Allow request an insecure gitea server (#18)

When deploy a Gitea server with a self-signed HTTPS certification. Runner will be failed when connect to Gitea server. This PR will fix that to allow ignore the HTTPS certification verification.

Reviewed-on: https://gitea.com/gitea/act_runner/pulls/18
Reviewed-by: Jason Song <i@wolfogre.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
Lunny Xiao 2023-02-15 16:51:14 +08:00 committed by Jason Song
parent 990cf93c71
commit f1869f70b9
8 changed files with 66 additions and 29 deletions

View File

@ -10,4 +10,5 @@ type Client interface {
pingv1connect.PingServiceClient pingv1connect.PingServiceClient
runnerv1connect.RunnerServiceClient runnerv1connect.RunnerServiceClient
Address() string Address() string
Insecure() bool
} }

View File

@ -1,17 +1,32 @@
package client package client
import ( import (
"code.gitea.io/actions-proto-go/ping/v1/pingv1connect"
"code.gitea.io/actions-proto-go/runner/v1/runnerv1connect"
"context" "context"
"gitea.com/gitea/act_runner/core" "crypto/tls"
"github.com/bufbuild/connect-go"
"net/http" "net/http"
"strings" "strings"
"code.gitea.io/actions-proto-go/ping/v1/pingv1connect"
"code.gitea.io/actions-proto-go/runner/v1/runnerv1connect"
"gitea.com/gitea/act_runner/core"
"github.com/bufbuild/connect-go"
) )
func getHttpClient(endpoint string, insecure bool) *http.Client {
if strings.HasPrefix(endpoint, "https://") && insecure {
return &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
},
}
}
return http.DefaultClient
}
// New returns a new runner client. // New returns a new runner client.
func New(endpoint string, uuid, token string, opts ...connect.ClientOption) *HTTPClient { func New(endpoint string, insecure bool, uuid, token string, opts ...connect.ClientOption) *HTTPClient {
baseURL := strings.TrimRight(endpoint, "/") + "/api/actions" baseURL := strings.TrimRight(endpoint, "/") + "/api/actions"
opts = append(opts, connect.WithInterceptors(connect.UnaryInterceptorFunc(func(next connect.UnaryFunc) connect.UnaryFunc { opts = append(opts, connect.WithInterceptors(connect.UnaryInterceptorFunc(func(next connect.UnaryFunc) connect.UnaryFunc {
@ -28,16 +43,17 @@ func New(endpoint string, uuid, token string, opts ...connect.ClientOption) *HTT
return &HTTPClient{ return &HTTPClient{
PingServiceClient: pingv1connect.NewPingServiceClient( PingServiceClient: pingv1connect.NewPingServiceClient(
http.DefaultClient, getHttpClient(endpoint, insecure),
baseURL, baseURL,
opts..., opts...,
), ),
RunnerServiceClient: runnerv1connect.NewRunnerServiceClient( RunnerServiceClient: runnerv1connect.NewRunnerServiceClient(
http.DefaultClient, getHttpClient(endpoint, insecure),
baseURL, baseURL,
opts..., opts...,
), ),
endpoint: endpoint, endpoint: endpoint,
insecure: insecure,
} }
} }
@ -45,6 +61,10 @@ func (c *HTTPClient) Address() string {
return c.endpoint return c.endpoint
} }
func (c *HTTPClient) Insecure() bool {
return c.insecure
}
var _ Client = (*HTTPClient)(nil) var _ Client = (*HTTPClient)(nil)
// An HTTPClient manages communication with the runner API. // An HTTPClient manages communication with the runner API.
@ -52,4 +72,5 @@ type HTTPClient struct {
pingv1connect.PingServiceClient pingv1connect.PingServiceClient
runnerv1connect.RunnerServiceClient runnerv1connect.RunnerServiceClient
endpoint string endpoint string
insecure bool
} }

View File

@ -38,6 +38,7 @@ func Execute(ctx context.Context) {
} }
registerCmd.Flags().BoolVar(&regArgs.NoInteractive, "no-interactive", false, "Disable interactive mode") registerCmd.Flags().BoolVar(&regArgs.NoInteractive, "no-interactive", false, "Disable interactive mode")
registerCmd.Flags().StringVar(&regArgs.InstanceAddr, "instance", "", "Gitea instance address") registerCmd.Flags().StringVar(&regArgs.InstanceAddr, "instance", "", "Gitea instance address")
registerCmd.Flags().BoolVar(&regArgs.Insecure, "insecure", false, "If check server's certificate if it's https protocol")
registerCmd.Flags().StringVar(&regArgs.Token, "token", "", "Runner token") registerCmd.Flags().StringVar(&regArgs.Token, "token", "", "Runner token")
registerCmd.Flags().StringVar(&regArgs.RunnerName, "name", "", "Runner name") registerCmd.Flags().StringVar(&regArgs.RunnerName, "name", "", "Runner name")
registerCmd.Flags().StringVar(&regArgs.Labels, "labels", "", "Runner tags, comma separated") registerCmd.Flags().StringVar(&regArgs.Labels, "labels", "", "Runner tags, comma separated")

View File

@ -53,6 +53,7 @@ func runDaemon(ctx context.Context, envFile string) func(cmd *cobra.Command, arg
cli := client.New( cli := client.New(
cfg.Client.Address, cfg.Client.Address,
cfg.Client.Insecure,
cfg.Runner.UUID, cfg.Runner.UUID,
cfg.Runner.Token, cfg.Runner.Token,
) )

View File

@ -69,6 +69,7 @@ func runRegister(ctx context.Context, regArgs *registerArgs, envFile string) fun
type registerArgs struct { type registerArgs struct {
NoInteractive bool NoInteractive bool
InstanceAddr string InstanceAddr string
Insecure bool
Token string Token string
RunnerName string RunnerName string
Labels string Labels string
@ -87,17 +88,16 @@ const (
StageExit StageExit
) )
var ( var defaultLabels = []string{
defaultLabels = []string{ "ubuntu-latest:docker://node:16-bullseye",
"ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye", // There's no node:16-bookworm yet
"ubuntu-22.04:docker://node:16-bullseye", // There's no node:16-bookworm yet "ubuntu-20.04:docker://node:16-bullseye",
"ubuntu-20.04:docker://node:16-bullseye", "ubuntu-18.04:docker://node:16-buster",
"ubuntu-18.04:docker://node:16-buster", }
}
)
type registerInputs struct { type registerInputs struct {
InstanceAddr string InstanceAddr string
Insecure bool
Token string Token string
RunnerName string RunnerName string
CustomLabels []string CustomLabels []string
@ -239,6 +239,7 @@ func registerNoInteractive(envFile string, regArgs *registerArgs) error {
cfg, _ := config.FromEnviron() cfg, _ := config.FromEnviron()
inputs := &registerInputs{ inputs := &registerInputs{
InstanceAddr: regArgs.InstanceAddr, InstanceAddr: regArgs.InstanceAddr,
Insecure: regArgs.Insecure,
Token: regArgs.Token, Token: regArgs.Token,
RunnerName: regArgs.RunnerName, RunnerName: regArgs.RunnerName,
CustomLabels: defaultLabels, CustomLabels: defaultLabels,
@ -269,6 +270,7 @@ func doRegister(cfg *config.Config, inputs *registerInputs) error {
// initial http client // initial http client
cli := client.New( cli := client.New(
inputs.InstanceAddr, inputs.InstanceAddr,
inputs.Insecure,
"", "", "", "",
) )

View File

@ -5,6 +5,7 @@ import (
"io" "io"
"os" "os"
"runtime" "runtime"
"strconv"
"gitea.com/gitea/act_runner/core" "gitea.com/gitea/act_runner/core"
@ -23,7 +24,8 @@ type (
} }
Client struct { Client struct {
Address string `ignored:"true"` Address string `ignored:"true"`
Insecure bool
} }
Runner struct { Runner struct {
@ -51,7 +53,8 @@ func FromEnviron() (Config, error) {
} }
// check runner config exist // check runner config exist
if f, err := os.Stat(cfg.Runner.File); err == nil && !f.IsDir() { f, err := os.Stat(cfg.Runner.File)
if err == nil && !f.IsDir() {
jsonFile, _ := os.Open(cfg.Runner.File) jsonFile, _ := os.Open(cfg.Runner.File)
defer jsonFile.Close() defer jsonFile.Close()
byteValue, _ := io.ReadAll(jsonFile) byteValue, _ := io.ReadAll(jsonFile)
@ -71,6 +74,11 @@ func FromEnviron() (Config, error) {
if runner.Address != "" { if runner.Address != "" {
cfg.Client.Address = runner.Address cfg.Client.Address = runner.Address
} }
if runner.Insecure != "" {
cfg.Client.Insecure, _ = strconv.ParseBool(runner.Insecure)
}
} else if err != nil {
return cfg, err
} }
// runner config // runner config

View File

@ -7,10 +7,11 @@ const (
// Runner struct // Runner struct
type Runner struct { type Runner struct {
ID int64 `json:"id"` ID int64 `json:"id"`
UUID string `json:"uuid"` UUID string `json:"uuid"`
Name string `json:"name"` Name string `json:"name"`
Token string `json:"token"` Token string `json:"token"`
Address string `json:"address"` Address string `json:"address"`
Labels []string `json:"labels"` Insecure string `json:"insecure"`
Labels []string `json:"labels"`
} }

View File

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"os" "os"
"strconv"
"strings" "strings"
runnerv1 "code.gitea.io/actions-proto-go/runner/v1" runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
@ -42,12 +43,13 @@ func (p *Register) Register(ctx context.Context, cfg config.Runner) (*core.Runne
} }
data := &core.Runner{ data := &core.Runner{
ID: resp.Msg.Runner.Id, ID: resp.Msg.Runner.Id,
UUID: resp.Msg.Runner.Uuid, UUID: resp.Msg.Runner.Uuid,
Name: resp.Msg.Runner.Name, Name: resp.Msg.Runner.Name,
Token: resp.Msg.Runner.Token, Token: resp.Msg.Runner.Token,
Address: p.Client.Address(), Address: p.Client.Address(),
Labels: cfg.Labels, Insecure: strconv.FormatBool(p.Client.Insecure()),
Labels: cfg.Labels,
} }
file, err := json.MarshalIndent(data, "", " ") file, err := json.MarshalIndent(data, "", " ")