feat: tart macOS vm's as job container

[ChristopherHX]

adds the tart:// protocol to platform mapping

e.g. -P macos-14=tart://ghcr.io/cirruslabs/macos-sonoma-base:latest if you have a mac.

I have written the code in a payed dedicated host machine that is now deallocated, expenses satisfied by sponsoring of my other act based project while I don't see anything here, as I don't own a mac.

add-path is probably broken, but I ignore the fact as of now.

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ EDITORCONFIG	editorconfig-checker	10		0	0.03s
✅ REPOSITORY	gitleaks	yes		no	2.35s
✅ REPOSITORY	git_diff	yes		no	0.01s
✅ REPOSITORY	grype	yes		no	8.51s
✅ REPOSITORY	secretlint	yes		no	1.09s
✅ REPOSITORY	trivy-sbom	yes		no	0.11s
✅ REPOSITORY	trufflehog	yes		no	4.46s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 75.07%. Comparing base (5a80a04) to head (706746e).
Report is 122 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff             @@
##           master    #2434       +/-   ##
===========================================
+ Coverage   61.56%   75.07%   +13.51%     
===========================================
  Files          53       63       +10     
  Lines        9002    10019     +1017     
===========================================
+ Hits         5542     7522     +1980     
+ Misses       3020     1935     -1085     
- Partials      440      562      +122     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[ChristopherHX]

As I'm overriding GetActPath with a relocated vm path and I'm copying into the bind mount those change needs to be undone by ToHostPath before calling the super implementation

[ChristopherHX]

This is needed so RUNNER_TEMP are valid inside the vm, when used by actions cache

[ChristopherHX]

This is needed so script paths passed to exec are valid inside the vm

[ChristopherHX]

This is needed for working around bugs with paths using spaces, e.g. the shell templates of run steps

[ChristopherHX]

I'm reusing the docker container names used by containers, so no prefix and so on

[ChristopherHX]

If someone thinks to run this mode on another OS, abort as tart is not available and some syscall part doesn't compile anyway.

[ChristopherHX]

I thought that I'm smart, but no providing options in the -P <label>=tart://test?... query doesn't actually work so only defaults for now

[ChristopherHX]

This started as a copy of hostenvironment, but is now different

[ChristopherHX]

like -self-hosted, but with tart://. I forget this variant has only been used in act_runner as of now, but looks better.

[YOU54F]

Just starting to test this out and it looks good on first pass. testing on a mac m1 mbp

if the gh action step fails, the container is left in a running state.

if the container fails to start (say 2 vm limit is reached), the container is left in a stopped state.

I've been using ssh, with tart / parallels / qemu to run jobs with -P ${PLATFORM}=-self-hosted on windows/macos/linux vms for the last year (https://gist.github.com/YOU54F/3ac099e54e48a31a69ac2d671aa878f6 / https://gist.github.com/YOU54F/789c53ae8380a1f90325952615635f8a )

I had a play with your runner.server & github-act-runner to build gh actions in my homelab with a set of vm's on a few diff machines. Cheers for your work

[ChristopherHX]

if the gh action step fails, the container is left in a running state.

Does --rm change anything here? Act has a feature for docker containers to keep them running if a step fails so you can debug, but reusing the vm has not been working in my testing..

I had a play with your runner.server & github-act-runner to build gh actions in my homelab with a set of vm's on a few diff machines.

Yeah I have written and use my runner.server prog exactly for such a use case, but mostly with actions/runner as the actual runner.

[allexiusw]

Should 0o777 be added as a constant? Maybe FULL_RWX or FULL_PERMS

[allexiusw]

I'm seeing not test coverage, do we require them in a PR in order to get merged in this repo?

[ChristopherHX]

I'm seeing not test coverage

This requires a self-hosted runner, macos-14 github runner cannot be used due to running already in a Virtual Machine.

Or stubbing tart, but then do we really know if tart works?
I wanted in the past to have a tart emulator that fakes creating VM, but didn't find anything,

This is not like intel macOS with nested virtualization... :(.

[mergify]

@ChristopherHX this pull request has failed checks 🛠

[mergify]

@ChristopherHX this pull request has failed checks 🛠

[ChristopherHX]

Added a test for the error caused by using the tart mapping in linux where it is not supported, now coverage is green.

We have a coverage collection problem for platforms outside of linux anyway.