Allow request an insecure gitea server (#18)
When deploy a Gitea server with a self-signed HTTPS certification. Runner will be failed when connect to Gitea server. This PR will fix that to allow ignore the HTTPS certification verification. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/18 Reviewed-by: Jason Song <i@wolfogre.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
parent
990cf93c71
commit
f1869f70b9
8 changed files with 66 additions and 29 deletions
|
@ -10,4 +10,5 @@ type Client interface {
|
|||
pingv1connect.PingServiceClient
|
||||
runnerv1connect.RunnerServiceClient
|
||||
Address() string
|
||||
Insecure() bool
|
||||
}
|
||||
|
|
|
@ -1,17 +1,32 @@
|
|||
package client
|
||||
|
||||
import (
|
||||
"code.gitea.io/actions-proto-go/ping/v1/pingv1connect"
|
||||
"code.gitea.io/actions-proto-go/runner/v1/runnerv1connect"
|
||||
"context"
|
||||
"gitea.com/gitea/act_runner/core"
|
||||
"github.com/bufbuild/connect-go"
|
||||
"crypto/tls"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/actions-proto-go/ping/v1/pingv1connect"
|
||||
"code.gitea.io/actions-proto-go/runner/v1/runnerv1connect"
|
||||
"gitea.com/gitea/act_runner/core"
|
||||
"github.com/bufbuild/connect-go"
|
||||
)
|
||||
|
||||
func getHttpClient(endpoint string, insecure bool) *http.Client {
|
||||
if strings.HasPrefix(endpoint, "https://") && insecure {
|
||||
return &http.Client{
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
return http.DefaultClient
|
||||
}
|
||||
|
||||
// New returns a new runner client.
|
||||
func New(endpoint string, uuid, token string, opts ...connect.ClientOption) *HTTPClient {
|
||||
func New(endpoint string, insecure bool, uuid, token string, opts ...connect.ClientOption) *HTTPClient {
|
||||
baseURL := strings.TrimRight(endpoint, "/") + "/api/actions"
|
||||
|
||||
opts = append(opts, connect.WithInterceptors(connect.UnaryInterceptorFunc(func(next connect.UnaryFunc) connect.UnaryFunc {
|
||||
|
@ -28,16 +43,17 @@ func New(endpoint string, uuid, token string, opts ...connect.ClientOption) *HTT
|
|||
|
||||
return &HTTPClient{
|
||||
PingServiceClient: pingv1connect.NewPingServiceClient(
|
||||
http.DefaultClient,
|
||||
getHttpClient(endpoint, insecure),
|
||||
baseURL,
|
||||
opts...,
|
||||
),
|
||||
RunnerServiceClient: runnerv1connect.NewRunnerServiceClient(
|
||||
http.DefaultClient,
|
||||
getHttpClient(endpoint, insecure),
|
||||
baseURL,
|
||||
opts...,
|
||||
),
|
||||
endpoint: endpoint,
|
||||
insecure: insecure,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -45,6 +61,10 @@ func (c *HTTPClient) Address() string {
|
|||
return c.endpoint
|
||||
}
|
||||
|
||||
func (c *HTTPClient) Insecure() bool {
|
||||
return c.insecure
|
||||
}
|
||||
|
||||
var _ Client = (*HTTPClient)(nil)
|
||||
|
||||
// An HTTPClient manages communication with the runner API.
|
||||
|
@ -52,4 +72,5 @@ type HTTPClient struct {
|
|||
pingv1connect.PingServiceClient
|
||||
runnerv1connect.RunnerServiceClient
|
||||
endpoint string
|
||||
insecure bool
|
||||
}
|
||||
|
|
|
@ -38,6 +38,7 @@ func Execute(ctx context.Context) {
|
|||
}
|
||||
registerCmd.Flags().BoolVar(®Args.NoInteractive, "no-interactive", false, "Disable interactive mode")
|
||||
registerCmd.Flags().StringVar(®Args.InstanceAddr, "instance", "", "Gitea instance address")
|
||||
registerCmd.Flags().BoolVar(®Args.Insecure, "insecure", false, "If check server's certificate if it's https protocol")
|
||||
registerCmd.Flags().StringVar(®Args.Token, "token", "", "Runner token")
|
||||
registerCmd.Flags().StringVar(®Args.RunnerName, "name", "", "Runner name")
|
||||
registerCmd.Flags().StringVar(®Args.Labels, "labels", "", "Runner tags, comma separated")
|
||||
|
|
|
@ -53,6 +53,7 @@ func runDaemon(ctx context.Context, envFile string) func(cmd *cobra.Command, arg
|
|||
|
||||
cli := client.New(
|
||||
cfg.Client.Address,
|
||||
cfg.Client.Insecure,
|
||||
cfg.Runner.UUID,
|
||||
cfg.Runner.Token,
|
||||
)
|
||||
|
|
|
@ -69,6 +69,7 @@ func runRegister(ctx context.Context, regArgs *registerArgs, envFile string) fun
|
|||
type registerArgs struct {
|
||||
NoInteractive bool
|
||||
InstanceAddr string
|
||||
Insecure bool
|
||||
Token string
|
||||
RunnerName string
|
||||
Labels string
|
||||
|
@ -87,17 +88,16 @@ const (
|
|||
StageExit
|
||||
)
|
||||
|
||||
var (
|
||||
defaultLabels = []string{
|
||||
var defaultLabels = []string{
|
||||
"ubuntu-latest:docker://node:16-bullseye",
|
||||
"ubuntu-22.04:docker://node:16-bullseye", // There's no node:16-bookworm yet
|
||||
"ubuntu-20.04:docker://node:16-bullseye",
|
||||
"ubuntu-18.04:docker://node:16-buster",
|
||||
}
|
||||
)
|
||||
|
||||
type registerInputs struct {
|
||||
InstanceAddr string
|
||||
Insecure bool
|
||||
Token string
|
||||
RunnerName string
|
||||
CustomLabels []string
|
||||
|
@ -239,6 +239,7 @@ func registerNoInteractive(envFile string, regArgs *registerArgs) error {
|
|||
cfg, _ := config.FromEnviron()
|
||||
inputs := ®isterInputs{
|
||||
InstanceAddr: regArgs.InstanceAddr,
|
||||
Insecure: regArgs.Insecure,
|
||||
Token: regArgs.Token,
|
||||
RunnerName: regArgs.RunnerName,
|
||||
CustomLabels: defaultLabels,
|
||||
|
@ -269,6 +270,7 @@ func doRegister(cfg *config.Config, inputs *registerInputs) error {
|
|||
// initial http client
|
||||
cli := client.New(
|
||||
inputs.InstanceAddr,
|
||||
inputs.Insecure,
|
||||
"", "",
|
||||
)
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ import (
|
|||
"io"
|
||||
"os"
|
||||
"runtime"
|
||||
"strconv"
|
||||
|
||||
"gitea.com/gitea/act_runner/core"
|
||||
|
||||
|
@ -24,6 +25,7 @@ type (
|
|||
|
||||
Client struct {
|
||||
Address string `ignored:"true"`
|
||||
Insecure bool
|
||||
}
|
||||
|
||||
Runner struct {
|
||||
|
@ -51,7 +53,8 @@ func FromEnviron() (Config, error) {
|
|||
}
|
||||
|
||||
// check runner config exist
|
||||
if f, err := os.Stat(cfg.Runner.File); err == nil && !f.IsDir() {
|
||||
f, err := os.Stat(cfg.Runner.File)
|
||||
if err == nil && !f.IsDir() {
|
||||
jsonFile, _ := os.Open(cfg.Runner.File)
|
||||
defer jsonFile.Close()
|
||||
byteValue, _ := io.ReadAll(jsonFile)
|
||||
|
@ -71,6 +74,11 @@ func FromEnviron() (Config, error) {
|
|||
if runner.Address != "" {
|
||||
cfg.Client.Address = runner.Address
|
||||
}
|
||||
if runner.Insecure != "" {
|
||||
cfg.Client.Insecure, _ = strconv.ParseBool(runner.Insecure)
|
||||
}
|
||||
} else if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
// runner config
|
||||
|
|
|
@ -12,5 +12,6 @@ type Runner struct {
|
|||
Name string `json:"name"`
|
||||
Token string `json:"token"`
|
||||
Address string `json:"address"`
|
||||
Insecure string `json:"insecure"`
|
||||
Labels []string `json:"labels"`
|
||||
}
|
||||
|
|
|
@ -4,6 +4,7 @@ import (
|
|||
"context"
|
||||
"encoding/json"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
|
||||
|
@ -47,6 +48,7 @@ func (p *Register) Register(ctx context.Context, cfg config.Runner) (*core.Runne
|
|||
Name: resp.Msg.Runner.Name,
|
||||
Token: resp.Msg.Runner.Token,
|
||||
Address: p.Client.Address(),
|
||||
Insecure: strconv.FormatBool(p.Client.Insecure()),
|
||||
Labels: cfg.Labels,
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue