Add ability to specify github enpoints for creds

The GitHub credentials section now allows setting some API endpoints that point the github client and the runner setup script to the propper URLs. This allows us to use garm with an on-prem github enterprise server. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2022-10-12 21:45:07 +00:00 · 2022-10-12 21:45:07 +00:00 · f40420bfb6
commit f40420bfb6
parent a55f852161
11 changed files with 196 additions and 45 deletions
--- a/cloudconfig/cloudconfig.go
+++ b/cloudconfig/cloudconfig.go
@ -15,6 +15,7 @@
 package cloudconfig

 import (
+	"crypto/x509"
 	"encoding/base64"
 	"fmt"
 	"garm/config"
@ -73,6 +74,29 @@ type CloudInit struct {
 	SystemInfo        *SystemInfo `yaml:"system_info,omitempty"`
 	RunCmd            []string    `yaml:"runcmd,omitempty"`
 	WriteFiles        []File      `yaml:"write_files,omitempty"`
+	CACerts           CACerts     `yaml:"ca-certs,omitempty"`
+}
+
+type CACerts struct {
+	RemoveDefaults bool     `yaml:"remove-defaults"`
+	Trusted        []string `yaml:"trusted"`
+}
+
+func (c *CloudInit) AddCACert(cert []byte) error {
+	c.mux.Lock()
+	defer c.mux.Unlock()
+
+	if cert == nil {
+		return nil
+	}
+
+	roots := x509.NewCertPool()
+	if ok := roots.AppendCertsFromPEM(cert); !ok {
+		return fmt.Errorf("failed to parse CA cert bundle")
+	}
+	c.CACerts.Trusted = append(c.CACerts.Trusted, string(cert))
+
+	return nil
 }

 func (c *CloudInit) AddSSHKey(keys ...string) {
--- a/cloudconfig/templates.go
+++ b/cloudconfig/templates.go
@ -52,7 +52,16 @@ function fail() {
 }

 sendStatus "downloading tools from {{ .DownloadURL }}"
-curl -L -o "/home/runner/{{ .FileName }}" "{{ .DownloadURL }}" || fail "failed to download tools"
+
+TEMP_TOKEN=""
+
+
+
+if [ ! -z "{{ .TempDownloadToken }}" ]; then
+	TEMP_TOKEN="Authorization: Bearer {{ .TempDownloadToken }}"
+fi
+
+curl -L -H "${TEMP_TOKEN}" -o "/home/runner/{{ .FileName }}" "{{ .DownloadURL }}" || fail "failed to download tools"

 mkdir -p /home/runner/actions-runner || fail "failed to create actions-runner folder"

@ -84,16 +93,17 @@ success "runner successfully installed" $AGENT_ID
 `

 type InstallRunnerParams struct {
-	FileName       string
-	DownloadURL    string
-	RunnerUsername string
-	RunnerGroup    string
-	RepoURL        string
-	GithubToken    string
-	RunnerName     string
-	RunnerLabels   string
-	CallbackURL    string
-	CallbackToken  string
+	FileName          string
+	DownloadURL       string
+	RunnerUsername    string
+	RunnerGroup       string
+	RepoURL           string
+	GithubToken       string
+	RunnerName        string
+	RunnerLabels      string
+	CallbackURL       string
+	CallbackToken     string
+	TempDownloadToken string
 }

 func InstallRunnerScript(params InstallRunnerParams) ([]byte, error) {