Add jitconfig model field

Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2023-08-18 06:09:44 +00:00 · 2023-08-18 06:09:44 +00:00 · 034cc47185
commit 034cc47185
parent 6089f17b08
5 changed files with 35 additions and 5 deletions
--- a/database/sql/instances.go
+++ b/database/sql/instances.go
@ -17,8 +17,10 @@ package sql
 import (
 	"context"
 	"encoding/json"
+	"fmt"

 	runnerErrors "github.com/cloudbase/garm-provider-common/errors"
+	"github.com/cloudbase/garm-provider-common/util"
 	"github.com/cloudbase/garm/params"

 	"github.com/google/uuid"
@ -42,6 +44,19 @@ func (s *sqlDatabase) CreateInstance(ctx context.Context, poolID string, param p
 		}
 	}

+	var secret []byte
+	if len(param.JitConfiguration) > 0 {
+		jitConfig, err := json.Marshal(param.JitConfiguration)
+		if err != nil {
+			return params.Instance{}, errors.Wrap(err, "marshalling jit config")
+		}
+
+		secret, err = util.Seal(jitConfig, []byte(s.cfg.Passphrase))
+		if err != nil {
+			return params.Instance{}, fmt.Errorf("failed to encrypt jitconfig: %w", err)
+		}
+	}
+
 	newInstance := Instance{
 		Pool:              pool,
 		Name:              param.Name,
@ -52,6 +67,7 @@ func (s *sqlDatabase) CreateInstance(ctx context.Context, poolID string, param p
 		CallbackURL:       param.CallbackURL,
 		MetadataURL:       param.MetadataURL,
 		GitHubRunnerGroup: param.GitHubRunnerGroup,
+		JitConfiguration:  secret,
 		AditionalLabels:   labels,
 	}
 	q := s.conn.Create(&newInstance)
--- a/database/sql/models.go
+++ b/database/sql/models.go
@ -155,6 +155,7 @@ type Instance struct {
 	ProviderFault     []byte `gorm:"type:longblob"`
 	CreateAttempt     int
 	TokenFetched      bool
+	JitConfiguration  []byte `gorm:"type:longblob"`
 	GitHubRunnerGroup string
 	AditionalLabels   datatypes.JSON

--- a/database/sql/util.go
+++ b/database/sql/util.go
@ -41,6 +41,16 @@ func (s *sqlDatabase) sqlToParamsInstance(instance Instance) (params.Instance, e
 		}
 	}

+	var jitConfig map[string]string
+	if len(instance.JitConfiguration) > 0 {
+		decrypted, err := util.Unseal(instance.JitConfiguration, []byte(s.cfg.Passphrase))
+		if err != nil {
+			return params.Instance{}, errors.Wrap(err, "decrypting jit config")
+		}
+		if err := json.Unmarshal(decrypted, &jitConfig); err != nil {
+			return params.Instance{}, errors.Wrap(err, "unmarshalling jit config")
+		}
+	}
 	ret := params.Instance{
 		ID:                instance.ID.String(),
 		ProviderID:        id,
@ -59,6 +69,7 @@ func (s *sqlDatabase) sqlToParamsInstance(instance Instance) (params.Instance, e
 		CreateAttempt:     instance.CreateAttempt,
 		UpdatedAt:         instance.UpdatedAt,
 		TokenFetched:      instance.TokenFetched,
+		JitConfiguration:  jitConfig,
 		GitHubRunnerGroup: instance.GitHubRunnerGroup,
 		AditionalLabels:   labels,
 	}