[GH-ISSUE #2685] Invalid network names on podman #1213

New issue

Open

opened 2026-03-01 21:49:43 +03:00 by kerem · 1 comment

kerem commented 2026-03-01 21:49:43 +03:00

Owner

Copy link

Originally created by @rhbvkleef on GitHub (Feb 27, 2025).
Original GitHub issue: https://github.com/nektos/act/issues/2685

I am running a Forgejo runner (which uses act under the hood) in conjunction with Podman. In general this works fine, but there's an issue with creating network names if the job-id's have spaces in them. The issue appears to occur here. Specifically, Podman requires network names to conform to the regex [a-zA-Z0-9][a-zA-Z0-9_.-]*, but obviously, if the job-id contains one or more spaces, this will not be the case.

I've already submitted a bug report for Forgejo Runner, and that contains more information on how exactly I am running it.

I'm sorry for this slightly unconventional bug report, but I couldn't really fit it in the common bug template, as I'm not running act directly.

Software versions

I am running:

• Forgejo Runner 6.2.2
  • Act 0.2.49
  • Go 1.23
• Host:
  • Bazzite 41.20250216.0 (Silverblue)
  • Kernel 6.12.12-207.bazzite.fc41.x86_64
• Container:
  • Alpine Linux 3.20.5
  • Image: code.forgejo.org/forgejo/runner:6.2.2

Podman

host:
  arch: amd64
  buildahVersion: 1.38.1
  cgroupControllers:
  - cpuset
  - cpu
  - io
  - memory
  - hugetlb
  - pids
  - misc
  cgroupManager: cgroupfs
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.12-3.fc41.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.12, commit: '
  cpuUtilization:
    idlePercent: 95.9
    systemPercent: 1.03
    userPercent: 3.07
  cpus: 8
  databaseBackend: sqlite
  distribution:
    distribution: fedora
    variant: container
    version: "41"
  eventLogger: file
  freeLocks: 2048
  hostname: systemd-forgejo
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 1
      size: 999
    - container_id: 1000
      host_id: 1001
      size: 64535
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 1
      size: 999
    - container_id: 1000
      host_id: 1001
      size: 64535
  kernel: 6.12.12-207.bazzite.fc41.x86_64
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 3237052416
  memTotal: 25056137216
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.14.0-1.fc41.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.14.0
    package: netavark-1.14.0-1.fc41.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.14.0
  ociRuntime:
    name: crun
    package: crun-1.20-2.fc41.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.20
      commit: 9c9a76ac11994701dd666c4f0b869ceffb599a66
      rundir: /tmp/storage-run-1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:
    executable: /usr/bin/pasta
    package: passt-0^20250217.ga1e48a0-2.fc41.x86_64
    version: ""
  remoteSocket:
    exists: true
    path: /tmp/storage-run-1000/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 4286312448
  swapTotal: 4294963200
  uptime: 141h 12m 35.00s (Approximately 5.88 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
store:
  configFile: /home/podman/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/podman/.local/share/containers/storage
  graphRootAllocated: 248355225600
  graphRootUsed: 26972405760
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /tmp/storage-run-1000/containers
  transientStore: false
  volumePath: /home/podman/.local/share/containers/storage/volumes
version:
  APIVersion: 5.3.2
  Built: 17375040

Workflow Content

on:
  - push
env:
  ENV_TYPE: 'TEST'
jobs:
  Django Check:
    runs-on: oci
    container:
      image: nikolaik/python-nodejs:python3.11-nodejs23-bullseye
    steps:
      - uses: actions/checkout@v3
        with:
          submodules: recursive
      - uses: ./.forgejo/actions/prepare
      - working-directory: ./dzeuros
        run: ../env/bin/python3 manage.py check

Relevant Log Output

2025-02-22T14:10:23.8241195Z titan.vankleef.me(version:v6.2.2) received task 455662 of job 740043, be triggered by event: push
2025-02-22T14:10:23.8246073Z workflow prepared
2025-02-22T14:10:23.8249373Z 🚀  Start image=nikolaik/python-nodejs:python3.11-nodejs23-bullseye
2025-02-22T14:10:23.8897943Z   🐳  docker pull image=nikolaik/python-nodejs:python3.11-nodejs23-bullseye platform= username= forcePull=false
2025-02-22T14:10:23.9092523Z Error response from daemon: network name FORGEJO-ACTIONS-TASK-455662_WORKFLOW_JOB-Django-Check-Django Check-network invalid: names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*: invalid argument

Originally created by @rhbvkleef on GitHub (Feb 27, 2025). Original GitHub issue: https://github.com/nektos/act/issues/2685 I am running a Forgejo runner (which uses act under the hood) in conjunction with Podman. In general this works fine, but there's an issue with creating network names if the `job-id`'s have spaces in them. The issue appears to occur [here][bug-site]. Specifically, Podman requires network names to conform to the regex `[a-zA-Z0-9][a-zA-Z0-9_.-]*`, but obviously, if the `job-id` contains one or more spaces, this will not be the case. I've already submitted a bug report for [Forgejo Runner][forgejo-runner], and that contains more information on how exactly I am running it. I'm sorry for this slightly unconventional bug report, but I couldn't really fit it in the common bug template, as I'm not running act directly. ### Software versions I am running: * Forgejo Runner 6.2.2 * Act 0.2.49 * Go 1.23 * Host: * Bazzite 41.20250216.0 (Silverblue) * Kernel 6.12.12-207.bazzite.fc41.x86_64 * Container: * Alpine Linux 3.20.5 * Image: `code.forgejo.org/forgejo/runner:6.2.2` #### Podman ```yaml host: arch: amd64 buildahVersion: 1.38.1 cgroupControllers: - cpuset - cpu - io - memory - hugetlb - pids - misc cgroupManager: cgroupfs cgroupVersion: v2 conmon: package: conmon-2.1.12-3.fc41.x86_64 path: /usr/bin/conmon version: 'conmon version 2.1.12, commit: ' cpuUtilization: idlePercent: 95.9 systemPercent: 1.03 userPercent: 3.07 cpus: 8 databaseBackend: sqlite distribution: distribution: fedora variant: container version: "41" eventLogger: file freeLocks: 2048 hostname: systemd-forgejo idMappings: gidmap: - container_id: 0 host_id: 1000 size: 1 - container_id: 1 host_id: 1 size: 999 - container_id: 1000 host_id: 1001 size: 64535 uidmap: - container_id: 0 host_id: 1000 size: 1 - container_id: 1 host_id: 1 size: 999 - container_id: 1000 host_id: 1001 size: 64535 kernel: 6.12.12-207.bazzite.fc41.x86_64 linkmode: dynamic logDriver: k8s-file memFree: 3237052416 memTotal: 25056137216 networkBackend: netavark networkBackendInfo: backend: netavark dns: package: aardvark-dns-1.14.0-1.fc41.x86_64 path: /usr/libexec/podman/aardvark-dns version: aardvark-dns 1.14.0 package: netavark-1.14.0-1.fc41.x86_64 path: /usr/libexec/podman/netavark version: netavark 1.14.0 ociRuntime: name: crun package: crun-1.20-2.fc41.x86_64 path: /usr/bin/crun version: |- crun version 1.20 commit: 9c9a76ac11994701dd666c4f0b869ceffb599a66 rundir: /tmp/storage-run-1000/crun spec: 1.0.0 +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL os: linux pasta: executable: /usr/bin/pasta package: passt-0^20250217.ga1e48a0-2.fc41.x86_64 version: "" remoteSocket: exists: true path: /tmp/storage-run-1000/podman/podman.sock rootlessNetworkCmd: pasta security: apparmorEnabled: false capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: true seccompEnabled: true seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: false serviceIsRemote: false slirp4netns: executable: "" package: "" version: "" swapFree: 4286312448 swapTotal: 4294963200 uptime: 141h 12m 35.00s (Approximately 5.88 days) variant: "" plugins: authorization: null log: - k8s-file - none - passthrough - journald network: - bridge - macvlan - ipvlan volume: - local registries: search: - registry.fedoraproject.org - registry.access.redhat.com - docker.io store: configFile: /home/podman/.config/containers/storage.conf containerStore: number: 0 paused: 0 running: 0 stopped: 0 graphDriverName: overlay graphOptions: {} graphRoot: /home/podman/.local/share/containers/storage graphRootAllocated: 248355225600 graphRootUsed: 26972405760 graphStatus: Backing Filesystem: btrfs Native Overlay Diff: "true" Supports d_type: "true" Supports shifting: "false" Supports volatile: "true" Using metacopy: "false" imageCopyTmpDir: /var/tmp imageStore: number: 1 runRoot: /tmp/storage-run-1000/containers transientStore: false volumePath: /home/podman/.local/share/containers/storage/volumes version: APIVersion: 5.3.2 Built: 17375040 ``` ### Workflow Content ```yaml on: - push env: ENV_TYPE: 'TEST' jobs: Django Check: runs-on: oci container: image: nikolaik/python-nodejs:python3.11-nodejs23-bullseye steps: - uses: actions/checkout@v3 with: submodules: recursive - uses: ./.forgejo/actions/prepare - working-directory: ./dzeuros run: ../env/bin/python3 manage.py check ``` ### Relevant Log Output ``` 2025-02-22T14:10:23.8241195Z titan.vankleef.me(version:v6.2.2) received task 455662 of job 740043, be triggered by event: push 2025-02-22T14:10:23.8246073Z workflow prepared 2025-02-22T14:10:23.8249373Z 🚀 Start image=nikolaik/python-nodejs:python3.11-nodejs23-bullseye 2025-02-22T14:10:23.8897943Z 🐳 docker pull image=nikolaik/python-nodejs:python3.11-nodejs23-bullseye platform= username= forcePull=false 2025-02-22T14:10:23.9092523Z Error response from daemon: network name FORGEJO-ACTIONS-TASK-455662_WORKFLOW_JOB-Django-Check-Django Check-network invalid: names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*: invalid argument ``` [bug-site]: https://github.com/nektos/act/blob/34144c25ab3099ce1fc1d125fceace632e4ae0a9/pkg/runner/run_context.go#L99 [forgejo-runner]: https://code.forgejo.org/forgejo/runner/issues/487

kerem commented 2026-03-01 21:49:44 +03:00

Author

Owner

Copy link

@ChristopherHX commented on GitHub (Feb 27, 2025):

This is an invalid workflow file per GitHub Actions Docs: https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_id

I would turn this issue more towards, missing job-id validation of forgejo.

Please verify that issues you open here can be reproduced on our side.

jobs like this are early failed

on: push
jobs:
  hello world:
    runs-on: ubuntu-latest
    steps:
    - name: Hello world
      run: echo Hello world

INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock' 
Error: workflow is not valid. 'x.yml': Job name 'hello world' is invalid. Names must start with a letter or '_' and contain only alphanumeric characters, '-', or '_'

<!-- gh-comment-id:2689003112 --> @ChristopherHX commented on GitHub (Feb 27, 2025): This is an invalid workflow file per GitHub Actions Docs: <https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_id> I would turn this issue more towards, missing job-id validation of **forgejo**. Please verify that issues you open here can be reproduced on our side. jobs like this are early failed ```yaml on: push jobs: hello world: runs-on: ubuntu-latest steps: - name: Hello world run: echo Hello world ``` ``` INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock' Error: workflow is not valid. 'x.yml': Job name 'hello world' is invalid. Names must start with a letter or '_' and contain only alphanumeric characters, '-', or '_' ```

kerem referenced this issue 2026-03-01 21:52:55 +03:00

[PR #1213] [MERGED] build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 #1844

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/go_modules/github.com/go-git/go-git/v5-5.18.0

dependabot/go_modules/dependencies-08815e2262

mergify/configuration-deprecated-update

dependabot/github_actions/dependencies-a3a104477f

chore/simplify-ci-and-makefile

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

panekj/ci/improve-jobs

fix-skip-non-yaml-files-in-dir

normalize-pull-rebuild-flags

fix-no-recurse-by-default

2517-poor-error-for-incomplete-action-step

2472-make-use-new-action-cache-the-new-default-for-downloading-actions

act-tart

act-lxc

act-oidc

act-dind

avoid-slash-in-actor

dependabot/go_modules/github.com/docker/docker-26.1.4incompatible

meta-keep-filetime

local-repository-action-cache

pr-merger

update-docker-deps

follow_local_action_symlink

boltdb-lock-in-handler

use-socket-path

no-pull-no-rebuild

path-issues

fix/env

feat/podman

refactor/testdata

v0.2.87

v0.2.86

v0.2.85

v0.2.84

v0.2.83

v0.2.82

v0.2.81

v0.2.80

v0.2.79

v0.2.78

v0.2.77

v0.2.76

v0.2.75

v0.2.74

v0.2.73

v0.2.72

v0.2.71

v0.2.70

v0.2.69

v0.2.68

v0.2.67

v0.2.66

v0.2.65

v0.2.64

v0.2.63

v0.2.62

v0.2.61

v0.2.60

v0.2.59

v0.2.58

v0.2.57

v0.2.56

v0.2.55

v0.2.54

v0.2.53

v0.2.52

v0.2.51

v0.2.50

v0.2.49

v0.2.48

v0.2.47

v0.2.46

v0.2.45

v0.2.44

v0.2.43

v0.2.42

v0.2.41

v0.2.40

v0.2.39

v0.2.38

v0.2.37

v0.2.36

v0.2.35

v0.2.34

v0.2.33

v0.2.32

v0.2.31

v0.2.30

v0.2.29

v0.2.28

v0.2.27

v0.2.26

v0.2.25

v0.2.24

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

area/action

  

area/cli

  

area/docs

  

area/image

  

area/runner

  

area/workflow

  

backlog

  

confirmed/not-planned

  

kind/bug

  

kind/discussion

  

kind/external

  

kind/feature-request

  

kind/question

  

meta/duplicate

  

meta/invalid

  

meta/need-more-info

  

meta/resolved

  

meta/wontfix

  

meta/workaround

  

needs-work

  

pull-request

Mirrored from GitHub Pull Request

  

review/not-planned

  

size/M

  

size/XL

  

size/XXL

  

stale

  

stale-exempt

No labels

area/action

area/cli

area/docs

area/image

area/runner

area/workflow

backlog

confirmed/not-planned

kind/bug

kind/discussion

kind/external

kind/feature-request

kind/question

meta/duplicate

meta/invalid

meta/need-more-info

meta/resolved

meta/wontfix

meta/workaround

needs-work

pull-request

review/not-planned

size/M

size/XL

size/XXL

stale

stale-exempt

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/act#1213

No description provided.