debian-mirror-gitlab/lib/api/helpers/runner.rb

97 lines
2.6 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
module API
module Helpers
module Runner
2020-06-23 00:09:42 +05:30
include Gitlab::Utils::StrongMemoize
2021-06-08 01:23:25 +05:30
prepend_mod_with('API::Helpers::Runner') # rubocop: disable Cop/InjectEnterpriseEditionModule
2019-12-04 20:38:33 +05:30
JOB_TOKEN_HEADER = 'HTTP_JOB_TOKEN'
2017-08-17 22:00:37 +05:30
JOB_TOKEN_PARAM = :token
def runner_registration_token_valid?
2019-09-30 21:07:59 +05:30
ActiveSupport::SecurityUtils.secure_compare(params[:token], Gitlab::CurrentSettings.runners_registration_token)
2017-08-17 22:00:37 +05:30
end
2018-03-27 19:54:05 +05:30
def authenticate_runner!
forbidden! unless current_runner
2018-03-17 18:26:18 +05:30
2018-03-27 19:54:05 +05:30
current_runner
2020-06-23 00:09:42 +05:30
.heartbeat(get_runner_details_from_request)
2017-08-17 22:00:37 +05:30
end
2018-03-27 19:54:05 +05:30
def get_runner_details_from_request
return get_runner_ip unless params['info'].present?
attributes_for_keys(%w(name version revision platform architecture), params['info'])
.merge(get_runner_ip)
end
2018-03-17 18:26:18 +05:30
2018-03-27 19:54:05 +05:30
def get_runner_ip
2019-10-12 21:52:04 +05:30
{ ip_address: ip_address }
2017-08-17 22:00:37 +05:30
end
def current_runner
2020-06-23 00:09:42 +05:30
strong_memoize(:current_runner) do
::Ci::Runner.find_by_token(params[:token].to_s)
end
2017-08-17 22:00:37 +05:30
end
2021-04-29 21:17:54 +05:30
# HTTP status codes to terminate the job on GitLab Runner:
# - 403
2020-06-23 00:09:42 +05:30
def authenticate_job!(require_running: true)
job = current_job
2017-08-17 22:00:37 +05:30
2021-04-29 21:17:54 +05:30
# 404 is not returned here because we want to terminate the job if it's
# running. A 404 can be returned from anywhere in the networking stack which is why
# we are explicit about a 403, we should improve this in
# https://gitlab.com/gitlab-org/gitlab/-/issues/327703
forbidden! unless job
2020-06-23 00:09:42 +05:30
forbidden! unless job_token_valid?(job)
2019-02-15 15:39:39 +05:30
2020-06-23 00:09:42 +05:30
forbidden!('Project has been deleted!') if job.project.nil? || job.project.pending_delete?
2019-02-15 15:39:39 +05:30
forbidden!('Job has been erased!') if job.erased?
2017-08-17 22:00:37 +05:30
2020-06-23 00:09:42 +05:30
if require_running
job_forbidden!(job, 'Job is not running') unless job.running?
end
2017-08-17 22:00:37 +05:30
2021-01-03 14:25:43 +05:30
job.runner&.heartbeat(get_runner_ip)
2017-08-17 22:00:37 +05:30
2019-02-15 15:39:39 +05:30
job
2017-08-17 22:00:37 +05:30
end
2020-03-13 15:44:24 +05:30
def current_job
2020-06-23 00:09:42 +05:30
strong_memoize(:current_job) do
2020-07-28 23:09:34 +05:30
::Ci::Build.find_by_id(params[:id])
2020-06-23 00:09:42 +05:30
end
2020-03-13 15:44:24 +05:30
end
2019-02-15 15:39:39 +05:30
def job_token_valid?(job)
token = (params[JOB_TOKEN_PARAM] || env[JOB_TOKEN_HEADER]).to_s
token && job.valid_token?(token)
2017-08-17 22:00:37 +05:30
end
2018-11-08 19:23:39 +05:30
def job_forbidden!(job, reason)
header 'Job-Status', job.status
forbidden!(reason)
end
2021-04-17 20:07:23 +05:30
def set_application_context
return unless current_job
Gitlab::ApplicationContext.push(
user: -> { current_job.user },
project: -> { current_job.project }
)
end
2021-06-08 01:23:25 +05:30
def track_ci_minutes_usage!(_build, _runner)
# noop: overridden in EE
end
2017-08-17 22:00:37 +05:30
end
end
end