DevFW-CICD/garm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
garm/database/sql/repositories.go
Gabriel Adrian Samfira 42cfd1b3c6 Add agent mode 
This change adds a new "agent mode" to GARM. The agent enables GARM to
set up a persistent websocket connection between the garm server and the
runners it spawns. The goal is to be able to easier keep track of state,
even without subsequent webhooks from the forge.

The Agent will report via websockets when the runner is actually online,
when it started a job and when it finished a job.

Additionally, the agent allows us to enable optional remote shell between
the user and any runner that is spun up using agent mode. The remote shell
is multiplexed over the same persistent websocket connection the agent
sets up with the server (the agent never listens on a port).

Enablement has also been done in the web UI for this functionality.

Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2026-02-08 00:27:47 +02:00

293 lines
8.6 KiB
Go
Raw Blame History

// Copyright 2022 Cloudbase Solutions SRL
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may
// not use this file except in compliance with the License. You may obtain
// a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations
// under the License.
package sql
import (
"context"
"errors"
"fmt"
"log/slog"
"github.com/google/uuid"
"gorm.io/gorm"
runnerErrors "github.com/cloudbase/garm-provider-common/errors"
"github.com/cloudbase/garm-provider-common/util"
"github.com/cloudbase/garm/database/common"
"github.com/cloudbase/garm/params"
)
func (s *sqlDatabase) CreateRepository(ctx context.Context, owner, name string, credentials params.ForgeCredentials, webhookSecret string, poolBalancerType params.PoolBalancerType, agentMode bool) (param params.Repository, err error) {
defer func() {
if err == nil {
s.sendNotify(common.RepositoryEntityType, common.CreateOperation, param)
}
}()
if webhookSecret == "" {
return params.Repository{}, errors.New("creating repo: missing secret")
}
secret, err := util.Seal([]byte(webhookSecret), []byte(s.cfg.Passphrase))
if err != nil {
return params.Repository{}, fmt.Errorf("failed to encrypt string")
}
newRepo := Repository{
Name: name,
Owner: owner,
WebhookSecret: secret,
PoolBalancerType: poolBalancerType,
AgentMode: agentMode,
}
err = s.conn.Transaction(func(tx *gorm.DB) error {
switch credentials.ForgeType {
case params.GithubEndpointType:
newRepo.CredentialsID = &credentials.ID
case params.GiteaEndpointType:
newRepo.GiteaCredentialsID = &credentials.ID
default:
return runnerErrors.NewBadRequestError("unsupported credentials type")
}
newRepo.EndpointName = &credentials.Endpoint.Name
q := tx.Create(&newRepo)
if q.Error != nil {
return fmt.Errorf("error creating repository: %w", q.Error)
}
return nil
})
if err != nil {
return params.Repository{}, fmt.Errorf("error creating repository: %w", err)
}
ret, err := s.GetRepositoryByID(ctx, newRepo.ID.String())
if err != nil {
return params.Repository{}, fmt.Errorf("error creating repository: %w", err)
}
return ret, nil
}
func (s *sqlDatabase) GetRepository(ctx context.Context, owner, name, endpointName string) (params.Repository, error) {
repo, err := s.getRepo(ctx, owner, name, endpointName)
if err != nil {
return params.Repository{}, fmt.Errorf("error fetching repo: %w", err)
}
param, err := s.sqlToCommonRepository(repo, true)
if err != nil {
return params.Repository{}, fmt.Errorf("error fetching repo: %w", err)
}
return param, nil
}
func (s *sqlDatabase) ListRepositories(_ context.Context, filter params.RepositoryFilter) ([]params.Repository, error) {
var repos []Repository
q := s.conn.
Preload("Credentials").
Preload("GiteaCredentials").
Preload("Credentials.Endpoint").
Preload("GiteaCredentials.Endpoint").
Preload("Endpoint")
if filter.Owner != "" {
q = q.Where("owner = ?", filter.Owner)
}
if filter.Name != "" {
q = q.Where("name = ?", filter.Name)
}
if filter.Endpoint != "" {
q = q.Where("endpoint_name = ?", filter.Endpoint)
}
q = q.Find(&repos)
if q.Error != nil {
return []params.Repository{}, fmt.Errorf("error fetching user from database: %w", q.Error)
}
ret := make([]params.Repository, len(repos))
for idx, val := range repos {
var err error
ret[idx], err = s.sqlToCommonRepository(val, true)
if err != nil {
return nil, fmt.Errorf("error fetching repositories: %w", err)
}
}
return ret, nil
}
func (s *sqlDatabase) DeleteRepository(ctx context.Context, repoID string) (err error) {
repo, err := s.getRepoByID(ctx, s.conn, repoID, "Endpoint", "Credentials", "Credentials.Endpoint", "GiteaCredentials", "GiteaCredentials.Endpoint")
if err != nil {
return fmt.Errorf("error fetching repo: %w", err)
}
defer func(repo Repository) {
if err == nil {
asParam, innerErr := s.sqlToCommonRepository(repo, true)
if innerErr == nil {
s.sendNotify(common.RepositoryEntityType, common.DeleteOperation, asParam)
} else {
slog.With(slog.Any("error", innerErr)).ErrorContext(ctx, "error sending delete notification", "repo", repoID)
}
}
}(repo)
q := s.conn.Unscoped().Delete(&repo)
if q.Error != nil && !errors.Is(q.Error, gorm.ErrRecordNotFound) {
return fmt.Errorf("error deleting repo: %w", q.Error)
}
return nil
}
func (s *sqlDatabase) UpdateRepository(ctx context.Context, repoID string, param params.UpdateEntityParams) (newParams params.Repository, err error) {
defer func() {
if err == nil {
s.sendNotify(common.RepositoryEntityType, common.UpdateOperation, newParams)
}
}()
var repo Repository
var creds GithubCredentials
err = s.conn.Transaction(func(tx *gorm.DB) error {
var err error
repo, err = s.getRepoByID(ctx, tx, repoID)
if err != nil {
return fmt.Errorf("error fetching repo: %w", err)
}
if repo.EndpointName == nil {
return runnerErrors.NewUnprocessableError("repository has no endpoint")
}
if param.CredentialsName != "" {
creds, err = s.getGithubCredentialsByName(ctx, tx, param.CredentialsName, false)
if err != nil {
return fmt.Errorf("error fetching credentials: %w", err)
}
if creds.EndpointName == nil {
return runnerErrors.NewUnprocessableError("credentials have no endpoint")
}
if *creds.EndpointName != *repo.EndpointName {
return runnerErrors.NewBadRequestError("endpoint mismatch")
}
repo.CredentialsID = &creds.ID
}
if param.WebhookSecret != "" {
secret, err := util.Seal([]byte(param.WebhookSecret), []byte(s.cfg.Passphrase))
if err != nil {
return fmt.Errorf("saving repo: failed to encrypt string: %w", err)
}
repo.WebhookSecret = secret
}
if param.PoolBalancerType != "" {
repo.PoolBalancerType = param.PoolBalancerType
}
if param.AgentMode != nil {
repo.AgentMode = *param.AgentMode
}
q := tx.Save(&repo)
if q.Error != nil {
return fmt.Errorf("error saving repo: %w", q.Error)
}
return nil
})
if err != nil {
return params.Repository{}, fmt.Errorf("error saving repo: %w", err)
}
repo, err = s.getRepoByID(ctx, s.conn, repoID, "Endpoint", "Credentials", "Credentials.Endpoint", "GiteaCredentials", "GiteaCredentials.Endpoint")
if err != nil {
return params.Repository{}, fmt.Errorf("error updating enterprise: %w", err)
}
newParams, err = s.sqlToCommonRepository(repo, true)
if err != nil {
return params.Repository{}, fmt.Errorf("error saving repo: %w", err)
}
return newParams, nil
}
func (s *sqlDatabase) GetRepositoryByID(ctx context.Context, repoID string) (params.Repository, error) {
preloadList := []string{
"Pools",
"Credentials",
"Endpoint",
"Credentials.Endpoint",
"GiteaCredentials",
"GiteaCredentials.Endpoint",
"Events",
}
repo, err := s.getRepoByID(ctx, s.conn, repoID, preloadList...)
if err != nil {
return params.Repository{}, fmt.Errorf("error fetching repo: %w", err)
}
param, err := s.sqlToCommonRepository(repo, true)
if err != nil {
return params.Repository{}, fmt.Errorf("error fetching repo: %w", err)
}
return param, nil
}
func (s *sqlDatabase) getRepo(_ context.Context, owner, name, endpointName string) (Repository, error) {
var repo Repository
q := s.conn.Where("name = ? COLLATE NOCASE and owner = ? COLLATE NOCASE and endpoint_name = ? COLLATE NOCASE", name, owner, endpointName).
Preload("Credentials").
Preload("Credentials.Endpoint").
Preload("GiteaCredentials").
Preload("GiteaCredentials.Endpoint").
Preload("Endpoint").
First(&repo)
q = q.First(&repo)
if q.Error != nil {
if errors.Is(q.Error, gorm.ErrRecordNotFound) {
return Repository{}, runnerErrors.ErrNotFound
}
return Repository{}, fmt.Errorf("error fetching repository from database: %w", q.Error)
}
return repo, nil
}
func (s *sqlDatabase) getRepoByID(_ context.Context, tx *gorm.DB, id string, preload ...string) (Repository, error) {
u, err := uuid.Parse(id)
if err != nil {
return Repository{}, runnerErrors.NewBadRequestError("error parsing id: %s", err)
}
var repo Repository
q := tx
if len(preload) > 0 {
for _, field := range preload {
q = q.Preload(field)
}
}
q = q.Where("id = ?", u).First(&repo)
if q.Error != nil {
if errors.Is(q.Error, gorm.ErrRecordNotFound) {
return Repository{}, runnerErrors.ErrNotFound
}
return Repository{}, fmt.Errorf("error fetching repository from database: %w", q.Error)
}
return repo, nil
}
Reference in a new issue View git blame Copy permalink