DevFW-CICD/garm
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
garm/runner/pool/organization.go

232 lines
6.5 KiB
Go
Raw Normal View History

Add license headers
2022-05-05 13:25:50 +00:00
// Copyright 2022 Cloudbase Solutions SRL
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may
// not use this file except in compliance with the License. You may obtain
// a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations
// under the License.
Add organizations
2022-05-04 16:27:24 +00:00
package pool
import (
"context"
"fmt"
Start pool managers in the background Garm no longer fails on startup if a pool manager cannot be started. It will attempt to start the pool manager in the background. If it fails due to an unauthorized error, it will sleep for 3 hours. It is unlikely it will work a second time if credentials are not updated in the config and garm is restarted, so no point in getting rate limited. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 17:22:47 +03:00
"net/http"
Make owners and repos case insensitive Github treats owners (users and orgs) and repos as case insensitive. To github, https://github.com/cloudbase/garm is equivalent to https://github.com/CloudBase/GaRm. This commit makes the sql store backend, case insensitive when querying repos and orgs. Fixes: #25 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-05 17:12:45 +03:00
"strings"
Add organizations
2022-05-04 16:27:24 +00:00
"sync"
Rename module This change renames the module from "garm" to "github.com/cloudbase/garm". This will make it easier to consume public functions defined in garm, by external applications, without having to resort to replace. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2023-03-12 16:01:49 +02:00
dbCommon "github.com/cloudbase/garm/database/common"
runnerErrors "github.com/cloudbase/garm/errors"
"github.com/cloudbase/garm/params"
"github.com/cloudbase/garm/runner/common"
"github.com/cloudbase/garm/util"
Add organizations
2022-05-04 16:27:24 +00:00
Update go-github and remove redirect
2022-10-20 12:07:56 +03:00
"github.com/google/go-github/v48/github"
Add organizations
2022-05-04 16:27:24 +00:00
"github.com/pkg/errors"
)
// test that we implement PoolManager
var _ poolHelper = &organization{}
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
func NewOrganizationPoolManager(ctx context.Context, cfg params.Organization, cfgInternal params.Internal, providers map[string]common.Provider, store dbCommon.Store) (common.PoolManager, error) {
Add enterprise support This change adds enterprise support throughout garm. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-13 16:09:28 +00:00
ghc, _, err := util.GithubClient(ctx, cfgInternal.OAuth2Token, cfgInternal.GithubCredentialsDetails)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
return nil, errors.Wrap(err, "getting github client")
}
helper := &organization{
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
cfg: cfg,
cfgInternal: cfgInternal,
ctx: ctx,
ghcli: ghc,
id: cfg.ID,
store: store,
Add organizations
2022-05-04 16:27:24 +00:00
}
Start pool managers in the background Garm no longer fails on startup if a pool manager cannot be started. It will attempt to start the pool manager in the background. If it fails due to an unauthorized error, it will sleep for 3 hours. It is unlikely it will work a second time if credentials are not updated in the config and garm is restarted, so no point in getting rate limited. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 17:22:47 +03:00
repo := &basePoolManager{
Add organizations
2022-05-04 16:27:24 +00:00
ctx: ctx,
store: store,
providers: providers,
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
controllerID: cfgInternal.ControllerID,
Add organizations
2022-05-04 16:27:24 +00:00
quit: make(chan struct{}),
done: make(chan struct{}),
helper: helper,
Add ability to specify github enpoints for creds The GitHub credentials section now allows setting some API endpoints that point the github client and the runner setup script to the propper URLs. This allows us to use garm with an on-prem github enterprise server. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-12 21:45:07 +00:00
credsDetails: cfgInternal.GithubCredentialsDetails,
Add organizations
2022-05-04 16:27:24 +00:00
}
return repo, nil
}
type organization struct {
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
cfg params.Organization
cfgInternal params.Internal
ctx context.Context
ghcli common.GithubClient
id string
store dbCommon.Store
Add organizations
2022-05-04 16:27:24 +00:00
mux sync.Mutex
}
Some cleanup and safety checks * Add logging middleware * Remove some noise from logs * Add some safety checks when managing runners
2022-12-29 16:49:50 +00:00
func (r *organization) GetRunnerInfoFromWorkflow(job params.WorkflowJob) (params.RunnerInfo, error) {
if err := r.ValidateOwner(job); err != nil {
return params.RunnerInfo{}, errors.Wrap(err, "validating owner")
}
Mark pool manager as offline in case of 403 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-21 00:23:04 +03:00
workflow, ghResp, err := r.ghcli.GetWorkflowJobByID(r.ctx, job.Organization.Login, job.Repository.Name, job.WorkflowJob.ID)
Attempt to fetch runner name from API In some cases, runner information is not sent via webhook by Github when a workflow job transitions to in_progress. We need to know the runner name in order to update the state in the database. Attempt to fetch the runner from the API using the workflow ID. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-09-20 14:25:52 +03:00
if err != nil {
Wait for loop exit and some fixes * Wait for http server graceful shutdown and for pool managers to properly exit. * Fix potential nil pointer dereference when checking response code from github API.
2022-12-30 15:07:40 +00:00
if ghResp != nil && ghResp.StatusCode == http.StatusUnauthorized {
Some cleanup and safety checks * Add logging middleware * Remove some noise from logs * Add some safety checks when managing runners
2022-12-29 16:49:50 +00:00
return params.RunnerInfo{}, errors.Wrap(runnerErrors.ErrUnauthorized, "fetching workflow info")
Mark pool manager as offline in case of 403 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-21 00:23:04 +03:00
}
Some cleanup and safety checks * Add logging middleware * Remove some noise from logs * Add some safety checks when managing runners
2022-12-29 16:49:50 +00:00
return params.RunnerInfo{}, errors.Wrap(err, "fetching workflow info")
Attempt to fetch runner name from API In some cases, runner information is not sent via webhook by Github when a workflow job transitions to in_progress. We need to know the runner name in order to update the state in the database. Attempt to fetch the runner from the API using the workflow ID. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-09-20 14:25:52 +03:00
}
Some cleanup and safety checks * Add logging middleware * Remove some noise from logs * Add some safety checks when managing runners
2022-12-29 16:49:50 +00:00
Attempt to fetch runner name from API In some cases, runner information is not sent via webhook by Github when a workflow job transitions to in_progress. We need to know the runner name in order to update the state in the database. Attempt to fetch the runner from the API using the workflow ID. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-09-20 14:25:52 +03:00
if workflow.RunnerName != nil {
Some cleanup and safety checks * Add logging middleware * Remove some noise from logs * Add some safety checks when managing runners
2022-12-29 16:49:50 +00:00
return params.RunnerInfo{
Name: *workflow.RunnerName,
Labels: workflow.Labels,
}, nil
Attempt to fetch runner name from API In some cases, runner information is not sent via webhook by Github when a workflow job transitions to in_progress. We need to know the runner name in order to update the state in the database. Attempt to fetch the runner from the API using the workflow ID. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-09-20 14:25:52 +03:00
}
Some cleanup and safety checks * Add logging middleware * Remove some noise from logs * Add some safety checks when managing runners
2022-12-29 16:49:50 +00:00
return params.RunnerInfo{}, fmt.Errorf("failed to find runner name from workflow")
Attempt to fetch runner name from API In some cases, runner information is not sent via webhook by Github when a workflow job transitions to in_progress. We need to know the runner name in order to update the state in the database. Attempt to fetch the runner from the API using the workflow ID. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-09-20 14:25:52 +03:00
}
Add organizations
2022-05-04 16:27:24 +00:00
func (r *organization) UpdateState(param params.UpdatePoolStateParams) error {
r.mux.Lock()
defer r.mux.Unlock()
r.cfg.WebhookSecret = param.WebhookSecret
Add enterprise support This change adds enterprise support throughout garm. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-13 16:09:28 +00:00
ghc, _, err := util.GithubClient(r.ctx, r.GetGithubToken(), r.cfgInternal.GithubCredentialsDetails)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
return errors.Wrap(err, "getting github client")
}
r.ghcli = ghc
return nil
}
func (r *organization) GetGithubToken() string {
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
return r.cfgInternal.OAuth2Token
Add organizations
2022-05-04 16:27:24 +00:00
}
func (r *organization) GetGithubRunners() ([]*github.Runner, error) {
Add enterprise support This change adds enterprise support throughout garm. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-13 16:09:28 +00:00
opts := github.ListOptions{
PerPage: 100,
Add organizations
2022-05-04 16:27:24 +00:00
}
Properly paginate Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 11:43:14 +03:00
var allRunners []*github.Runner
for {
runners, ghResp, err := r.ghcli.ListOrganizationRunners(r.ctx, r.cfg.Name, &opts)
if err != nil {
Wait for loop exit and some fixes * Wait for http server graceful shutdown and for pool managers to properly exit. * Fix potential nil pointer dereference when checking response code from github API.
2022-12-30 15:07:40 +00:00
if ghResp != nil && ghResp.StatusCode == http.StatusUnauthorized {
Start pool managers in the background Garm no longer fails on startup if a pool manager cannot be started. It will attempt to start the pool manager in the background. If it fails due to an unauthorized error, it will sleep for 3 hours. It is unlikely it will work a second time if credentials are not updated in the config and garm is restarted, so no point in getting rate limited. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 17:22:47 +03:00
return nil, errors.Wrap(runnerErrors.ErrUnauthorized, "fetching runners")
}
Properly paginate Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 11:43:14 +03:00
return nil, errors.Wrap(err, "fetching runners")
}
allRunners = append(allRunners, runners.Runners...)
if ghResp.NextPage == 0 {
break
Add enterprise support This change adds enterprise support throughout garm. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-13 16:09:28 +00:00
}
Properly paginate Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 11:43:14 +03:00
opts.Page = ghResp.NextPage
Add enterprise support This change adds enterprise support throughout garm. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-13 16:09:28 +00:00
}
Properly paginate Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 11:43:14 +03:00
return allRunners, nil
Add organizations
2022-05-04 16:27:24 +00:00
}
func (r *organization) FetchTools() ([]*github.RunnerApplicationDownload, error) {
r.mux.Lock()
defer r.mux.Unlock()
Start pool managers in the background Garm no longer fails on startup if a pool manager cannot be started. It will attempt to start the pool manager in the background. If it fails due to an unauthorized error, it will sleep for 3 hours. It is unlikely it will work a second time if credentials are not updated in the config and garm is restarted, so no point in getting rate limited. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 17:22:47 +03:00
tools, ghResp, err := r.ghcli.ListOrganizationRunnerApplicationDownloads(r.ctx, r.cfg.Name)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
Wait for loop exit and some fixes * Wait for http server graceful shutdown and for pool managers to properly exit. * Fix potential nil pointer dereference when checking response code from github API.
2022-12-30 15:07:40 +00:00
if ghResp != nil && ghResp.StatusCode == http.StatusUnauthorized {
Start pool managers in the background Garm no longer fails on startup if a pool manager cannot be started. It will attempt to start the pool manager in the background. If it fails due to an unauthorized error, it will sleep for 3 hours. It is unlikely it will work a second time if credentials are not updated in the config and garm is restarted, so no point in getting rate limited. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-20 17:22:47 +03:00
return nil, errors.Wrap(runnerErrors.ErrUnauthorized, "fetching tools")
}
Add organizations
2022-05-04 16:27:24 +00:00
return nil, errors.Wrap(err, "fetching runner tools")
}
return tools, nil
}
func (r *organization) FetchDbInstances() ([]params.Instance, error) {
Added org pool command * added new command * fixed a bunch of bugs in orgs
2022-05-04 21:57:08 +00:00
return r.store.ListOrgInstances(r.ctx, r.id)
Add organizations
2022-05-04 16:27:24 +00:00
}
Add manual runner removal Runners can now be manually removed using the CLI. Some restrictions apply: * A runner must be idle in github. Github will not allow us to remove a runner that is running a workflow. * The runner status must be "running" Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-06-29 16:23:01 +00:00
func (r *organization) RemoveGithubRunner(runnerID int64) (*github.Response, error) {
Slight cleanup * added interface for the github client. This will help mocking it out for testing. * removed some unused code * moved some code around Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-07-07 16:48:00 +00:00
return r.ghcli.RemoveOrganizationRunner(r.ctx, r.cfg.Name, runnerID)
Add organizations
2022-05-04 16:27:24 +00:00
}
func (r *organization) ListPools() ([]params.Pool, error) {
Added org pool command * added new command * fixed a bunch of bugs in orgs
2022-05-04 21:57:08 +00:00
pools, err := r.store.ListOrgPools(r.ctx, r.id)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
return nil, errors.Wrap(err, "fetching pools")
}
return pools, nil
}
func (r *organization) GithubURL() string {
Add ability to specify github enpoints for creds The GitHub credentials section now allows setting some API endpoints that point the github client and the runner setup script to the propper URLs. This allows us to use garm with an on-prem github enterprise server. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-12 21:45:07 +00:00
return fmt.Sprintf("%s/%s", r.cfgInternal.GithubCredentialsDetails.BaseURL, r.cfg.Name)
Add organizations
2022-05-04 16:27:24 +00:00
}
func (r *organization) JwtToken() string {
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
return r.cfgInternal.JWTSecret
Add organizations
2022-05-04 16:27:24 +00:00
}
func (r *organization) GetGithubRegistrationToken() (string, error) {
Mark pool manager as offline in case of 403 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-21 00:23:04 +03:00
tk, ghResp, err := r.ghcli.CreateOrganizationRegistrationToken(r.ctx, r.cfg.Name)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
Wait for loop exit and some fixes * Wait for http server graceful shutdown and for pool managers to properly exit. * Fix potential nil pointer dereference when checking response code from github API.
2022-12-30 15:07:40 +00:00
if ghResp != nil && ghResp.StatusCode == http.StatusUnauthorized {
Mark pool manager as offline in case of 403 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-21 00:23:04 +03:00
return "", errors.Wrap(runnerErrors.ErrUnauthorized, "fetching token")
}
Add organizations
2022-05-04 16:27:24 +00:00
return "", errors.Wrap(err, "creating runner token")
}
return *tk.Token, nil
}
func (r *organization) String() string {
Attempt to fetch runner name from API In some cases, runner information is not sent via webhook by Github when a workflow job transitions to in_progress. We need to know the runner name in order to update the state in the database. Attempt to fetch the runner from the API using the workflow ID. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-09-20 14:25:52 +03:00
return r.cfg.Name
Add organizations
2022-05-04 16:27:24 +00:00
}
func (r *organization) WebhookSecret() string {
return r.cfg.WebhookSecret
}
func (r *organization) GetCallbackURL() string {
Refactor code to allow more unit testing In order to allow mocking for some of the `runner` functions, we created a separate interface (called `PoolManagerController`) with `Create`, `Get`, `Delete` operations for the `organization` / `repository` pool managers. Furthermore, a new runner struct (`poolManagerCtrl`) implements this new interface. The existing code is refactored to use the `poolManagerCtrl` whenever the pool managers for `org` / `repo` are handled. This allows more unit testing for the runner functions since `poolManagerCtrl` field can be mocked now. Besides this, there are some typos fixed as well.
2022-08-10 12:15:12 +03:00
return r.cfgInternal.InstanceCallbackURL
Add organizations
2022-05-04 16:27:24 +00:00
}
Define a metadata subrouter Define a metadata subrouter and move the token endpoint there. We may end up needing multiple endpoints for various purposes in the future. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-12-02 19:48:32 +00:00
func (r *organization) GetMetadataURL() string {
return r.cfgInternal.InstanceMetadataURL
}
Add organizations
2022-05-04 16:27:24 +00:00
func (r *organization) FindPoolByTags(labels []string) (params.Pool, error) {
Added org pool command * added new command * fixed a bunch of bugs in orgs
2022-05-04 21:57:08 +00:00
pool, err := r.store.FindOrganizationPoolByTags(r.ctx, r.id, labels)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
return params.Pool{}, errors.Wrap(err, "fetching suitable pool")
}
return pool, nil
}
func (r *organization) GetPoolByID(poolID string) (params.Pool, error) {
Added org pool command * added new command * fixed a bunch of bugs in orgs
2022-05-04 21:57:08 +00:00
pool, err := r.store.GetOrganizationPool(r.ctx, r.id, poolID)
Add organizations
2022-05-04 16:27:24 +00:00
if err != nil {
return params.Pool{}, errors.Wrap(err, "fetching pool")
}
return pool, nil
}
func (r *organization) ValidateOwner(job params.WorkflowJob) error {
Make owners and repos case insensitive Github treats owners (users and orgs) and repos as case insensitive. To github, https://github.com/cloudbase/garm is equivalent to https://github.com/CloudBase/GaRm. This commit makes the sql store backend, case insensitive when querying repos and orgs. Fixes: #25 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-05 17:12:45 +03:00
if !strings.EqualFold(job.Organization.Login, r.cfg.Name) {
Add organizations
2022-05-04 16:27:24 +00:00
return runnerErrors.NewBadRequestError("job not meant for this pool manager")
}
return nil
}
Paralelize loading pools
2022-05-05 07:54:52 +00:00
func (r *organization) ID() string {
return r.id
}
Reference in a new issue Copy permalink