feat: Enable passing of proxy variables to Docker build

[john-tipper]

Resolves #2722.

This PR adds a flag called --pass-proxy-vars-to-docker-build --pass-envvars-to-docker-build which allows the user to pass proxy variables through to the build of Docker-based actions. These variables are HTTP_PROXY, HTTPS_PROXY and NO_PROXY, plus the lowercase versions too because not all applications respect all cases.

The variables that are set are taken from the environment of Act itself. If the URL includes a password then this is redacted when logging the command passed to Docker.

This PR allows Act to be used within an enterprise environment where access to the internet is via an authenticating proxy, otherwise Docker-based actions are not able to be used if they need to access the internet as part of their build process.

[codecov]

Codecov Report

Attention: Patch coverage is 31.25000% with 22 lines in your changes missing coverage. Please review.

Project coverage is 74.46%. Comparing base (5a80a04) to head (6e864e1).
Report is 197 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/container/docker_build.go	30.00%	12 Missing and 2 partials ⚠️
pkg/runner/action.go	20.00%	7 Missing and 1 partial ⚠️

❌ Your patch check has failed because the patch coverage (31.25%) is below the target coverage (50.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@             Coverage Diff             @@
##           master    #2723       +/-   ##
===========================================
+ Coverage   61.56%   74.46%   +12.90%     
===========================================
  Files          53       73       +20     
  Lines        9002    11169     +2167     
===========================================
+ Hits         5542     8317     +2775     
+ Misses       3020     2213      -807     
- Partials      440      639      +199     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[john-tipper]

@Mergifyio requeue

(Was trying to get the needs-work label to be recalculated).

[mergify]

requeue

❌ Command disallowed due to command restrictions in the Mergify configuration.

• sender-permission >= write

[panekj]

I think it would be better to make it an option that allows passing any custom envvars rather than just proxy

[john-tipper]

I think it would be better to make it an option that allows passing any custom envvars rather than just proxy

I don't want to pass key=value pairs in case there are sensitive values in there which would get logged when the docker command gets printed, so I'd like to just pass envar keys. Would you be ok to have this as a flag that has a default value of HTTP_PROXY,HTTPS_PROXY,NO_PROXY,http_proxy,https_proxy,no_proxy and where the code then iterates through those keys and fetches the values from the environment? Users could supply their own values if they wanted - might be useful if needing to change things like AWS_CA_BUNDLE for example.

If we went down this route, what would the flag be called? --pass-proxy-vars-to-docker-build no longer makes sense IMO. Something like --pass-envvars-to-docker-build, perhaps?

[john-tipper]

@panekj Please take a look at the revised PR, you can now do as you wish.

• No --pass-envvars-to-docker-build flag results in no variables being passed to docker build.
• --pass-envvars-to-docker-build by itself causes HTTP_PROXY,HTTPS_PROXY,NO_PROXY,http_proxy,https_proxy,no_proxy to be passed to docker build
• --pass-envvars-to-docker-build=foo,bar causes foo and bar to be retrieved from the env and passed to docker build

[userid0x0]

Hi,
sorry for jumping in here - I just want to mention I have the same proxy issue on my side.