Fix apt-cache package lookup failure in nektos/act environments

[Copilot]

Fixes apt-cache package lookup failures when using nektos/act for local GitHub Actions testing by automatically updating stale APT package lists, with zero performance impact on normal GitHub Actions runs.

Problem

When running this action with nektos/act (local GitHub Actions runner), the package normalization step fails because apt-cache show is called before apt update has refreshed the package lists. This works fine on GitHub's runners which have pre-updated package lists, but nektos/act containers typically start with empty/stale package lists.

Error encountered running apt-cache --quiet=0 --no-all-versions show python3-semver python3-requests
Exited with status code 100; see combined output below:
N: Unable to locate package python3-semver
N: Unable to locate package python3-requests
E: No packages found

Solution

Created a shared update_apt_lists_if_stale() function in lib.sh that:

1. Detects nektos/act environment by checking the ACT environment variable
2. Only runs when ACT=true - normal GitHub Actions runs skip this check entirely for zero performance impact
3. Checks package list freshness - only updates if /var/lib/apt/lists is older than 5 minutes
4. Updates package lists when stale using apt-fast (if available) or apt with proper error handling
5. Used in both scripts - pre_cache_action.sh and install_and_cache_pkgs.sh share the same logic

Changes Made

• Created update_apt_lists_if_stale() function in lib.sh with ACT environment detection
• Modified pre_cache_action.sh to call the shared function before package normalization
• Modified install_and_cache_pkgs.sh to use the shared function instead of inline logic
• Added proper error handling to prevent breaking existing functionality
• Updated .gitignore to prevent committing build artifacts

Testing

• ✅ All existing Go tests pass
• ✅ Manual testing confirms packages resolve correctly with ACT=true
• ✅ Verified zero performance impact when ACT is not set (normal GitHub Actions)
• ✅ Verified update logic activates correctly when ACT=true (nektos/act)
• ✅ Tested with python3-semver and python3-requests from the original issue

Performance Impact

Normal GitHub Actions (ACT not set): Zero overhead - function returns immediately without any checks

nektos/act (ACT=true): Checks package list freshness and updates only if stale (>5 minutes old)

This approach specifically targets the nektos/act issue while maintaining optimal performance for standard GitHub Actions workflows.

Fixes #125

Original prompt

---

This section details on the original issue you should resolve

<issue_title>apt-cache does not find packages with nektos/act</issue_title>
<issue_description>I use nektos act to debug my workflows locally before committing them.

The following minimal reproducible example:

name: CI
on:
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: awalsh128/cache-apt-pkgs-action@latest
        with:
          packages: python3-semver python3-requests

fails:

[CI/build] ⭐ Run Main awalsh128/cache-apt-pkgs-action@latest
[CI/build]   🐳  docker cp src=/home/vagrant/.cache/act/awalsh128-cache-apt-pkgs-action@latest/ dst=/var/run/act/actions/awalsh128-cache-apt-pkgs-action@latest/
[CI/build] ⭐ Run Main ${GITHUB_ACTION_PATH}/pre_cache_action.sh \
  ~/cache-apt-pkgs \
  "$VERSION" \
  "$EXEC_INSTALL_SCRIPTS" \
  "$DEBUG" \
  "$PACKAGES"
echo "CACHE_KEY=$(cat ~/cache-apt-pkgs/cache_key.md5)" >> $GITHUB_ENV
[CI/build]   🐳  docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/0-composite-pre-cache.sh] user= workdir=
| 08:35:29.331 Normalizing package list...
| Error encountered running apt-cache --quiet=0 --no-all-versions show python3-semver python3-requests
| Exited with status code 100; see combined output below:
| N: Unable to locate package python3-semver
| N: Unable to locate package python3-requests
| N: Unable to locate package python3-semver
| N: Unable to locate package python3-requests
| E: No packages found
[CI/build]   ❌  Failure - Main ${GITHUB_ACTION_PATH}/pre_cache_action.sh \
  ~/cache-apt-pkgs \
  "$VERSION" \
  "$EXEC_INSTALL_SCRIPTS" \
  "$DEBUG" \
  "$PACKAGES"
echo "CACHE_KEY=$(cat ~/cache-apt-pkgs/cache_key.md5)" >> $GITHUB_ENV
[CI/build] exitcode '1': failure
[CI/build]   ⚙  ::set-output:: package-version-list=
[CI/build]   ⚙  ::set-output:: all-package-version-list=
[CI/build]   ⚙  ::set-output:: cache-hit=false
[CI/build]   ❌  Failure - Main awalsh128/cache-apt-pkgs-action@latest
[CI/build] exitcode '1': failure
[CI/build] ⭐ Run Post awalsh128/cache-apt-pkgs-action@latest
[CI/build]   🐳  docker cp src=/home/vagrant/.cache/act/awalsh128-cache-apt-pkgs-action@latest/ dst=/var/run/act/actions/awalsh128-cache-apt-pkgs-action@latest/
[CI/build]   ✅  Success - Post awalsh128/cache-apt-pkgs-action@latest
[CI/build] 🏁  Job failed

It looks like, at the heart of it, apt-cache is unable to find the requested packages, but I haven't been able to find an exact explanation for its exit codes.

It works when I actually run it on GitHub, just not locally.</issue_description>

Comments on the Issue (you are @copilot in this section)

@awalsh128 I would look at the package on install and then on update on the logs to see what the difference is. That would be a good start to the investigation. Post it here. @awalsh128 I am wondering if `apt-fast update` is the issue here. It would be helpful to know the difference in installs.

What would be helpful here is to compare the diff between the 2 commands. Could one you try that?</comment_new>
<comment_new>@awalsh128
Hi @hbontempo-cw could you do some work on my last comment? Also if you use @master it will have more debugging until I create a release in testing.</comment_new>
<comment_new>@awalsh128

@hbontempo-cw it's pretty expected to have to run apt-get update once before you can install any package inside a docker container because otherwise the indexes are uninitialized. If I'm using dind for my runner, as in action-runner-controller, then it's inside a docker container. Can we just get it as an option that's off by default?

Can you clarify what you mean by off as default?</comment_new>

Fixes #125

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[awalsh128]

Move this block to a library function in lib.sh and have it used in both locations

[Copilot]

Refactored the apt list update logic into update_apt_lists_if_stale() function in lib.sh and updated both pre_cache_action.sh and install_and_cache_pkgs.sh to use it. See commit d6013a0.

[awalsh128]

Will this ever happen? apt-fast should have a guarantee of being installed

[Copilot]

The check for apt-fast is necessary in pre_cache_action.sh because apt-fast is not installed at that point (unlike in install_and_cache_pkgs.sh where it's installed first). The shared function now checks for apt-fast availability and falls back to apt if it's not present, making it work correctly in both contexts. See commit d6013a0.

[awalsh128]

This will slow down the action though. The point is that this part run without needing to update. Is there a way to detect if the nektos/act is being ran?

[Copilot]

Modified the function to only check/update package lists when ACT=true (nektos/act environment). Normal GitHub Actions runs are unaffected and have zero performance overhead. See commit for details.

[awalsh128]

@copilot Please continue working on this PR.

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• esm.ubuntu.com
  • Triggering command: /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[awalsh128]

@copilot Please continue working on this PR.

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• esm.ubuntu.com
  • Triggering command: /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Mynacol]

This actually fixes a problem I have in the following action: https://codeberg.org/Mynacol/flowpipeline/actions/runs/197#jobstep-2-21

Unfortunately, it still doesn't work when using this PR. But that's on the runner environment: https://codeberg.org/Mynacol/flowpipeline/actions/runs/200#jobstep-2-1421