(t, workflowDispatch)
+	assert.Nil(t, workflowDispatch.Inputs)
+
+	yaml = `
+    name: local-action-docker-url
+    on:
+        push:
+        pull_request:
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.Nil(t, workflowDispatch)
+
+	yaml = `
+    name: local-action-docker-url
+    on:
+        push:
+        pull_request:
+        workflow_dispatch:
+            inputs:
+                logLevel:
+                    description: 'Log level'
+                    required: true
+                    default: 'warning'
+                    type: choice
+                    options:
+                    - info
+                    - warning
+                    - debug
+    `
+	workflow, err = ReadWorkflow(strings.NewReader(yaml))
+	assert.NoError(t, err, "read workflow should succeed")
+	workflowDispatch = workflow.WorkflowDispatchConfig()
+	assert.NotNil(t, workflowDispatch)
+	assert.Equal(t, WorkflowDispatchInput{
+		Default:     "warning",
+		Description: "Log level",
+		Options: []string{
+			"info",
+			"warning",
+			"debug",
+		},
+		Required: true,
+		Type:     "choice",
+	}, workflowDispatch.Inputs["logLevel"])
+}
--- a/pkg/runner/action.go
+++ b/pkg/runner/action.go
@ -3,6 +3,7 @@ package runner
 import (
 	"context"
 	"embed"
+	"errors"
 	"fmt"
 	"io"
 	"io/fs"
@ -41,11 +42,24 @@ var trampoline embed.FS

 func readActionImpl(ctx context.Context, step *model.Step, actionDir string, actionPath string, readFile actionYamlReader, writeFile fileWriter) (*model.Action, error) {
 	logger := common.Logger(ctx)
+	allErrors := []error{}
+	addError := func(fileName string, err error) {
+		if err != nil {
+			allErrors = append(allErrors, fmt.Errorf("failed to read '%s' from action '%s' with path '%s' of step %w", fileName, step.String(), actionPath, err))
+		} else {
+			// One successful read, clear error state
+			allErrors = nil
+		}
+	}
 	reader, closer, err := readFile("action.yml")
+	addError("action.yml", err)
 	if os.IsNotExist(err) {
 		reader, closer, err = readFile("action.yaml")
-		if err != nil {
-			if _, closer, err2 := readFile("Dockerfile"); err2 == nil {
+		addError("action.yaml", err)
+		if os.IsNotExist(err) {
+			_, closer, err := readFile("Dockerfile")
+			addError("Dockerfile", err)
+			if err == nil {
 				closer.Close()
 				action := &model.Action{
 					Name: "(Synthetic)",
@ -90,10 +104,10 @@ func readActionImpl(ctx context.Context, step *model.Step, actionDir string, act
 					return action, nil
 				}
 			}
-			return nil, err
 		}
-	} else if err != nil {
-		return nil, err
+	}
+	if allErrors != nil {
+		return nil, errors.Join(allErrors...)
 	}
 	defer closer.Close()

@ -110,9 +124,6 @@ func maybeCopyToActionDir(ctx context.Context, step actionStep, actionDir string
 	if stepModel.Type() != model.StepTypeUsesActionRemote {
 		return nil
 	}
-	if err := removeGitIgnore(ctx, actionDir); err != nil {
-		return err
-	}

 	var containerActionDirCopy string
 	containerActionDirCopy = strings.TrimSuffix(containerActionDir, actionPath)
@ -121,6 +132,21 @@ func maybeCopyToActionDir(ctx context.Context, step actionStep, actionDir string
 	if !strings.HasSuffix(containerActionDirCopy, `/`) {
 		containerActionDirCopy += `/`
 	}
+
+	if rc.Config != nil && rc.Config.ActionCache != nil {
+		raction := step.(*stepActionRemote)
+		ta, err := rc.Config.ActionCache.GetTarArchive(ctx, raction.cacheDir, raction.resolvedSha, "")
+		if err != nil {
+			return err
+		}
+		defer ta.Close()
+		return rc.JobContainer.CopyTarStream(ctx, containerActionDirCopy, ta)
+	}
+
+	if err := removeGitIgnore(ctx, actionDir); err != nil {
+		return err
+	}
+
 	return rc.JobContainer.CopyDir(containerActionDirCopy, actionDir+"/", rc.Config.UseGitIgnore)(ctx)
 }

@ -265,6 +291,13 @@ func execAsDocker(ctx context.Context, step actionStep, actionName string, based
 					return err
 				}
 				defer buildContext.Close()
+			} else if rc.Config.ActionCache != nil {
+				rstep := step.(*stepActionRemote)
+				buildContext, err = rc.Config.ActionCache.GetTarArchive(ctx, rstep.cacheDir, rstep.resolvedSha, contextDir)
+				if err != nil {
+					return err
+				}
+				defer buildContext.Close()
 			}
 			prepImage = container.NewDockerBuildExecutor(container.NewDockerBuildExecutorInput{
 				ContextDir:   contextDir,
--- a/pkg/runner/action_cache.go
+++ b/pkg/runner/action_cache.go
@ -42,17 +42,7 @@ func (c GoGitActionCache) Fetch(ctx context.Context, cacheDir, url, ref, token s
 		return "", err
 	}
 	branchName := hex.EncodeToString(tmpBranch)
-	var refSpec config.RefSpec
-	spec := config.RefSpec(ref + ":" + branchName)
-	tagOrSha := false
-	if spec.IsExactSHA1() {
-		refSpec = spec
-	} else if strings.HasPrefix(ref, "refs/") {
-		refSpec = config.RefSpec(ref + ":refs/heads/" + branchName)
-	} else {
-		tagOrSha = true
-		refSpec = config.RefSpec("refs/*/" + ref + ":refs/heads/*/" + branchName)
-	}
+
 	var auth transport.AuthMethod
 	if token != "" {
 		auth = &http.BasicAuth{
@ -70,32 +60,17 @@ func (c GoGitActionCache) Fetch(ctx context.Context, cacheDir, url, ref, token s
 		return "", err
 	}
 	defer func() {
-		if refs, err := gogitrepo.References(); err == nil {
-			_ = refs.ForEach(func(r *plumbing.Reference) error {
-				if strings.Contains(r.Name().String(), branchName) {
-					return gogitrepo.DeleteBranch(r.Name().String())
-				}
-				return nil
-			})
-		}
+		_ = gogitrepo.DeleteBranch(branchName)
 	}()
 	if err := remote.FetchContext(ctx, &git.FetchOptions{
 		RefSpecs: []config.RefSpec{
-			refSpec,
+			config.RefSpec(ref + ":" + branchName),
 		},
 		Auth:  auth,
 		Force: true,
 	}); err != nil {
 		return "", err
 	}
-	if tagOrSha {
-		for _, prefix := range []string{"refs/heads/tags/", "refs/heads/heads/"} {
-			hash, err := gogitrepo.ResolveRevision(plumbing.Revision(prefix + branchName))
-			if err == nil {
-				return hash.String(), nil
-			}
-		}
-	}
 	hash, err := gogitrepo.ResolveRevision(plumbing.Revision(branchName))
 	if err != nil {
 		return "", err
--- a/pkg/runner/action_cache_offline_mode.go
+++ b/pkg/runner/action_cache_offline_mode.go
@ -0,0 +1,41 @@
+package runner
+
+import (
+	"context"
+	"io"
+	"path"
+
+	git "github.com/go-git/go-git/v5"
+	"github.com/go-git/go-git/v5/plumbing"
+)
+
+type GoGitActionCacheOfflineMode struct {
+	Parent GoGitActionCache
+}
+
+func (c GoGitActionCacheOfflineMode) Fetch(ctx context.Context, cacheDir, url, ref, token string) (string, error) {
+	sha, fetchErr := c.Parent.Fetch(ctx, cacheDir, url, ref, token)
+	gitPath := path.Join(c.Parent.Path, safeFilename(cacheDir)+".git")
+	gogitrepo, err := git.PlainOpen(gitPath)
+	if err != nil {
+		return "", fetchErr
+	}
+	refName := plumbing.ReferenceName("refs/action-cache-offline/" + ref)
+	r, err := gogitrepo.Reference(refName, true)
+	if fetchErr == nil {
+		if err != nil || sha != r.Hash().String() {
+			if err == nil {
+				refName = r.Name()
+			}
+			ref := plumbing.NewHashReference(refName, plumbing.NewHash(sha))
+			_ = gogitrepo.Storer.SetReference(ref)
+		}
+	} else if err == nil {
+		return r.Hash().String(), nil
+	}
+	return sha, fetchErr
+}
+
+func (c GoGitActionCacheOfflineMode) GetTarArchive(ctx context.Context, cacheDir, sha, includePrefix string) (io.ReadCloser, error) {
+	return c.Parent.GetTarArchive(ctx, cacheDir, sha, includePrefix)
+}
--- a/pkg/runner/action_cache_test.go
+++ b/pkg/runner/action_cache_test.go
@ -18,20 +18,60 @@ func TestActionCache(t *testing.T) {
 		Path: os.TempDir(),
 	}
 	ctx := context.Background()
-	sha, err := cache.Fetch(ctx, "christopherhx/script", "https://github.com/christopherhx/script", "main", "")
-	a.NoError(err)
-	a.NotEmpty(sha)
-	atar, err := cache.GetTarArchive(ctx, "christopherhx/script", sha, "node_modules")
-	a.NoError(err)
-	a.NotEmpty(atar)
-	mytar := tar.NewReader(atar)
-	th, err := mytar.Next()
-	a.NoError(err)
-	a.NotEqual(0, th.Size)
-	buf := &bytes.Buffer{}
-	// G110: Potential DoS vulnerability via decompression bomb (gosec)
-	_, err = io.Copy(buf, mytar)
-	a.NoError(err)
-	str := buf.String()
-	a.NotEmpty(str)
+	cacheDir := "nektos/act-test-actions"
+	repo := "https://github.com/nektos/act-test-actions"
+	refs := []struct {
+		Name     string
+		CacheDir string
+		Repo     string
+		Ref      string
+	}{
+		{
+			Name:     "Fetch Branch Name",
+			CacheDir: cacheDir,
+			Repo:     repo,
+			Ref:      "main",
+		},
+		{
+			Name:     "Fetch Branch Name Absolutely",
+			CacheDir: cacheDir,
+			Repo:     repo,
+			Ref:      "refs/heads/main",
+		},
+		{
+			Name:     "Fetch HEAD",
+			CacheDir: cacheDir,
+			Repo:     repo,
+			Ref:      "HEAD",
+		},
+		{
+			Name:     "Fetch Sha",
+			CacheDir: cacheDir,
+			Repo:     repo,
+			Ref:      "de984ca37e4df4cb9fd9256435a3b82c4a2662b1",
+		},
+	}
+	for _, c := range refs {
+		t.Run(c.Name, func(t *testing.T) {
+			sha, err := cache.Fetch(ctx, c.CacheDir, c.Repo, c.Ref, "")
+			if !a.NoError(err) || !a.NotEmpty(sha) {
+				return
+			}
+			atar, err := cache.GetTarArchive(ctx, c.CacheDir, sha, "js")
+			if !a.NoError(err) || !a.NotEmpty(atar) {
+				return
+			}
+			mytar := tar.NewReader(atar)
+			th, err := mytar.Next()
+			if !a.NoError(err) || !a.NotEqual(0, th.Size) {
+				return
+			}
+			buf := &bytes.Buffer{}
+			// G110: Potential DoS vulnerability via decompression bomb (gosec)
+			_, err = io.Copy(buf, mytar)
+			a.NoError(err)
+			str := buf.String()
+			a.NotEmpty(str)
+		})
+	}
 }
--- a/pkg/runner/expression.go
+++ b/pkg/runner/expression.go
@ -106,7 +106,7 @@ func (rc *RunContext) NewExpressionEvaluatorWithEnv(ctx context.Context, env map
 //go:embed hashfiles/index.js
 var hashfiles string

-// NewExpressionEvaluator creates a new evaluator
+// NewStepExpressionEvaluator creates a new evaluator
 func (rc *RunContext) NewStepExpressionEvaluator(ctx context.Context, step step) ExpressionEvaluator {
 	// todo: cleanup EvaluationEnvironment creation
 	job := rc.Run.Job()
--- a/pkg/runner/local_repository_cache.go
+++ b/pkg/runner/local_repository_cache.go
@ -0,0 +1,91 @@
+package runner
+
+import (
+	"archive/tar"
+	"bytes"
+	"context"
+	"fmt"
+	"io"
+	"io/fs"
+	goURL "net/url"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/nektos/act/pkg/filecollector"
+)
+
+type LocalRepositoryCache struct {
+	Parent            ActionCache
+	LocalRepositories map[string]string
+	CacheDirCache     map[string]string
+}
+
+func (l *LocalRepositoryCache) Fetch(ctx context.Context, cacheDir, url, ref, token string) (string, error) {
+	if dest, ok := l.LocalRepositories[fmt.Sprintf("%s@%s", url, ref)]; ok {
+		l.CacheDirCache[fmt.Sprintf("%s@%s", cacheDir, ref)] = dest
+		return ref, nil
+	}
+	if purl, err := goURL.Parse(url); err == nil {
+		if dest, ok := l.LocalRepositories[fmt.Sprintf("%s@%s", strings.TrimPrefix(purl.Path, "/"), ref)]; ok {
+			l.CacheDirCache[fmt.Sprintf("%s@%s", cacheDir, ref)] = dest
+			return ref, nil
+		}
+	}
+	return l.Parent.Fetch(ctx, cacheDir, url, ref, token)
+}
+
+func (l *LocalRepositoryCache) GetTarArchive(ctx context.Context, cacheDir, sha, includePrefix string) (io.ReadCloser, error) {
+	// sha is mapped to ref in fetch if there is a local override
+	if dest, ok := l.CacheDirCache[fmt.Sprintf("%s@%s", cacheDir, sha)]; ok {
+		srcPath := filepath.Join(dest, includePrefix)
+		buf := &bytes.Buffer{}
+		tw := tar.NewWriter(buf)
+		defer tw.Close()
+		srcPath = filepath.Clean(srcPath)
+		fi, err := os.Lstat(srcPath)
+		if err != nil {
+			return nil, err
+		}
+		tc := &filecollector.TarCollector{
+			TarWriter: tw,
+		}
+		if fi.IsDir() {
+			srcPrefix := srcPath
+			if !strings.HasSuffix(srcPrefix, string(filepath.Separator)) {
+				srcPrefix += string(filepath.Separator)
+			}
+			fc := &filecollector.FileCollector{
+				Fs:        &filecollector.DefaultFs{},
+				SrcPath:   srcPath,
+				SrcPrefix: srcPrefix,
+				Handler:   tc,
+			}
+			err = filepath.Walk(srcPath, fc.CollectFiles(ctx, []string{}))
+			if err != nil {
+				return nil, err
+			}
+		} else {
+			var f io.ReadCloser
+			var linkname string
+			if fi.Mode()&fs.ModeSymlink != 0 {
+				linkname, err = os.Readlink(srcPath)
+				if err != nil {
+					return nil, err
+				}
+			} else {
+				f, err = os.Open(srcPath)
+				if err != nil {
+					return nil, err
+				}
+				defer f.Close()
+			}
+			err := tc.WriteFile(fi.Name(), fi, linkname, f)
+			if err != nil {
+				return nil, err
+			}
+		}
+		return io.NopCloser(buf), nil
+	}
+	return l.Parent.GetTarArchive(ctx, cacheDir, sha, includePrefix)
+}
--- a/pkg/runner/logger.go
+++ b/pkg/runner/logger.go
@ -52,7 +52,7 @@ func Masks(ctx context.Context) *[]string {
 	return &[]string{}
 }

-// WithLogger adds a value to the context for the logger
+// WithMasks adds a value to the context for the logger
 func WithMasks(ctx context.Context, masks *[]string) context.Context {
 	return context.WithValue(ctx, masksContextKeyVal, masks)
 }
--- a/pkg/runner/reusable_workflow.go
+++ b/pkg/runner/reusable_workflow.go
@ -1,6 +1,7 @@
 package runner

 import (
+	"archive/tar"
 	"context"
 	"errors"
 	"fmt"
@ -33,12 +34,51 @@ func newRemoteReusableWorkflowExecutor(rc *RunContext) common.Executor {
 	filename := fmt.Sprintf("%s/%s@%s", remoteReusableWorkflow.Org, remoteReusableWorkflow.Repo, remoteReusableWorkflow.Ref)
 	workflowDir := fmt.Sprintf("%s/%s", rc.ActionCacheDir(), safeFilename(filename))

+	if rc.Config.ActionCache != nil {
+		return newActionCacheReusableWorkflowExecutor(rc, filename, remoteReusableWorkflow)
+	}
+
 	return common.NewPipelineExecutor(
 		newMutexExecutor(cloneIfRequired(rc, *remoteReusableWorkflow, workflowDir)),
 		newReusableWorkflowExecutor(rc, workflowDir, fmt.Sprintf("./.github/workflows/%s", remoteReusableWorkflow.Filename)),
 	)
 }

+func newActionCacheReusableWorkflowExecutor(rc *RunContext, filename string, remoteReusableWorkflow *remoteReusableWorkflow) common.Executor {
+	return func(ctx context.Context) error {
+		ghctx := rc.getGithubContext(ctx)
+		remoteReusableWorkflow.URL = ghctx.ServerURL
+		sha, err := rc.Config.ActionCache.Fetch(ctx, filename, remoteReusableWorkflow.CloneURL(), remoteReusableWorkflow.Ref, ghctx.Token)
+		if err != nil {
+			return err
+		}
+		archive, err := rc.Config.ActionCache.GetTarArchive(ctx, filename, sha, fmt.Sprintf(".github/workflows/%s", remoteReusableWorkflow.Filename))
+		if err != nil {
+			return err
+		}
+		defer archive.Close()
+		treader := tar.NewReader(archive)
+		if _, err = treader.Next(); err != nil {
+			return err
+		}
+		planner, err := model.NewSingleWorkflowPlanner(remoteReusableWorkflow.Filename, treader)
+		if err != nil {
+			return err
+		}
+		plan, err := planner.PlanEvent("workflow_call")
+		if err != nil {
+			return err
+		}
+
+		runner, err := NewReusableWorkflowRunner(rc)
+		if err != nil {
+			return err
+		}
+
+		return runner.NewPlanExecutor(plan)(ctx)
+	}
+}
+
 var (
 	executorLock sync.Mutex
 )
@ -62,10 +102,11 @@ func cloneIfRequired(rc *RunContext, remoteReusableWorkflow remoteReusableWorkfl
 		func(ctx context.Context) error {
 			remoteReusableWorkflow.URL = rc.getGithubContext(ctx).ServerURL
 			return git.NewGitCloneExecutor(git.NewGitCloneExecutorInput{
-				URL:   remoteReusableWorkflow.CloneURL(),
-				Ref:   remoteReusableWorkflow.Ref,
-				Dir:   targetDirectory,
-				Token: rc.Config.Token,
+				URL:         remoteReusableWorkflow.CloneURL(),
+				Ref:         remoteReusableWorkflow.Ref,
+				Dir:         targetDirectory,
+				Token:       rc.Config.Token,
+				OfflineMode: rc.Config.ActionOfflineMode,
 			})(ctx)
 		},
 		nil,
--- a/pkg/runner/run_context.go
+++ b/pkg/runner/run_context.go
@ -135,7 +135,7 @@ func (rc *RunContext) GetBindsAndMounts() ([]string, map[string]string) {
 	ext := container.LinuxContainerEnvironmentExtensions{}

 	mounts := map[string]string{
-		"act-toolcache": "/toolcache",
+		"act-toolcache": "/opt/hostedtoolcache",
 		name + "-env":   ext.GetActPath(),
 	}

--- a/pkg/runner/runner.go
+++ b/pkg/runner/runner.go
@ -23,6 +23,7 @@ type Config struct {
 	Actor                              string                       // the user that triggered the event
 	Workdir                            string                       // path to working directory
 	ActionCacheDir                     string                       // path used for caching action contents
+	ActionOfflineMode                  bool                         // when offline, use caching action contents
 	BindWorkdir                        bool                         // bind the workdir to the job container
 	EventName                          string                       // name of event to run
 	EventPath                          string                       // path to JSON file to use for event.json in containers
@ -59,6 +60,7 @@ type Config struct {
 	ReplaceGheActionTokenWithGithubCom string                       // Token of private action repo on GitHub.
 	Matrix                             map[string]map[string]bool   // Matrix config to run
 	ContainerNetworkMode               docker_container.NetworkMode // the network mode of job containers (the value of --network)
+	ActionCache                        ActionCache                  // Use a custom ActionCache Implementation
 }

 type caller struct {
--- a/pkg/runner/runner_test.go
+++ b/pkg/runner/runner_test.go
@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"path"
 	"path/filepath"
 	"runtime"
 	"strings"
@ -14,6 +15,7 @@ import (
 	"github.com/joho/godotenv"
 	log "github.com/sirupsen/logrus"
 	assert "github.com/stretchr/testify/assert"
+	"gopkg.in/yaml.v3"

 	"github.com/nektos/act/pkg/common"
 	"github.com/nektos/act/pkg/model"
@ -187,6 +189,7 @@ func (j *TestJobFileInfo) runTest(ctx context.Context, t *testing.T, cfg *Config
 		GitHubInstance:        "github.com",
 		ContainerArchitecture: cfg.ContainerArchitecture,
 		Matrix:                cfg.Matrix,
+		ActionCache:           cfg.ActionCache,
 	}

 	runner, err := New(runnerConfig)
@ -209,6 +212,10 @@ func (j *TestJobFileInfo) runTest(ctx context.Context, t *testing.T, cfg *Config
 	fmt.Println("::endgroup::")
 }

+type TestConfig struct {
+	LocalRepositories map[string]string `yaml:"local-repositories"`
+}
+
 func TestRunEvent(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping integration test")
@ -307,6 +314,9 @@ func TestRunEvent(t *testing.T) {
 		{workdir, "services", "push", "", platforms, secrets},
 		{workdir, "services-host-network", "push", "", platforms, secrets},
 		{workdir, "services-with-container", "push", "", platforms, secrets},
+
+		// local remote action overrides
+		{workdir, "local-remote-action-overrides", "push", "", platforms, secrets},
 	}

 	for _, table := range tables {
@ -320,6 +330,22 @@ func TestRunEvent(t *testing.T) {
 				config.EventPath = eventFile
 			}

+			testConfigFile := filepath.Join(workdir, table.workflowPath, "config.yml")
+			if file, err := os.ReadFile(testConfigFile); err == nil {
+				testConfig := &TestConfig{}
+				if yaml.Unmarshal(file, testConfig) == nil {
+					if testConfig.LocalRepositories != nil {
+						config.ActionCache = &LocalRepositoryCache{
+							Parent: GoGitActionCache{
+								path.Clean(path.Join(workdir, "cache")),
+							},
+							LocalRepositories: testConfig.LocalRepositories,
+							CacheDirCache:     map[string]string{},
+						}
+					}
+				}
+			}
+
 			table.runTest(ctx, t, config)
 		})
 	}
--- a/pkg/runner/step.go
+++ b/pkg/runner/step.go
@ -34,6 +34,9 @@ const (
 	stepStagePost
 )

+// Controls how many symlinks are resolved for local and remote Actions
+const maxSymlinkDepth = 10
+
 func (s stepStage) String() string {
 	switch s {
 	case stepStagePre:
@ -307,3 +310,13 @@ func mergeIntoMapCaseInsensitive(target map[string]string, maps ...map[string]st
 		}
 	}
 }
+
+func symlinkJoin(filename, sym, parent string) (string, error) {
+	dir := path.Dir(filename)
+	dest := path.Join(dir, sym)
+	prefix := path.Clean(parent) + "/"
+	if strings.HasPrefix(dest, prefix) || prefix == "./" {
+		return dest, nil
+	}
+	return "", fmt.Errorf("symlink tries to access file '%s' outside of '%s'", strings.ReplaceAll(dest, "'", "''"), strings.ReplaceAll(parent, "'", "''"))
+}
--- a/pkg/runner/step_action_local.go
+++ b/pkg/runner/step_action_local.go
@ -3,7 +3,10 @@ package runner
 import (
 	"archive/tar"
 	"context"
+	"errors"
+	"fmt"
 	"io"
+	"io/fs"
 	"os"
 	"path"
 	"path/filepath"
@ -42,15 +45,31 @@ func (sal *stepActionLocal) main() common.Executor {
 		localReader := func(ctx context.Context) actionYamlReader {
 			_, cpath := getContainerActionPaths(sal.Step, path.Join(actionDir, ""), sal.RunContext)
 			return func(filename string) (io.Reader, io.Closer, error) {
-				tars, err := sal.RunContext.JobContainer.GetContainerArchive(ctx, path.Join(cpath, filename))
-				if err != nil {
-					return nil, nil, os.ErrNotExist
+				spath := path.Join(cpath, filename)
+				for i := 0; i < maxSymlinkDepth; i++ {
+					tars, err := sal.RunContext.JobContainer.GetContainerArchive(ctx, spath)
+					if errors.Is(err, fs.ErrNotExist) {
+						return nil, nil, err
+					} else if err != nil {
+						return nil, nil, fs.ErrNotExist
+					}
+					treader := tar.NewReader(tars)
+					header, err := treader.Next()
+					if errors.Is(err, io.EOF) {
+						return nil, nil, os.ErrNotExist
+					} else if err != nil {
+						return nil, nil, err
+					}
+					if header.FileInfo().Mode()&os.ModeSymlink == os.ModeSymlink {
+						spath, err = symlinkJoin(spath, header.Linkname, cpath)
+						if err != nil {
+							return nil, nil, err
+						}
+					} else {
+						return treader, tars, nil
+					}
 				}
-				treader := tar.NewReader(tars)
-				if _, err := treader.Next(); err != nil {
-					return nil, nil, os.ErrNotExist
-				}
-				return treader, tars, nil
+				return nil, nil, fmt.Errorf("max depth %d of symlinks exceeded while reading %s", maxSymlinkDepth, spath)
 			}
 		}

--- a/pkg/runner/step_action_remote.go
+++ b/pkg/runner/step_action_remote.go
@ -1,6 +1,7 @@
 package runner

 import (
+	"archive/tar"
 	"context"
 	"errors"
 	"fmt"
@ -28,6 +29,8 @@ type stepActionRemote struct {
 	action              *model.Action
 	env                 map[string]string
 	remoteAction        *remoteAction
+	cacheDir            string
+	resolvedSha         string
 }

 var (
@ -60,13 +63,56 @@ func (sar *stepActionRemote) prepareActionExecutor() common.Executor {
 				github.Token = sar.RunContext.Config.ReplaceGheActionTokenWithGithubCom
 			}
 		}
+		if sar.RunContext.Config.ActionCache != nil {
+			cache := sar.RunContext.Config.ActionCache
+
+			var err error
+			sar.cacheDir = fmt.Sprintf("%s/%s", sar.remoteAction.Org, sar.remoteAction.Repo)
+			repoURL := sar.remoteAction.URL + "/" + sar.cacheDir
+			repoRef := sar.remoteAction.Ref
+			sar.resolvedSha, err = cache.Fetch(ctx, sar.cacheDir, repoURL, repoRef, github.Token)
+			if err != nil {
+				return fmt.Errorf("failed to fetch \"%s\" version \"%s\": %w", repoURL, repoRef, err)
+			}
+
+			remoteReader := func(ctx context.Context) actionYamlReader {
+				return func(filename string) (io.Reader, io.Closer, error) {
+					spath := path.Join(sar.remoteAction.Path, filename)
+					for i := 0; i < maxSymlinkDepth; i++ {
+						tars, err := cache.GetTarArchive(ctx, sar.cacheDir, sar.resolvedSha, spath)
+						if err != nil {
+							return nil, nil, os.ErrNotExist
+						}
+						treader := tar.NewReader(tars)
+						header, err := treader.Next()
+						if err != nil {
+							return nil, nil, os.ErrNotExist
+						}
+						if header.FileInfo().Mode()&os.ModeSymlink == os.ModeSymlink {
+							spath, err = symlinkJoin(spath, header.Linkname, ".")
+							if err != nil {
+								return nil, nil, err
+							}
+						} else {
+							return treader, tars, nil
+						}
+					}
+					return nil, nil, fmt.Errorf("max depth %d of symlinks exceeded while reading %s", maxSymlinkDepth, spath)
+				}
+			}
+
+			actionModel, err := sar.readAction(ctx, sar.Step, sar.resolvedSha, sar.remoteAction.Path, remoteReader(ctx), os.WriteFile)
+			sar.action = actionModel
+			return err
+		}

 		actionDir := fmt.Sprintf("%s/%s", sar.RunContext.ActionCacheDir(), safeFilename(sar.Step.Uses))
 		gitClone := stepActionRemoteNewCloneExecutor(git.NewGitCloneExecutorInput{
-			URL:   sar.remoteAction.CloneURL(),
-			Ref:   sar.remoteAction.Ref,
-			Dir:   actionDir,
-			Token: github.Token,
+			URL:         sar.remoteAction.CloneURL(),
+			Ref:         sar.remoteAction.Ref,
+			Dir:         actionDir,
+			Token:       github.Token,
+			OfflineMode: sar.RunContext.Config.ActionOfflineMode,
 		})
 		var ntErr common.Executor
 		if err := gitClone(ctx); err != nil {
--- a/pkg/runner/testdata/local-remote-action-overrides/config.yml
+++ b/pkg/runner/testdata/local-remote-action-overrides/config.yml
@ -0,0 +1,3 @@
+local-repositories:
+  https://github.com/nektos/test-override@a: testdata/actions/node20
+  nektos/test-override@b: testdata/actions/node16
--- a/pkg/runner/testdata/local-remote-action-overrides/push.yml
+++ b/pkg/runner/testdata/local-remote-action-overrides/push.yml
@ -0,0 +1,9 @@
+name: basic
+on: push
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: nektos/test-override@a
+      - uses: nektos/test-override@b
Author	SHA1	Message	Date
dependabot[bot]	8c83d57212	build(deps): bump golang.org/x/term from 0.17.0 to 0.18.0 (#2244 ) Bumps [golang.org/x/term](https://github.com/golang/term) from 0.17.0 to 0.18.0. - [Commits](https://github.com/golang/term/compare/v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-03-11 02:28:21 +00:00
ChristopherHX	119ceb81d9	fix: rootless permission bits (new actions cache) (#2242 ) * fix: rootless permission bits (new actions cache) * add test * fix lint / more tests	2024-03-08 01:25:03 +00:00
huajin tong	352ad41ad2	fix function name in comment (#2240 ) Signed-off-by: thirdkeyword <fliterdashen@gmail.com>	2024-03-06 14:20:06 +00:00
ChristopherHX	75e4ad93f4	fix: docker buildx cache restore not working (#2236 ) * To take effect artifacts v4 pr is needed with adjusted claims	2024-03-05 06:04:54 +00:00
dependabot[bot]	934b13a7a1	build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2235 ) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-03-04 03:08:44 +00:00
GitHub Actions	d3c8664d3d	chore: bump VERSION to 0.2.60	2024-03-01 02:12:58 +00:00
dependabot[bot]	c79f59f802	build(deps): bump go.etcd.io/bbolt from 1.3.8 to 1.3.9 (#2229 ) Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.8 to 1.3.9. - [Release notes](https://github.com/etcd-io/bbolt/releases) - [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.8...v1.3.9) --- updated-dependencies: - dependency-name: go.etcd.io/bbolt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-02-26 03:18:59 +00:00
dependabot[bot]	68597d68f6	build(deps): bump github.com/rhysd/actionlint from 1.6.26 to 1.6.27 (#2228 ) Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint) from 1.6.26 to 1.6.27. - [Release notes](https://github.com/rhysd/actionlint/releases) - [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md) - [Commits](https://github.com/rhysd/actionlint/compare/v1.6.26...v1.6.27) --- updated-dependencies: - dependency-name: github.com/rhysd/actionlint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-02-26 03:02:49 +00:00
ChristopherHX	e1cd7c915f	fix: logo and demo asset urls (#2226 )	2024-02-24 02:47:55 +00:00
ChristopherHX	ac6a465e27	feat: Test writing remote Actions locally (#2155 ) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-23 07:40:14 +00:00
dependabot[bot]	9e6ce121bc	build(deps): bump github.com/opencontainers/image-spec (#2223 ) Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc6 to 1.1.0. - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](https://github.com/opencontainers/image-spec/compare/v1.1.0-rc6...v1.1.0) --- updated-dependencies: - dependency-name: github.com/opencontainers/image-spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-02-19 03:04:51 +00:00
ChristopherHX	5601fb0e13	refactor: simpilfy go-git cache (#2208 )	2024-02-18 03:53:22 +00:00
ChristopherHX	852959e1e1	feat: offline mode for new action cache (#2173 ) * Try fetch update of the action, otherwise use cached version Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-12 12:51:37 +00:00
dependabot[bot]	27eb79bb5a	build(deps): bump github.com/opencontainers/image-spec (#2214 ) Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc3 to 1.1.0-rc6. - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](https://github.com/opencontainers/image-spec/compare/v1.1.0-rc3...v1.1.0-rc6) --- updated-dependencies: - dependency-name: github.com/opencontainers/image-spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-12 02:26:14 +00:00
dependabot[bot]	8277584f00	build(deps): bump golang.org/x/term from 0.16.0 to 0.17.0 (#2213 ) Bumps [golang.org/x/term](https://github.com/golang/term) from 0.16.0 to 0.17.0. - [Commits](https://github.com/golang/term/compare/v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-02-12 02:14:13 +00:00
Kristofer	f2e65e1d40	fix: Rootless error concerning `/var/run/docker.sock` (#2181 ) * Use same socket defaulting strategy every time * Always default to DOCKER_HOST * Add more debug logs * Commenting, and massively simplified socket logic * Rever to upstream run_context.go * Fix EACCESS error regarding /opt/hostedtoolcache * Revert "Fix EACCESS error regarding /opt/hostedtoolcache" This reverts commit `b2a8394d33`. * Revert CLI debug logs * Move socket and host handling to own function, and simplify logic * Move to container package * Make return be a struct * Write tests to verify functionality * Fix DOCKER_HOST being set to the string "DOCKER_HOST" * Always use struct * Use socketLocation, for DOCKER_HOST and more defaults * Fixup arguments to GetSocketAndHost in test and root.go * Un-struct hasDockerHost * Fixup logic and set hasDockerHost * Minor scoping & variable name change * Move functionality to a new file * Rename corresponding test * Reviewfix * Fix DOCKER_HOST expected * Fix test assertions and add comments * Swap comparison actual, expected * Fixed no-DOCKER_HOST env test * Fixed default socket test * Add test to verify review comments * Add more test for greater test coverage * Consistent comment references * Fix bug found while writing tests * Passing tests * NoMountNoHost testfix * Rename test appropriately * NoMount testfix * Fixed OnlySocket * Swap expected <-> actual in tests --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-02-06 17:18:11 +00:00
ChristopherHX	6e80373eb6	Shrink Readme (#2198 ) nektosact.com should become the single source of truth	2024-02-06 08:22:01 -08:00
GitHub Actions	b7a8145d09	chore: bump VERSION to 0.2.59	2024-02-01 22:32:06 +00:00
Milo Moisson	12c0c4277a	feat: correctly use the xdg library, which has the side effect to fix the config survey (#2195 )	2024-02-01 13:57:16 -08:00
GitHub Actions	3ed38d8e8b	chore: bump VERSION to 0.2.58	2024-02-01 02:12:33 +00:00
dependabot[bot]	0dbf44c657	build(deps): bump github.com/opencontainers/runc from 1.1.7 to 1.1.12 (#2187 ) Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.7 to 1.1.12. - [Release notes](https://github.com/opencontainers/runc/releases) - [Changelog](https://github.com/opencontainers/runc/blob/v1.1.12/CHANGELOG.md) - [Commits](https://github.com/opencontainers/runc/compare/v1.1.7...v1.1.12) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-31 23:56:50 +00:00
dependabot[bot]	6dcf9bc6e6	build(deps): bump github.com/moby/buildkit from 0.11.5 to 0.12.5 (#2188 ) Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.11.5 to 0.12.5. - [Release notes](https://github.com/moby/buildkit/releases) - [Commits](https://github.com/moby/buildkit/compare/v0.11.5...v0.12.5) --- updated-dependencies: - dependency-name: github.com/moby/buildkit dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-31 23:41:20 +00:00
dependabot[bot]	df61c7fcdb	build(deps): bump github.com/containerd/containerd from 1.6.19 to 1.6.26 (#2189 ) Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.6.19 to 1.6.26. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](https://github.com/containerd/containerd/compare/v1.6.19...v1.6.26) --- updated-dependencies: - dependency-name: github.com/containerd/containerd dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-31 23:24:57 +00:00
dependabot[bot]	36e0261150	build(deps): bump github.com/opencontainers/image-spec (#2167 ) Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc5 to 1.1.0-rc.6. - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](https://github.com/opencontainers/image-spec/compare/v1.1.0-rc5...v1.1.0-rc6) --- updated-dependencies: - dependency-name: github.com/opencontainers/image-spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-31 23:11:39 +00:00
dependabot[bot]	46dc2ffe80	build(deps): bump github.com/moby/buildkit from 0.12.4 to 0.12.5 (#2186 ) Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.12.4 to 0.12.5. - [Release notes](https://github.com/moby/buildkit/releases) - [Commits](https://github.com/moby/buildkit/compare/v0.12.4...v0.12.5) --- updated-dependencies: - dependency-name: github.com/moby/buildkit dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-31 22:58:02 +00:00
Markus Wolf	054caec791	fix: use correct path to toolcache (#1494 ) The toolcache on GitHub Actions need to be in /opt/hostedtoolcache. This is the case for all environment variables set by act, but it's not the case for the volume mounted into the container. Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de> Co-authored-by: ChristopherHX <christopher.homberger@web.de> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-30 22:43:52 +00:00
ChristopherHX	5a80a044f9	refactor: filecollector into new package (#2174 ) * refactor: filecollector into new package * Add test for symlinks * add test fix bug of GetContainerArchive * add test data	2024-01-30 00:46:45 +00:00
dependabot[bot]	4ca35d2192	build(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 (#2175 ) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.4 to 3.1.5. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-29 02:34:33 +00:00
Josh Soref	5e0d29d665	fix: improve warning about remote not found (#2169 ) Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-28 19:21:21 +00:00
ChristopherHX	6dd67253bc	fix: improve new-action-cache fetch failure error (#2172 ) - include repoURL and repoRef in error - map NoErrAlreadyUptodate to `couldn't find remote ref` for branchOrtag fetch request Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-28 17:02:15 +00:00
ChristopherHX	09d4b5d6ad	fix: subpath actions via new artifact cache (#2170 ) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-28 16:49:47 +00:00
ChristopherHX	a6ec2c129a	fix: improve action not found error (#2171 )	2024-01-28 16:37:19 +00:00
Eng Zer Jun	424fd5e02b	refactor(cmd/root): simplify `parseEnvs` (#2162 ) Prior to this commit, `parseEnvs` accept two parameters: 1. env []string 2. envs map[string]string `parseEnvs` then do a `nil` check for `env`. However, we never pass a `nil` `env` to `parseEnvs` in `newRunCommand`. This commit simplify the `parseEnvs` function to accept just one `env []string` parameter and return the result as `map[string]string` instead. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2024-01-24 03:06:31 +00:00
Matthew	6a8c42ac53	Add containerd's normalized architectures to archMapper (#2168 )	2024-01-24 02:44:48 +00:00
dependabot[bot]	c215e0888a	build(deps): bump megalinter/megalinter from 7.7.0 to 7.8.0 (#2164 ) Bumps [megalinter/megalinter](https://github.com/megalinter/megalinter) from 7.7.0 to 7.8.0. - [Release notes](https://github.com/megalinter/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/megalinter/megalinter/compare/v7.7.0...v7.8.0) --- updated-dependencies: - dependency-name: megalinter/megalinter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-22 02:22:08 +00:00
Milo Moisson	6091094e14	fix: write default config in XDG config dir to avoid cluttering the HOME directory by default (#2140 ) Co-authored-by: Casey Lee <cplee@nektos.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-21 20:16:06 +00:00
胖梁	8072a00a77	WorkflowDispatchConfig supports multiple yaml node kinds (#2123 ) * WorkflowDispatchConfig supports ScalarNode and SequenceNode yaml node kinds * Avoid using log.Fatal * package slices is not in golang 1.20 --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-20 14:07:36 +00:00
Kristoffer	7f7d84b10f	fix: match cache `restore-keys` in creation reverse order (#2153 ) * Match cache restore-keys in creation reverse order * Match full prefix when selecting cache --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-20 12:11:50 +00:00
dependabot[bot]	15bb54f14e	build(deps): bump actions/upload-artifact from 3 to 4 (#2133 ) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Casey Lee <cplee@nektos.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-20 00:32:38 +00:00
TKaxv_7S	f055d4ae60	feat: support offline mode (#2128 ) * Add: Actions Offline Mode * Add: Actions Offline Mode --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-20 00:20:15 +00:00
ChristopherHX	f7a846d2f5	feat: cli option to enable the new action cache (#1954 ) * Enable the new action cache * fix * fix: CopyTarStream (Docker) * suppress panic in test * add a cli option for opt in * fixups * add package * fix * rc.Config nil in test??? * add feature flag * patch * Fix respect --action-cache-path Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de> * add remote reusable workflow to ActionCache * fixup --------- Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-01-19 23:49:35 +00:00
Casey Lee	cd40f3fe9b	ci: automatic merge PRs created by a maintainer and approved by 1 other maintainer (#2156 )	2024-01-19 07:04:05 -08:00
Leonardo Taccari	adbe229fcb	Add support for NetBSD (#2023 ) NetBSD can run Docker CLI and then use Docker on some remote machine via DOCKER_HOST. (This can be probably extended to all other Unix-es capable of running just Docker CLI.) Co-authored-by: ChristopherHX <christopher.homberger@web.de>	2024-01-08 19:26:03 +00:00
dependabot[bot]	96d6cf8b2c	build(deps): bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#2149 ) Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.3.3 to 1.3.7. - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.7) --- updated-dependencies: - dependency-name: github.com/cloudflare/circl dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-08 17:01:44 +00:00
dependabot[bot]	ef5746ba74	build(deps): bump golang.org/x/term from 0.15.0 to 0.16.0 (#2148 ) Bumps [golang.org/x/term](https://github.com/golang/term) from 0.15.0 to 0.16.0. - [Commits](https://github.com/golang/term/compare/v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-08 02:23:22 +00:00
 @ -1 +1 @@
 .2.57
 .2.60