[GH-ISSUE #2412] Container options not parsed in acrtrc #1110

New issue

Closed

opened 2026-03-01 21:48:58 +03:00 by kerem · 5 comments

kerem commented 2026-03-01 21:48:58 +03:00

Owner

Copy link

Originally created by @this-oliver on GitHub (Aug 2, 2024).
Original GitHub issue: https://github.com/nektos/act/issues/2412

Bug report info

act version:            0.2.61
GOOS:                   linux
GOARCH:                 amd64
NumCPU:                 20
Docker host:            DOCKER_HOST environment variable is not set
Sockets found:
        /var/run/docker.sock
Config files:
        /home/bob/.config/act/actrc:
                --platform ubuntu-latest=catthehacker/ubuntu:act-latest
                --platform ubuntu-22.04=catthehacker/ubuntu:act-22.04
                --platform ubuntu-20.04=catthehacker/ubuntu:act-20.04
                --platform ubuntu-18.04=catthehacker/ubuntu:act-18.04
                --platform arc=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4
                --github-instance org.com
                --container-options "--group-add $(stat -c %g /var/run/docker.sock)"
                --replace-ghe-action-with-github-com actions/checkout,actions/setup-node,advanced-security/spdx-dependency-submission-action
Build info:
        Go version:            go1.20.14
        Module path:           github.com/nektos/act
        Main version:          (devel)
        Main path:             github.com/nektos/act
        Main checksum:
        Build settings:
                -buildmode:           exe
                -compiler:            gc
                -trimpath:            true
                CGO_ENABLED:          0
                GOARCH:               amd64
                GOOS:                 linux
                GOAMD64:              v1
                vcs:                  git
                vcs.revision:         e8856f0fb00fcdd16eef2325b845f55f5d346f51
                vcs.time:             2023-08-21T16:17:06Z
                vcs.modified:         true
Docker Engine:
        Engine version:        27.1.1
        Engine runtime:        runc
        Cgroup version:        1
        Cgroup driver:         cgroupfs
        Storage driver:        overlay2
        Registry URI:          https://index.docker.io/v1/
        OS:                    Debian GNU/Linux 12 (bookworm)
        OS type:               linux
        OS version:            12
        OS arch:               x86_64
        OS kernel:             5.15.153.1-microsoft-standard-WSL2
        OS CPU:                20
        OS memory:             31934 MB
        Security options:
                name=seccomp,profile=builtin

Command used with act

gh act

Describe issue

I get the error Cannot parse container options: '"--group-add $(stat -c %g /var/run/docker.sock)"': 'unknown flag: --group-add $(stat -c %g /var/run/docker.sock)' whenever I try to run act with the command --container-options "--group-add $(stat -c %g /var/run/docker.sock)" in the actrc config file but the issue doesn't appear when I run the same flag directly in the command as follows gh act --container-options "--group-add $(stat -c %g /var/run/docker.sock)".

Link to GitHub repository

No response

Workflow content

name: CI

on:
  push:
    branches: main
  pull_request:
    branches: main

jobs:
  quality-analysis:
    runs-on: arc
    steps:
      - name: checkout code
        uses: actions/checkout@v4
      - uses: actions/setup-node@v3
        with:
          node-version: 18
      - name: Install dependencies
        run: npm install
      - name: Run unit tests
        run: npm test

  security:
    runs-on: arc
    steps:
      - name: checkout code
        uses: actions/checkout@v4
      - name: Scan for code/dependency vulnerabilities
        uses: devsecops/action-security@v0
        with:
          report: true

  deploy:
    needs: [quality-analysis, security]
    runs-on: arc
    steps:
      - name: checkout code
        uses: actions/checkout@v4
      - name: build
        run: echo "add build steps here"
      - name: deploy
        run: echo "add deploy steps here"

Relevant log output

DEBU[0000] Handling container host and socket
DEBU[0000] Defaulting container socket to DOCKER_HOST
INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock'
DEBU[0000] Loading environment from /home/bob/app/.env
DEBU[0000] Loading action inputs from /home/bob/app/.input
DEBU[0000] Loading secrets from /home/bob/app/.secrets
DEBU[0000] Loading vars from /home/bob/app/.vars
DEBU[0000] Evaluated matrix inclusions: map[]
DEBU[0000] Loading workflows from '/home/bob/app/.github/workflows'
DEBU[0000] Loading workflows recursively
DEBU[0000] Found workflow 'ci.yaml' in '/home/bob/app/.github/workflows/ci.yaml'
DEBU[0000] Reading workflow '/home/bob/app/.github/workflows/ci.yaml'
DEBU[0000] Conditional GET for notices etag=3afd0192-3e44-4605-b79d-f67196b544ab
DEBU[0000] Preparing plan with all jobs
DEBU[0000] Using default workflow event: push
DEBU[0000] Planning jobs for event: push
DEBU[0000] gc: 2024-08-02 11:52:44.124777193 +0200 CEST m=+0.004219033  module=artifactcache
DEBU[0000] Plan Stages: [0xc0003b4270 0xc0003b4288]
DEBU[0000] Stages Runs: [quality-analysis security]
DEBU[0000] Job.Name: quality-analysis
DEBU[0000] Job.RawNeeds: {0 0    <nil> []    0 0}
DEBU[0000] Job.RawRunsOn: {8 0 !!str arc  <nil> []    11 14}
DEBU[0000] Job.Env: {0 0    <nil> []    0 0}
DEBU[0000] Job.If: {0 0  success()  <nil> []    0 0}
DEBU[0000] Job.Steps: checkout code
DEBU[0000] Job.Steps: actions/setup-node@v3
DEBU[0000] Job.Steps: Install dependencies
DEBU[0000] Job.Steps: Run unit tests
DEBU[0000] Job.TimeoutMinutes:
DEBU[0000] Job.Services: map[]
DEBU[0000] Job.Strategy: <nil>
DEBU[0000] Job.RawContainer: {0 0    <nil> []    0 0}
DEBU[0000] Job.Defaults.Run.Shell:
DEBU[0000] Job.Defaults.Run.WorkingDirectory:
DEBU[0000] Job.Outputs: map[]
DEBU[0000] Job.Uses:
DEBU[0000] Job.With: map[]
DEBU[0000] Job.Result:
DEBU[0000] Empty Strategy, matrixes=[map[]]
DEBU[0000] Job Matrices: [map[]]
DEBU[0000] Runner Matrices: map[]
DEBU[0000] Final matrix after applying user inclusions '[map[]]'
DEBU[0000] Loading revision from git directory
DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467
DEBU[0000] HEAD points to 'c4030f4037c21775edd64dee9fd4a2d78c06f467'
DEBU[0000] using github ref: refs/heads/ft-workflow
DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467
DEBU[0000] Stages Runs: [quality-analysis security]
DEBU[0000] Job.Name: security
DEBU[0000] Job.RawNeeds: {0 0    <nil> []    0 0}
DEBU[0000] Job.RawRunsOn: {8 0 !!str arc  <nil> []    27 14}
DEBU[0000] Job.Env: {0 0    <nil> []    0 0}
DEBU[0000] Job.If: {0 0  success()  <nil> []    0 0}
DEBU[0000] Job.Steps: checkout code
DEBU[0000] Job.Steps: Scan for code/dependency vulnerabilities
DEBU[0000] Job.TimeoutMinutes:
DEBU[0000] Job.Services: map[]
DEBU[0000] Job.Strategy: <nil>
DEBU[0000] Job.RawContainer: {0 0    <nil> []    0 0}
DEBU[0000] Job.Defaults.Run.Shell:
DEBU[0000] Job.Defaults.Run.WorkingDirectory:
DEBU[0000] Job.Outputs: map[]
DEBU[0000] Job.Uses:
DEBU[0000] Job.With: map[]
DEBU[0000] Job.Result:
DEBU[0000] Empty Strategy, matrixes=[map[]]
DEBU[0000] Job Matrices: [map[]]
DEBU[0000] Runner Matrices: map[]
DEBU[0000] Final matrix after applying user inclusions '[map[]]'
DEBU[0000] Loading revision from git directory
DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467
DEBU[0000] HEAD points to 'c4030f4037c21775edd64dee9fd4a2d78c06f467'
DEBU[0000] using github ref: refs/heads/ft-workflow
DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467
DEBU[0000] Detected CPUs: 20
[CI/quality-analysis] [DEBUG] evaluating expression 'success()'
[CI/security        ] [DEBUG] evaluating expression 'success()'
[CI/security        ] [DEBUG] expression 'success()' evaluated to 'true'
[CI/security        ] 🚀  Start image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4
[CI/quality-analysis] [DEBUG] expression 'success()' evaluated to 'true'
[CI/quality-analysis] 🚀  Start image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4
DEBU[0000] Parallel tasks (0) below minimum, setting to 1
[CI/security        ]   🐳  docker pull image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= username= forcePull=true
[CI/security        ] [DEBUG]   🐳  docker pull repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4
DEBU[0000] Parallel tasks (0) below minimum, setting to 1
[CI/security        ] [DEBUG] pulling image 'repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4' ()
[CI/quality-analysis]   🐳  docker pull image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= username= forcePull=true
[CI/quality-analysis] [DEBUG]   🐳  docker pull repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4
[CI/quality-analysis] [DEBUG] pulling image 'repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4' ()
[CI/quality-analysis] [DEBUG] Pulling from runner-image/releases/v1.1.4 :: v1.1.4
[CI/quality-analysis] [DEBUG] Digest: sha256:766b89cd40d477148de363e289e602cd8b436e5c8e0e5c7853cbbb83c25138b9 ::
[CI/quality-analysis] [DEBUG] Status: Image is up to date for repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 ::
[CI/security        ] [DEBUG] Pulling from runner-image/releases/v1.1.4 :: v1.1.4
DEBU[0000] Parallel tasks (0) below minimum, setting to 1
[CI/quality-analysis]   🐳  docker create image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host"
[CI/quality-analysis] [DEBUG] Common container.Config ==> &{Hostname: Domainname: User: AttachStdin:false AttachStdout:false AttachStderr:false ExposedPorts:map[] Tty:true OpenStdin:false StdinOnce:false Env:[RUNNER_TOOL_CACHE=/opt/hostedtoolcache RUNNER_OS=Linux RUNNER_ARCH=X64 RUNNER_TEMP=/tmp LANG=C.UTF-8] Cmd:[] Healthcheck:<nil> ArgsEscaped:false Image:repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 Volumes:map[] WorkingDir:/home/bob/app Entrypoint:[] NetworkDisabled:false MacAddress: OnBuild:[] Labels:map[] StopSignal: StopTimeout:<nil> Shell:[]}
[CI/security        ] [DEBUG] Digest: sha256:766b89cd40d477148de363e289e602cd8b436e5c8e0e5c7853cbbb83c25138b9 ::
[CI/security        ] [DEBUG] Status: Image is up to date for repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 ::
[CI/quality-analysis] [DEBUG] Common container.HostConfig ==> &{Binds:[/var/run/docker.sock:/var/run/docker.sock] ContainerIDFile: LogConfig:{Type: Config:map[]} NetworkMode:host PortBindings:map[] RestartPolicy:{Name: MaximumRetryCount:0} AutoRemove:false VolumeDriver: VolumesFrom:[] ConsoleSize:[0 0] Annotations:map[] CapAdd:[] CapDrop:[] CgroupnsMode: DNS:[] DNSOptions:[] DNSSearch:[] ExtraHosts:[] GroupAdd:[] IpcMode: Cgroup: Links:[] OomScoreAdj:0 PidMode: Privileged:false PublishAllPorts:false ReadonlyRootfs:false SecurityOpt:[] StorageOpt:map[] Tmpfs:map[] UTSMode: UsernsMode: ShmSize:0 Sysctls:map[] Runtime: Isolation: Resources:{CPUShares:0 Memory:0 NanoCPUs:0 CgroupParent: BlkioWeight:0 BlkioWeightDevice:[] BlkioDeviceReadBps:[] BlkioDeviceWriteBps:[] BlkioDeviceReadIOps:[] BlkioDeviceWriteIOps:[] CPUPeriod:0 CPUQuota:0 CPURealtimePeriod:0 CPURealtimeRuntime:0 CpusetCpus: CpusetMems: Devices:[] DeviceCgroupRules:[] DeviceRequests:[] KernelMemory:0 KernelMemoryTCP:0 MemoryReservation:0 MemorySwap:0 MemorySwappiness:<nil> OomKillDisable:<nil> PidsLimit:<nil> Ulimits:[] CPUCount:0 CPUPercent:0 IOMaximumIOps:0 IOMaximumBandwidth:0} Mounts:[{Type:volume Source:act-toolcache Target:/opt/hostedtoolcache ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-quality-analysis-13b4298e7cc91767972b8091021220fc686679f45dbc7129c784cde784fdc716-env Target:/var/run/act ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-quality-analysis-13b4298e7cc91767972b8091021220fc686679f45dbc7129c784cde784fdc716 Target:/home/bob/app ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>}] MaskedPaths:[] ReadonlyPaths:[] Init:<nil>}
DEBU[0000] Parallel tasks (0) below minimum, setting to 1
[CI/security        ]   🐳  docker create image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host"
[CI/security        ] [DEBUG] Common container.Config ==> &{Hostname: Domainname: User: AttachStdin:false AttachStdout:false AttachStderr:false ExposedPorts:map[] Tty:true OpenStdin:false StdinOnce:false Env:[RUNNER_TOOL_CACHE=/opt/hostedtoolcache RUNNER_OS=Linux RUNNER_ARCH=X64 RUNNER_TEMP=/tmp LANG=C.UTF-8] Cmd:[] Healthcheck:<nil> ArgsEscaped:false Image:repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 Volumes:map[] WorkingDir:/home/bob/app Entrypoint:[] NetworkDisabled:false MacAddress: OnBuild:[] Labels:map[] StopSignal: StopTimeout:<nil> Shell:[]}
[CI/security        ] [DEBUG] Common container.HostConfig ==> &{Binds:[/var/run/docker.sock:/var/run/docker.sock] ContainerIDFile: LogConfig:{Type: Config:map[]} NetworkMode:host PortBindings:map[] RestartPolicy:{Name: MaximumRetryCount:0} AutoRemove:false VolumeDriver: VolumesFrom:[] ConsoleSize:[0 0] Annotations:map[] CapAdd:[] CapDrop:[] CgroupnsMode: DNS:[] DNSOptions:[] DNSSearch:[] ExtraHosts:[] GroupAdd:[] IpcMode: Cgroup: Links:[] OomScoreAdj:0 PidMode: Privileged:false PublishAllPorts:false ReadonlyRootfs:false SecurityOpt:[] StorageOpt:map[] Tmpfs:map[] UTSMode: UsernsMode: ShmSize:0 Sysctls:map[] Runtime: Isolation: Resources:{CPUShares:0 Memory:0 NanoCPUs:0 CgroupParent: BlkioWeight:0 BlkioWeightDevice:[] BlkioDeviceReadBps:[] BlkioDeviceWriteBps:[] BlkioDeviceReadIOps:[] BlkioDeviceWriteIOps:[] CPUPeriod:0 CPUQuota:0 CPURealtimePeriod:0 CPURealtimeRuntime:0 CpusetCpus: CpusetMems: Devices:[] DeviceCgroupRules:[] DeviceRequests:[] KernelMemory:0 KernelMemoryTCP:0 MemoryReservation:0 MemorySwap:0 MemorySwappiness:<nil> OomKillDisable:<nil> PidsLimit:<nil> Ulimits:[] CPUCount:0 CPUPercent:0 IOMaximumIOps:0 IOMaximumBandwidth:0} Mounts:[{Type:volume Source:act-toolcache Target:/opt/hostedtoolcache ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-security-c2a1f99cb29341accc7208e574e09ee6c85863cb6dc2f338067b26c4c7c2503a-env Target:/var/run/act ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-security-c2a1f99cb29341accc7208e574e09ee6c85863cb6dc2f338067b26c4c7c2503a Target:/home/bob/app ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>}] MaskedPaths:[] ReadonlyPaths:[] Init:<nil>}
Error: Cannot parse container options: '"--group-add $(stat -c %g /var/run/docker.sock)"': 'unknown flag: --group-add $(stat -c %g /var/run/docker.sock)'

Additional information

I am running my environment on a Windows Subsystem for Linux (WSL) which depends on the Docker Desktop running on the Windows host (not on the WSL).

Originally created by @this-oliver on GitHub (Aug 2, 2024). Original GitHub issue: https://github.com/nektos/act/issues/2412 ### Bug report info ```plain text act version: 0.2.61 GOOS: linux GOARCH: amd64 NumCPU: 20 Docker host: DOCKER_HOST environment variable is not set Sockets found: /var/run/docker.sock Config files: /home/bob/.config/act/actrc: --platform ubuntu-latest=catthehacker/ubuntu:act-latest --platform ubuntu-22.04=catthehacker/ubuntu:act-22.04 --platform ubuntu-20.04=catthehacker/ubuntu:act-20.04 --platform ubuntu-18.04=catthehacker/ubuntu:act-18.04 --platform arc=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 --github-instance org.com --container-options "--group-add $(stat -c %g /var/run/docker.sock)" --replace-ghe-action-with-github-com actions/checkout,actions/setup-node,advanced-security/spdx-dependency-submission-action Build info: Go version: go1.20.14 Module path: github.com/nektos/act Main version: (devel) Main path: github.com/nektos/act Main checksum: Build settings: -buildmode: exe -compiler: gc -trimpath: true CGO_ENABLED: 0 GOARCH: amd64 GOOS: linux GOAMD64: v1 vcs: git vcs.revision: e8856f0fb00fcdd16eef2325b845f55f5d346f51 vcs.time: 2023-08-21T16:17:06Z vcs.modified: true Docker Engine: Engine version: 27.1.1 Engine runtime: runc Cgroup version: 1 Cgroup driver: cgroupfs Storage driver: overlay2 Registry URI: https://index.docker.io/v1/ OS: Debian GNU/Linux 12 (bookworm) OS type: linux OS version: 12 OS arch: x86_64 OS kernel: 5.15.153.1-microsoft-standard-WSL2 OS CPU: 20 OS memory: 31934 MB Security options: name=seccomp,profile=builtin ``` ### Command used with act ```sh gh act ``` ### Describe issue I get the error `Cannot parse container options: '"--group-add $(stat -c %g /var/run/docker.sock)"': 'unknown flag: --group-add $(stat -c %g /var/run/docker.sock)'` whenever I try to run act with the command `--container-options "--group-add $(stat -c %g /var/run/docker.sock)"` in the actrc config file but the issue doesn't appear when I run the same flag directly in the command as follows `gh act --container-options "--group-add $(stat -c %g /var/run/docker.sock)"`. ### Link to GitHub repository _No response_ ### Workflow content ```yml name: CI on: push: branches: main pull_request: branches: main jobs: quality-analysis: runs-on: arc steps: - name: checkout code uses: actions/checkout@v4 - uses: actions/setup-node@v3 with: node-version: 18 - name: Install dependencies run: npm install - name: Run unit tests run: npm test security: runs-on: arc steps: - name: checkout code uses: actions/checkout@v4 - name: Scan for code/dependency vulnerabilities uses: devsecops/action-security@v0 with: report: true deploy: needs: [quality-analysis, security] runs-on: arc steps: - name: checkout code uses: actions/checkout@v4 - name: build run: echo "add build steps here" - name: deploy run: echo "add deploy steps here" ``` ### Relevant log output ```sh DEBU[0000] Handling container host and socket DEBU[0000] Defaulting container socket to DOCKER_HOST INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock' DEBU[0000] Loading environment from /home/bob/app/.env DEBU[0000] Loading action inputs from /home/bob/app/.input DEBU[0000] Loading secrets from /home/bob/app/.secrets DEBU[0000] Loading vars from /home/bob/app/.vars DEBU[0000] Evaluated matrix inclusions: map[] DEBU[0000] Loading workflows from '/home/bob/app/.github/workflows' DEBU[0000] Loading workflows recursively DEBU[0000] Found workflow 'ci.yaml' in '/home/bob/app/.github/workflows/ci.yaml' DEBU[0000] Reading workflow '/home/bob/app/.github/workflows/ci.yaml' DEBU[0000] Conditional GET for notices etag=3afd0192-3e44-4605-b79d-f67196b544ab DEBU[0000] Preparing plan with all jobs DEBU[0000] Using default workflow event: push DEBU[0000] Planning jobs for event: push DEBU[0000] gc: 2024-08-02 11:52:44.124777193 +0200 CEST m=+0.004219033 module=artifactcache DEBU[0000] Plan Stages: [0xc0003b4270 0xc0003b4288] DEBU[0000] Stages Runs: [quality-analysis security] DEBU[0000] Job.Name: quality-analysis DEBU[0000] Job.RawNeeds: {0 0 <nil> [] 0 0} DEBU[0000] Job.RawRunsOn: {8 0 !!str arc <nil> [] 11 14} DEBU[0000] Job.Env: {0 0 <nil> [] 0 0} DEBU[0000] Job.If: {0 0 success() <nil> [] 0 0} DEBU[0000] Job.Steps: checkout code DEBU[0000] Job.Steps: actions/setup-node@v3 DEBU[0000] Job.Steps: Install dependencies DEBU[0000] Job.Steps: Run unit tests DEBU[0000] Job.TimeoutMinutes: DEBU[0000] Job.Services: map[] DEBU[0000] Job.Strategy: <nil> DEBU[0000] Job.RawContainer: {0 0 <nil> [] 0 0} DEBU[0000] Job.Defaults.Run.Shell: DEBU[0000] Job.Defaults.Run.WorkingDirectory: DEBU[0000] Job.Outputs: map[] DEBU[0000] Job.Uses: DEBU[0000] Job.With: map[] DEBU[0000] Job.Result: DEBU[0000] Empty Strategy, matrixes=[map[]] DEBU[0000] Job Matrices: [map[]] DEBU[0000] Runner Matrices: map[] DEBU[0000] Final matrix after applying user inclusions '[map[]]' DEBU[0000] Loading revision from git directory DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467 DEBU[0000] HEAD points to 'c4030f4037c21775edd64dee9fd4a2d78c06f467' DEBU[0000] using github ref: refs/heads/ft-workflow DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467 DEBU[0000] Stages Runs: [quality-analysis security] DEBU[0000] Job.Name: security DEBU[0000] Job.RawNeeds: {0 0 <nil> [] 0 0} DEBU[0000] Job.RawRunsOn: {8 0 !!str arc <nil> [] 27 14} DEBU[0000] Job.Env: {0 0 <nil> [] 0 0} DEBU[0000] Job.If: {0 0 success() <nil> [] 0 0} DEBU[0000] Job.Steps: checkout code DEBU[0000] Job.Steps: Scan for code/dependency vulnerabilities DEBU[0000] Job.TimeoutMinutes: DEBU[0000] Job.Services: map[] DEBU[0000] Job.Strategy: <nil> DEBU[0000] Job.RawContainer: {0 0 <nil> [] 0 0} DEBU[0000] Job.Defaults.Run.Shell: DEBU[0000] Job.Defaults.Run.WorkingDirectory: DEBU[0000] Job.Outputs: map[] DEBU[0000] Job.Uses: DEBU[0000] Job.With: map[] DEBU[0000] Job.Result: DEBU[0000] Empty Strategy, matrixes=[map[]] DEBU[0000] Job Matrices: [map[]] DEBU[0000] Runner Matrices: map[] DEBU[0000] Final matrix after applying user inclusions '[map[]]' DEBU[0000] Loading revision from git directory DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467 DEBU[0000] HEAD points to 'c4030f4037c21775edd64dee9fd4a2d78c06f467' DEBU[0000] using github ref: refs/heads/ft-workflow DEBU[0000] Found revision: c4030f4037c21775edd64dee9fd4a2d78c06f467 DEBU[0000] Detected CPUs: 20 [CI/quality-analysis] [DEBUG] evaluating expression 'success()' [CI/security ] [DEBUG] evaluating expression 'success()' [CI/security ] [DEBUG] expression 'success()' evaluated to 'true' [CI/security ] 🚀 Start image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 [CI/quality-analysis] [DEBUG] expression 'success()' evaluated to 'true' [CI/quality-analysis] 🚀 Start image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 DEBU[0000] Parallel tasks (0) below minimum, setting to 1 [CI/security ] 🐳 docker pull image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= username= forcePull=true [CI/security ] [DEBUG] 🐳 docker pull repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 DEBU[0000] Parallel tasks (0) below minimum, setting to 1 [CI/security ] [DEBUG] pulling image 'repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4' () [CI/quality-analysis] 🐳 docker pull image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= username= forcePull=true [CI/quality-analysis] [DEBUG] 🐳 docker pull repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 [CI/quality-analysis] [DEBUG] pulling image 'repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4' () [CI/quality-analysis] [DEBUG] Pulling from runner-image/releases/v1.1.4 :: v1.1.4 [CI/quality-analysis] [DEBUG] Digest: sha256:766b89cd40d477148de363e289e602cd8b436e5c8e0e5c7853cbbb83c25138b9 :: [CI/quality-analysis] [DEBUG] Status: Image is up to date for repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 :: [CI/security ] [DEBUG] Pulling from runner-image/releases/v1.1.4 :: v1.1.4 DEBU[0000] Parallel tasks (0) below minimum, setting to 1 [CI/quality-analysis] 🐳 docker create image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host" [CI/quality-analysis] [DEBUG] Common container.Config ==> &{Hostname: Domainname: User: AttachStdin:false AttachStdout:false AttachStderr:false ExposedPorts:map[] Tty:true OpenStdin:false StdinOnce:false Env:[RUNNER_TOOL_CACHE=/opt/hostedtoolcache RUNNER_OS=Linux RUNNER_ARCH=X64 RUNNER_TEMP=/tmp LANG=C.UTF-8] Cmd:[] Healthcheck:<nil> ArgsEscaped:false Image:repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 Volumes:map[] WorkingDir:/home/bob/app Entrypoint:[] NetworkDisabled:false MacAddress: OnBuild:[] Labels:map[] StopSignal: StopTimeout:<nil> Shell:[]} [CI/security ] [DEBUG] Digest: sha256:766b89cd40d477148de363e289e602cd8b436e5c8e0e5c7853cbbb83c25138b9 :: [CI/security ] [DEBUG] Status: Image is up to date for repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 :: [CI/quality-analysis] [DEBUG] Common container.HostConfig ==> &{Binds:[/var/run/docker.sock:/var/run/docker.sock] ContainerIDFile: LogConfig:{Type: Config:map[]} NetworkMode:host PortBindings:map[] RestartPolicy:{Name: MaximumRetryCount:0} AutoRemove:false VolumeDriver: VolumesFrom:[] ConsoleSize:[0 0] Annotations:map[] CapAdd:[] CapDrop:[] CgroupnsMode: DNS:[] DNSOptions:[] DNSSearch:[] ExtraHosts:[] GroupAdd:[] IpcMode: Cgroup: Links:[] OomScoreAdj:0 PidMode: Privileged:false PublishAllPorts:false ReadonlyRootfs:false SecurityOpt:[] StorageOpt:map[] Tmpfs:map[] UTSMode: UsernsMode: ShmSize:0 Sysctls:map[] Runtime: Isolation: Resources:{CPUShares:0 Memory:0 NanoCPUs:0 CgroupParent: BlkioWeight:0 BlkioWeightDevice:[] BlkioDeviceReadBps:[] BlkioDeviceWriteBps:[] BlkioDeviceReadIOps:[] BlkioDeviceWriteIOps:[] CPUPeriod:0 CPUQuota:0 CPURealtimePeriod:0 CPURealtimeRuntime:0 CpusetCpus: CpusetMems: Devices:[] DeviceCgroupRules:[] DeviceRequests:[] KernelMemory:0 KernelMemoryTCP:0 MemoryReservation:0 MemorySwap:0 MemorySwappiness:<nil> OomKillDisable:<nil> PidsLimit:<nil> Ulimits:[] CPUCount:0 CPUPercent:0 IOMaximumIOps:0 IOMaximumBandwidth:0} Mounts:[{Type:volume Source:act-toolcache Target:/opt/hostedtoolcache ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-quality-analysis-13b4298e7cc91767972b8091021220fc686679f45dbc7129c784cde784fdc716-env Target:/var/run/act ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-quality-analysis-13b4298e7cc91767972b8091021220fc686679f45dbc7129c784cde784fdc716 Target:/home/bob/app ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>}] MaskedPaths:[] ReadonlyPaths:[] Init:<nil>} DEBU[0000] Parallel tasks (0) below minimum, setting to 1 [CI/security ] 🐳 docker create image=repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 platform= entrypoint=["tail" "-f" "/dev/null"] cmd=[] network="host" [CI/security ] [DEBUG] Common container.Config ==> &{Hostname: Domainname: User: AttachStdin:false AttachStdout:false AttachStderr:false ExposedPorts:map[] Tty:true OpenStdin:false StdinOnce:false Env:[RUNNER_TOOL_CACHE=/opt/hostedtoolcache RUNNER_OS=Linux RUNNER_ARCH=X64 RUNNER_TEMP=/tmp LANG=C.UTF-8] Cmd:[] Healthcheck:<nil> ArgsEscaped:false Image:repo.artifactory.org.com/runner-image/releases/v1.1.4:v1.1.4 Volumes:map[] WorkingDir:/home/bob/app Entrypoint:[] NetworkDisabled:false MacAddress: OnBuild:[] Labels:map[] StopSignal: StopTimeout:<nil> Shell:[]} [CI/security ] [DEBUG] Common container.HostConfig ==> &{Binds:[/var/run/docker.sock:/var/run/docker.sock] ContainerIDFile: LogConfig:{Type: Config:map[]} NetworkMode:host PortBindings:map[] RestartPolicy:{Name: MaximumRetryCount:0} AutoRemove:false VolumeDriver: VolumesFrom:[] ConsoleSize:[0 0] Annotations:map[] CapAdd:[] CapDrop:[] CgroupnsMode: DNS:[] DNSOptions:[] DNSSearch:[] ExtraHosts:[] GroupAdd:[] IpcMode: Cgroup: Links:[] OomScoreAdj:0 PidMode: Privileged:false PublishAllPorts:false ReadonlyRootfs:false SecurityOpt:[] StorageOpt:map[] Tmpfs:map[] UTSMode: UsernsMode: ShmSize:0 Sysctls:map[] Runtime: Isolation: Resources:{CPUShares:0 Memory:0 NanoCPUs:0 CgroupParent: BlkioWeight:0 BlkioWeightDevice:[] BlkioDeviceReadBps:[] BlkioDeviceWriteBps:[] BlkioDeviceReadIOps:[] BlkioDeviceWriteIOps:[] CPUPeriod:0 CPUQuota:0 CPURealtimePeriod:0 CPURealtimeRuntime:0 CpusetCpus: CpusetMems: Devices:[] DeviceCgroupRules:[] DeviceRequests:[] KernelMemory:0 KernelMemoryTCP:0 MemoryReservation:0 MemorySwap:0 MemorySwappiness:<nil> OomKillDisable:<nil> PidsLimit:<nil> Ulimits:[] CPUCount:0 CPUPercent:0 IOMaximumIOps:0 IOMaximumBandwidth:0} Mounts:[{Type:volume Source:act-toolcache Target:/opt/hostedtoolcache ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-security-c2a1f99cb29341accc7208e574e09ee6c85863cb6dc2f338067b26c4c7c2503a-env Target:/var/run/act ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:act-CI-security-c2a1f99cb29341accc7208e574e09ee6c85863cb6dc2f338067b26c4c7c2503a Target:/home/bob/app ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>}] MaskedPaths:[] ReadonlyPaths:[] Init:<nil>} Error: Cannot parse container options: '"--group-add $(stat -c %g /var/run/docker.sock)"': 'unknown flag: --group-add $(stat -c %g /var/run/docker.sock)' ``` ### Additional information I am running my environment on a Windows Subsystem for Linux (WSL) which depends on the Docker Desktop running on the Windows host (not on the WSL).

kerem 2026-03-01 21:48:58 +03:00

• closed this issue
• added the
  stale
  kind/bug
  labels

kerem commented 2026-03-01 21:48:59 +03:00

Author

Owner

Copy link

@enricojonas commented on GitHub (Oct 16, 2024):

Suffering the same issue - would be nice to be able to use it from actrc instead.

<!-- gh-comment-id:2416076991 --> @enricojonas commented on GitHub (Oct 16, 2024): Suffering the same issue - would be nice to be able to use it from actrc instead.

kerem commented 2026-03-01 21:48:59 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Apr 15, 2025):

Issue is stale and will be closed in 14 days unless there is new activity

<!-- gh-comment-id:2803385391 --> @github-actions[bot] commented on GitHub (Apr 15, 2025): Issue is stale and will be closed in 14 days unless there is new activity

kerem commented 2026-03-01 21:48:59 +03:00

Author

Owner

Copy link

@emirotin commented on GitHub (Dec 13, 2025):

I was trying to provide two options via the flag in the actrc file

Having them in a single line fails to be parsed
Having multiple --container-options lines just uses the last of them

<!-- gh-comment-id:3649891646 --> @emirotin commented on GitHub (Dec 13, 2025): I was trying to provide two options via the flag in the actrc file Having them in a single line fails to be parsed Having multiple `--container-options` lines just uses the last of them

kerem commented 2026-03-01 21:48:59 +03:00

Author

Owner

Copy link

@enricojonas commented on GitHub (Dec 15, 2025):

One thing I found out that you can use it in .actrc file. You will need to escape the double dashes.

--container-options \-\-group-add 990

<!-- gh-comment-id:3654077056 --> @enricojonas commented on GitHub (Dec 15, 2025): One thing I found out that you can use it in .actrc file. You will need to escape the double dashes. `--container-options \-\-group-add 990`

kerem commented 2026-03-01 21:48:59 +03:00

Author

Owner

Copy link

@emirotin commented on GitHub (Dec 15, 2025):

Omg double dashes, kinda makes sense, thanks!

On Mon, Dec 15, 2025 at 09:31 Enrico Jonas @.***> wrote:

enricojonas left a comment (nektos/act#2412)
https://github.com/nektos/act/issues/2412#issuecomment-3654077056

One thing I found out that you can use it in .actrc file. You will need to
escape the double dashes.

--container-options --group-add 990

—
Reply to this email directly, view it on GitHub
https://github.com/nektos/act/issues/2412#issuecomment-3654077056, or
unsubscribe
https://github.com/notifications/unsubscribe-auth/AAEAMCF4NK5WJ6ICR3GFJDL4BZPV3AVCNFSM6AAAAACO6VWWD2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTMNJUGA3TOMBVGY
.
You are receiving this because you commented.Message ID:
@.***>

<!-- gh-comment-id:3654514279 --> @emirotin commented on GitHub (Dec 15, 2025): Omg double dashes, kinda makes sense, thanks! On Mon, Dec 15, 2025 at 09:31 Enrico Jonas ***@***.***> wrote: > *enricojonas* left a comment (nektos/act#2412) > <https://github.com/nektos/act/issues/2412#issuecomment-3654077056> > > One thing I found out that you can use it in .actrc file. You will need to > escape the double dashes. > > --container-options \-\-group-add 990 > > — > Reply to this email directly, view it on GitHub > <https://github.com/nektos/act/issues/2412#issuecomment-3654077056>, or > unsubscribe > <https://github.com/notifications/unsubscribe-auth/AAEAMCF4NK5WJ6ICR3GFJDL4BZPV3AVCNFSM6AAAAACO6VWWD2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTMNJUGA3TOMBVGY> > . > You are receiving this because you commented.Message ID: > ***@***.***> >

kerem referenced this issue 2026-03-01 21:52:40 +03:00

[PR #1110] [MERGED] feat: implement pre-action step #1784

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/go_modules/github.com/go-git/go-git/v5-5.18.0

dependabot/go_modules/dependencies-08815e2262

mergify/configuration-deprecated-update

dependabot/github_actions/dependencies-a3a104477f

chore/simplify-ci-and-makefile

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

panekj/ci/improve-jobs

fix-skip-non-yaml-files-in-dir

normalize-pull-rebuild-flags

fix-no-recurse-by-default

2517-poor-error-for-incomplete-action-step

2472-make-use-new-action-cache-the-new-default-for-downloading-actions

act-tart

act-lxc

act-oidc

act-dind

avoid-slash-in-actor

dependabot/go_modules/github.com/docker/docker-26.1.4incompatible

meta-keep-filetime

local-repository-action-cache

pr-merger

update-docker-deps

follow_local_action_symlink

boltdb-lock-in-handler

use-socket-path

no-pull-no-rebuild

path-issues

fix/env

feat/podman

refactor/testdata

v0.2.87

v0.2.86

v0.2.85

v0.2.84

v0.2.83

v0.2.82

v0.2.81

v0.2.80

v0.2.79

v0.2.78

v0.2.77

v0.2.76

v0.2.75

v0.2.74

v0.2.73

v0.2.72

v0.2.71

v0.2.70

v0.2.69

v0.2.68

v0.2.67

v0.2.66

v0.2.65

v0.2.64

v0.2.63

v0.2.62

v0.2.61

v0.2.60

v0.2.59

v0.2.58

v0.2.57

v0.2.56

v0.2.55

v0.2.54

v0.2.53

v0.2.52

v0.2.51

v0.2.50

v0.2.49

v0.2.48

v0.2.47

v0.2.46

v0.2.45

v0.2.44

v0.2.43

v0.2.42

v0.2.41

v0.2.40

v0.2.39

v0.2.38

v0.2.37

v0.2.36

v0.2.35

v0.2.34

v0.2.33

v0.2.32

v0.2.31

v0.2.30

v0.2.29

v0.2.28

v0.2.27

v0.2.26

v0.2.25

v0.2.24

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

area/action

  

area/cli

  

area/docs

  

area/image

  

area/runner

  

area/workflow

  

backlog

  

confirmed/not-planned

  

kind/bug

  

kind/discussion

  

kind/external

  

kind/feature-request

  

kind/question

  

meta/duplicate

  

meta/invalid

  

meta/need-more-info

  

meta/resolved

  

meta/wontfix

  

meta/workaround

  

needs-work

  

pull-request

Mirrored from GitHub Pull Request

  

review/not-planned

  

size/M

  

size/XL

  

size/XXL

  

stale

  

stale-exempt

No labels

area/action

area/cli

area/docs

area/image

area/runner

area/workflow

backlog

confirmed/not-planned

kind/bug

kind/discussion

kind/external

kind/feature-request

kind/question

meta/duplicate

meta/invalid

meta/need-more-info

meta/resolved

meta/wontfix

meta/workaround

needs-work

pull-request

review/not-planned

size/M

size/XL

size/XXL

stale

stale-exempt

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/act#1110

No description provided.