From edec9a8f91c8dafeb834215002ec9f4928205d6a Mon Sep 17 00:00:00 2001
From: lautriva <lautriva@noreply.gitea.com>
Date: Wed, 11 Jun 2025 17:38:29 +0000
Subject: [PATCH] Add a way to specify vars in act_runner exec (#704)

Before this commit, when running locally `act_runner exec` to test workflows, we could only fill env and secrets but not vars
This commit add a new exec option `--var` based on what is done for env and secret

Example:

`act_runner exec --env MY_ENV=testenv -s MY_SECRET=testsecret --var MY_VAR=testvariable`

 workflow
```
name: Gitea Actions test
on: [push]

jobs:
  TestAction:
    runs-on: ubuntu-latest
    steps:
      - run: echo "VAR -> ${{ vars.MY_VAR }}"
      - run: echo "ENV -> ${{ env.MY_ENV }}"
      - run: echo "SECRET -> ${{ secrets.MY_SECRET }}"
```

Will echo var, env and secret values sent in the command line

Fixes gitea/act_runner#692

Co-authored-by: Lautriva <gitlactr@dbn.re>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/act_runner/pulls/704
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: lautriva <lautriva@noreply.gitea.com>
Co-committed-by: lautriva <lautriva@noreply.gitea.com>
---
 internal/app/cmd/exec.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go
index 68f2989..6337951 100644
--- a/internal/app/cmd/exec.go
+++ b/internal/app/cmd/exec.go
@@ -39,6 +39,7 @@ type executeArgs struct {
 	envs                  []string
 	envfile               string
 	secrets               []string
+	vars                  []string
 	defaultActionsURL     string
 	insecureSecrets       bool
 	privileged            bool
@@ -130,6 +131,22 @@ func (i *executeArgs) LoadEnvs() map[string]string {
 	return envs
 }
 
+func (i *executeArgs) LoadVars() map[string]string {
+	vars := make(map[string]string)
+	if i.vars != nil {
+		for _, runVar := range i.vars {
+			e := strings.SplitN(runVar, `=`, 2)
+			if len(e) == 2 {
+				vars[e[0]] = e[1]
+			} else {
+				vars[e[0]] = ""
+			}
+		}
+	}
+
+	return vars
+}
+
 // Workdir returns path to workdir
 func (i *executeArgs) Workdir() string {
 	return i.resolve(".")
@@ -386,6 +403,7 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command
 			LogOutput:             true,
 			JSONLogger:            execArgs.jsonLogger,
 			Env:                   execArgs.LoadEnvs(),
+			Vars:                  execArgs.LoadVars(),
 			Secrets:               execArgs.LoadSecrets(),
 			InsecureSecrets:       execArgs.insecureSecrets,
 			Privileged:            execArgs.privileged,
@@ -468,6 +486,7 @@ func loadExecCmd(ctx context.Context) *cobra.Command {
 	execCmd.Flags().StringArrayVarP(&execArg.envs, "env", "", []string{}, "env to make available to actions with optional value (e.g. --env myenv=foo or --env myenv)")
 	execCmd.PersistentFlags().StringVarP(&execArg.envfile, "env-file", "", ".env", "environment file to read and use as env in the containers")
 	execCmd.Flags().StringArrayVarP(&execArg.secrets, "secret", "s", []string{}, "secret to make available to actions with optional value (e.g. -s mysecret=foo or -s mysecret)")
+	execCmd.Flags().StringArrayVarP(&execArg.vars, "var", "", []string{}, "variable to make available to actions with optional value (e.g. --var myvar=foo or --var myvar)")
 	execCmd.PersistentFlags().BoolVarP(&execArg.insecureSecrets, "insecure-secrets", "", false, "NOT RECOMMENDED! Doesn't hide secrets while printing logs.")
 	execCmd.Flags().BoolVar(&execArg.privileged, "privileged", false, "use privileged mode")
 	execCmd.Flags().StringVar(&execArg.usernsMode, "userns", "", "user namespace to use")