starred/act
1
0
Fork 0
mirror of https://github.com/nektos/act.git synced 2026-04-26 17:35:49 +03:00
Code Issues 289 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #1694] "depends-on" not being accounted for #839

New issue
Closed
opened 2026-03-01 21:46:49 +03:00 by kerem · 3 comments
kerem commented 2026-03-01 21:46:49 +03:00
Owner
Copy link

Originally created by @lemisieur on GitHub (Mar 22, 2023).
Original GitHub issue: https://github.com/nektos/act/issues/1694

Bug report info

act version:            0.2.43
GOOS:                   darwin
GOARCH:                 arm64
NumCPU:                 10
Docker host:            DOCKER_HOST environment variable is unset/empty.
Sockets found:
        /var/run/docker.sock
        /Users/jpoulin/.docker/run/docker.sock
Config files:           
        /Users/jpoulin/.actrc:
                -P ubuntu-latest=catthehacker/ubuntu:act-latest
                -P ubuntu-22.04=catthehacker/ubuntu:act-22.04
                -P ubuntu-20.04=catthehacker/ubuntu:act-20.04
                -P ubuntu-18.04=catthehacker/ubuntu:act-18.04
Build info:
        Go version:            go1.20.1
        Module path:           command-line-arguments
        Main version:          
        Main path:             
        Main checksum:         
        Build settings:
                -buildmode:           exe
                -compiler:            gc
                -ldflags:             -X main.version=0.2.43
                CGO_ENABLED:          1
                CGO_CFLAGS:           
                CGO_CPPFLAGS:         
                CGO_CXXFLAGS:         
                CGO_LDFLAGS:          
                GOARCH:               arm64
                GOOS:                 darwin
Docker Engine:
        Engine version:        20.10.23
        Engine runtime:        runc
        Cgroup version:        2
        Cgroup driver:         cgroupfs
        Storage driver:        overlay2
        Registry URI:          https://index.docker.io/v1/
        OS:                    Docker Desktop
        OS type:               linux
        OS version:            
        OS arch:               aarch64
        OS kernel:             5.15.49-linuxkit
        OS CPU:                2
        OS memory:             1989 MB
        Security options:
                name=seccomp,profile=default
                name=cgroupns

Command used with act

act --secret-file .secrets --workflows .github/workflows/build_backend.yml

Describe issue

It seems like even if I make jobs dependent on each others using the "depends-on" flag, they all kick off at the same time

Link to GitHub repository

No response

Workflow content

name: Build backend

on:
  push:
    branches: # On all branches, except for "prod"
      - "**"
      - "!prod"
    paths:
      - backend/* # Only trigger if backend files are changed
  workflow_dispatch: # Allow manual triggering of the workflow - this should be removed in production

# Set the permissions for the workflow
permissions:
  deployments: write
  packages: write
  pull-requests: write
  security-events: write
  statuses: write

env:
  IMAGE_PATH: ${{ secrets.IMAGE_REGISTRY }}/${{ secrets.IMAGE_REPOSITORY }}/${{ secrets.IMAGE_NAME_BACKEND }}
  DEV_TAG: dev-${{ github.sha }}
  PROMO_TAG: staging # Tag to use to promote the image to the upper environment

jobs:
  ##### Build the backend image and push it to the GitHub Packages registry
  build:
    name: Build backend image
    runs-on: ubuntu-latest # Run on the latest version of Ubuntu

    steps:
      # Checkout the code
      - name: Code checkout
        uses: actions/checkout@v3

      # Set up Docker Buildx
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      # Login to the GitHub Packages registry using the GITHUB_TOKEN
      - name: Login to Github Packages
        uses: docker/login-action@v2
        with:
          registry: ${{ secrets.IMAGE_REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      
      # Build the image and push it to the GitHub Packages registry
      - name: Build image and push to GitHub Packages
        id: docker_build
        uses: docker/build-push-action@v2
        with:
          context: ./
          file: ./backend/Dockerfile
          tags: ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }}
          push: true

      # Output the image digest
      - name: Image digest
        run: echo ${{ steps.docker_build.outputs.digest }}
  
  ##### Scan the image for vulnerabilities
  security-scan:
    name: Image security scan
    runs-on: ubuntu-latest # Run on the latest version of Ubuntu
    depends-on: build # Only run this job if the build job was successful
    
    steps:
      # Login to the GitHub Packages registry using the GITHUB_TOKEN
      - name: Login to Github Packages
        uses: docker/login-action@v2
        with:
          registry: ${{ secrets.IMAGE_REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # Pull the image to scan for vulnerabilities
      - name: Pull image to scan (${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }})
        run: docker pull ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }}

      # Run Snyk to scan the image for vulnerabilities
      - name: Run Snyk to check for vulnerabilities
        uses: snyk/actions/docker@master
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
          image: ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }}
          args: --sarif-file-output=snyk.sarif # Output the results in SARIF format for upload to GitHub Code Scanning
      
      # Upload the results to GitHub Code Scanning
      - name: Upload result to GitHub Code Scanning
        if: ${{ github.ref == 'refs/heads/staging' }} # Only upload report if coming from our upper branch
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: snyk.sarif # Upload the SARIF file generated by Snyk
  
  ##### Promote the image to the upper environment
  promote-staging:
    name: Promote to "{{ env.PROMO_TAG }}" tag
    runs-on: ubuntu-latest # Run on the latest version of Ubuntu
    depends-on: security-scan # Only run this job if the security-scan job was successful
  
    steps:
      # Login to the GitHub Packages registry using the GITHUB_TOKEN
      - name: Login to Github Packages
        uses: docker/login-action@v2
        with:
          registry: ${{ secrets.IMAGE_REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # Pull the image to promote
      - name: Pull dev image (${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }})
        run: docker pull ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }}
      
      # Tag the image with the "staging" tag
      - name: Promote "${{ env.DEV_TAG }}" to "${{ env.PROMO_TAG }}"
        run: docker tag ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }} \
             ${{ env.IMAGE_PATH }}:${{ env.PROMO_TAG }}
      
      # Push the image to the GitHub Packages registry
      - name: Push latest tag to Github Packages
        run: docker push${{ env.IMAGE_PATH }}:${{ env.PROMO_TAG }}

Relevant log output

Too long, will add as attached file to the issue

Additional information

No response

Originally created by @lemisieur on GitHub (Mar 22, 2023). Original GitHub issue: https://github.com/nektos/act/issues/1694 ### Bug report info ```plain text act version: 0.2.43 GOOS: darwin GOARCH: arm64 NumCPU: 10 Docker host: DOCKER_HOST environment variable is unset/empty. Sockets found: /var/run/docker.sock /Users/jpoulin/.docker/run/docker.sock Config files: /Users/jpoulin/.actrc: -P ubuntu-latest=catthehacker/ubuntu:act-latest -P ubuntu-22.04=catthehacker/ubuntu:act-22.04 -P ubuntu-20.04=catthehacker/ubuntu:act-20.04 -P ubuntu-18.04=catthehacker/ubuntu:act-18.04 Build info: Go version: go1.20.1 Module path: command-line-arguments Main version: Main path: Main checksum: Build settings: -buildmode: exe -compiler: gc -ldflags: -X main.version=0.2.43 CGO_ENABLED: 1 CGO_CFLAGS: CGO_CPPFLAGS: CGO_CXXFLAGS: CGO_LDFLAGS: GOARCH: arm64 GOOS: darwin Docker Engine: Engine version: 20.10.23 Engine runtime: runc Cgroup version: 2 Cgroup driver: cgroupfs Storage driver: overlay2 Registry URI: https://index.docker.io/v1/ OS: Docker Desktop OS type: linux OS version: OS arch: aarch64 OS kernel: 5.15.49-linuxkit OS CPU: 2 OS memory: 1989 MB Security options: name=seccomp,profile=default name=cgroupns ``` ### Command used with act ```sh act --secret-file .secrets --workflows .github/workflows/build_backend.yml ``` ### Describe issue It seems like even if I make jobs dependent on each others using the "depends-on" flag, they all kick off at the same time ### Link to GitHub repository _No response_ ### Workflow content ```yml name: Build backend on: push: branches: # On all branches, except for "prod" - "**" - "!prod" paths: - backend/* # Only trigger if backend files are changed workflow_dispatch: # Allow manual triggering of the workflow - this should be removed in production # Set the permissions for the workflow permissions: deployments: write packages: write pull-requests: write security-events: write statuses: write env: IMAGE_PATH: ${{ secrets.IMAGE_REGISTRY }}/${{ secrets.IMAGE_REPOSITORY }}/${{ secrets.IMAGE_NAME_BACKEND }} DEV_TAG: dev-${{ github.sha }} PROMO_TAG: staging # Tag to use to promote the image to the upper environment jobs: ##### Build the backend image and push it to the GitHub Packages registry build: name: Build backend image runs-on: ubuntu-latest # Run on the latest version of Ubuntu steps: # Checkout the code - name: Code checkout uses: actions/checkout@v3 # Set up Docker Buildx - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 # Login to the GitHub Packages registry using the GITHUB_TOKEN - name: Login to Github Packages uses: docker/login-action@v2 with: registry: ${{ secrets.IMAGE_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} # Build the image and push it to the GitHub Packages registry - name: Build image and push to GitHub Packages id: docker_build uses: docker/build-push-action@v2 with: context: ./ file: ./backend/Dockerfile tags: ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }} push: true # Output the image digest - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} ##### Scan the image for vulnerabilities security-scan: name: Image security scan runs-on: ubuntu-latest # Run on the latest version of Ubuntu depends-on: build # Only run this job if the build job was successful steps: # Login to the GitHub Packages registry using the GITHUB_TOKEN - name: Login to Github Packages uses: docker/login-action@v2 with: registry: ${{ secrets.IMAGE_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} # Pull the image to scan for vulnerabilities - name: Pull image to scan (${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }}) run: docker pull ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }} # Run Snyk to scan the image for vulnerabilities - name: Run Snyk to check for vulnerabilities uses: snyk/actions/docker@master env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} with: image: ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }} args: --sarif-file-output=snyk.sarif # Output the results in SARIF format for upload to GitHub Code Scanning # Upload the results to GitHub Code Scanning - name: Upload result to GitHub Code Scanning if: ${{ github.ref == 'refs/heads/staging' }} # Only upload report if coming from our upper branch uses: github/codeql-action/upload-sarif@v2 with: sarif_file: snyk.sarif # Upload the SARIF file generated by Snyk ##### Promote the image to the upper environment promote-staging: name: Promote to "{{ env.PROMO_TAG }}" tag runs-on: ubuntu-latest # Run on the latest version of Ubuntu depends-on: security-scan # Only run this job if the security-scan job was successful steps: # Login to the GitHub Packages registry using the GITHUB_TOKEN - name: Login to Github Packages uses: docker/login-action@v2 with: registry: ${{ secrets.IMAGE_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} # Pull the image to promote - name: Pull dev image (${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }}) run: docker pull ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }} # Tag the image with the "staging" tag - name: Promote "${{ env.DEV_TAG }}" to "${{ env.PROMO_TAG }}" run: docker tag ${{ env.IMAGE_PATH }}:${{ env.DEV_TAG }} \ ${{ env.IMAGE_PATH }}:${{ env.PROMO_TAG }} # Push the image to the GitHub Packages registry - name: Push latest tag to Github Packages run: docker push${{ env.IMAGE_PATH }}:${{ env.PROMO_TAG }} ``` ### Relevant log output ```sh Too long, will add as attached file to the issue ``` ### Additional information _No response_
kerem 2026-03-01 21:46:49 +03:00
  • closed this issue
  • added the
    kind/bug
         label
kerem commented 2026-03-01 21:46:50 +03:00
Author
Owner
Copy link

@lemisieur commented on GitHub (Mar 22, 2023):

log.txt

<!-- gh-comment-id:1479539341 --> @lemisieur commented on GitHub (Mar 22, 2023): [log.txt](https://github.com/nektos/act/files/11040200/log.txt)
kerem commented 2026-03-01 21:46:50 +03:00
Author
Owner
Copy link

@ChristopherHX commented on GitHub (Mar 22, 2023):

depends-on since when is that a valid property of a job?

<!-- gh-comment-id:1479578256 --> @ChristopherHX commented on GitHub (Mar 22, 2023): `depends-on` since when is that a valid property of a job?
kerem commented 2026-03-01 21:46:50 +03:00
Author
Owner
Copy link

@lemisieur commented on GitHub (Mar 22, 2023):

Well, that's my mistake, should've been needs instead, idk where I got this depends-on from

<!-- gh-comment-id:1479791118 --> @lemisieur commented on GitHub (Mar 22, 2023): Well, that's my mistake, should've been `needs` instead, idk where I got this `depends-on` from
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dependabot/go_modules/github.com/go-git/go-git/v5-5.18.0
dependabot/go_modules/dependencies-08815e2262
mergify/configuration-deprecated-update
dependabot/github_actions/dependencies-a3a104477f
chore/simplify-ci-and-makefile
dependabot/go_modules/golang.org/x/crypto-0.45.0
dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0
panekj/ci/improve-jobs
fix-skip-non-yaml-files-in-dir
normalize-pull-rebuild-flags
fix-no-recurse-by-default
2517-poor-error-for-incomplete-action-step
2472-make-use-new-action-cache-the-new-default-for-downloading-actions
act-tart
act-lxc
act-oidc
act-dind
avoid-slash-in-actor
dependabot/go_modules/github.com/docker/docker-26.1.4incompatible
meta-keep-filetime
local-repository-action-cache
pr-merger
update-docker-deps
follow_local_action_symlink
boltdb-lock-in-handler
use-socket-path
no-pull-no-rebuild
path-issues
fix/env
feat/podman
refactor/testdata
v0.2.87
v0.2.86
v0.2.85
v0.2.84
v0.2.83
v0.2.82
v0.2.81
v0.2.80
v0.2.79
v0.2.78
v0.2.77
v0.2.76
v0.2.75
v0.2.74
v0.2.73
v0.2.72
v0.2.71
v0.2.70
v0.2.69
v0.2.68
v0.2.67
v0.2.66
v0.2.65
v0.2.64
v0.2.63
v0.2.62
v0.2.61
v0.2.60
v0.2.59
v0.2.58
v0.2.57
v0.2.56
v0.2.55
v0.2.54
v0.2.53
v0.2.52
v0.2.51
v0.2.50
v0.2.49
v0.2.48
v0.2.47
v0.2.46
v0.2.45
v0.2.44
v0.2.43
v0.2.42
v0.2.41
v0.2.40
v0.2.39
v0.2.38
v0.2.37
v0.2.36
v0.2.35
v0.2.34
v0.2.33
v0.2.32
v0.2.31
v0.2.30
v0.2.29
v0.2.28
v0.2.27
v0.2.26
v0.2.25
v0.2.24
v0.2.23
v0.2.22
v0.2.21
v0.2.20
v0.2.19
v0.2.18
v0.2.17
v0.2.16
v0.2.15
v0.2.14
v0.2.13
v0.2.12
v0.2.11
v0.2.10
v0.2.9
v0.2.8
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
area/action

   
area/cli

   
area/docs

   
area/image

   
area/runner

   
area/workflow

   
backlog

   
confirmed/not-planned

   
kind/bug

   
kind/discussion

   
kind/external

   
kind/feature-request

   
kind/question

   
meta/duplicate

   
meta/invalid

   
meta/need-more-info

   
meta/resolved

   
meta/wontfix

   
meta/workaround

   
needs-work

   
pull-request

Mirrored from GitHub Pull Request

  
review/not-planned

   
size/M

   
size/XL

   
size/XXL

   
stale

   
stale-exempt
No labels
area/action
area/cli
area/docs
area/image
area/runner
area/workflow
backlog
confirmed/not-planned
kind/bug
kind/discussion
kind/external
kind/feature-request
kind/question
meta/duplicate
meta/invalid
meta/need-more-info
meta/resolved
meta/wontfix
meta/workaround
needs-work
pull-request
review/not-planned
size/M
size/XL
size/XXL
stale
stale-exempt
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/act#839
No description provided.