Support put a redefined token for Gitea actions command or API

This commit is contained in:
Lunny Xiao 2024-12-17 11:21:58 -08:00
parent 2d7e6e9482
commit cc18967e41
No known key found for this signature in database
GPG Key ID: C3B7C91B632F738A
7 changed files with 51 additions and 18 deletions

View File

@ -34,6 +34,12 @@ var (
Value: "",
Usage: "{owner}[/{repo}] - leave empty for a global runner",
},
&cli.StringFlag{
Name: "put-token",
Aliases: []string{"t"},
Value: "",
Usage: "[{token}] - leave empty will generate a new token, otherwise will update the token to database. The token MUST be a 40 digital string containing only 0-9 and a-f",
},
},
}
)
@ -45,8 +51,9 @@ func runGenerateActionsRunnerToken(c *cli.Context) error {
setting.MustInstalled()
scope := c.String("scope")
putToken := c.String("put-token")
respText, extra := private.GenerateActionsRunnerToken(ctx, scope)
respText, extra := private.GenerateActionsRunnerToken(ctx, scope, putToken)
if extra.HasError() {
return handleCliResponseExtra(extra)
}

View File

@ -70,16 +70,24 @@ func UpdateRunnerToken(ctx context.Context, r *ActionRunnerToken, cols ...string
// NewRunnerToken creates a new active runner token and invalidate all old tokens
// ownerID will be ignored and treated as 0 if repoID is non-zero.
func NewRunnerToken(ctx context.Context, ownerID, repoID int64) (*ActionRunnerToken, error) {
func NewRunnerToken(ctx context.Context, ownerID, repoID int64, preDefinedToken string) (*ActionRunnerToken, error) {
if ownerID != 0 && repoID != 0 {
// It's trying to create a runner token that belongs to a repository, but OwnerID has been set accidentally.
// Remove OwnerID to avoid confusion; it's not worth returning an error here.
ownerID = 0
}
token, err := util.CryptoRandomString(40)
if err != nil {
return nil, err
token := preDefinedToken
if token == "" {
var err error
token, err = util.CryptoRandomString(40)
if err != nil {
return nil, err
}
} else {
if len(token) != 40 || !util.IsRandomStringValid(token) {
return nil, util.NewInvalidArgumentErrorf("invalid token: %s", token)
}
}
runnerToken := &ActionRunnerToken{
OwnerID: ownerID,
@ -95,7 +103,7 @@ func NewRunnerToken(ctx context.Context, ownerID, repoID int64) (*ActionRunnerTo
return err
}
_, err = db.GetEngine(ctx).Insert(runnerToken)
_, err := db.GetEngine(ctx).Insert(runnerToken)
return err
})
}

View File

@ -10,15 +10,17 @@ import (
)
type GenerateTokenRequest struct {
Scope string
Scope string
PutToken string
}
// GenerateActionsRunnerToken calls the internal GenerateActionsRunnerToken function
func GenerateActionsRunnerToken(ctx context.Context, scope string) (*ResponseText, ResponseExtra) {
func GenerateActionsRunnerToken(ctx context.Context, scope, putToken string) (*ResponseText, ResponseExtra) {
reqURL := setting.LocalURL + "api/internal/actions/generate_actions_runner_token"
req := newInternalRequest(ctx, reqURL, "POST", GenerateTokenRequest{
Scope: scope,
Scope: scope,
PutToken: putToken,
})
return requestJSONResp(req, &ResponseText{})

View File

@ -78,6 +78,15 @@ func CryptoRandomInt(limit int64) (int64, error) {
const alphanumericalChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
func IsRandomStringValid(s string) bool {
for _, c := range s {
if !strings.ContainsRune(alphanumericalChars, c) {
return false
}
}
return true
}
// CryptoRandomString generates a crypto random alphanumerical string, each byte is generated by [0,61] range
func CryptoRandomString(length int64) (string, error) {
buf := make([]byte, length)

View File

@ -19,14 +19,18 @@ type RegistrationToken struct {
}
func GetRegistrationToken(ctx *context.APIContext, ownerID, repoID int64) {
token, err := actions_model.GetLatestRunnerToken(ctx, ownerID, repoID)
if errors.Is(err, util.ErrNotExist) || (token != nil && !token.IsActive) {
token, err = actions_model.NewRunnerToken(ctx, ownerID, repoID)
putToken := ctx.FormString("put-token")
var token *actions_model.ActionRunnerToken
var err error
if putToken == "" {
token, err = actions_model.GetLatestRunnerToken(ctx, ownerID, repoID)
}
if putToken != "" || errors.Is(err, util.ErrNotExist) || (token != nil && !token.IsActive) {
token, err = actions_model.NewRunnerToken(ctx, ownerID, repoID, putToken)
}
if err != nil {
ctx.InternalServerError(err)
return
}
ctx.JSON(http.StatusOK, RegistrationToken{Token: token.Token})
}

View File

@ -41,9 +41,12 @@ func GenerateActionsRunnerToken(ctx *context.PrivateContext) {
})
}
token, err := actions_model.GetLatestRunnerToken(ctx, owner, repo)
if errors.Is(err, util.ErrNotExist) || (token != nil && !token.IsActive) {
token, err = actions_model.NewRunnerToken(ctx, owner, repo)
var token *actions_model.ActionRunnerToken
if genRequest.PutToken == "" {
token, err = actions_model.GetLatestRunnerToken(ctx, owner, repo)
}
if genRequest.PutToken != "" || errors.Is(err, util.ErrNotExist) || (token != nil && !token.IsActive) {
token, err = actions_model.NewRunnerToken(ctx, owner, repo, genRequest.PutToken)
if err != nil {
errMsg := fmt.Sprintf("error while creating runner token: %v", err)
log.Error("NewRunnerToken failed: %v", errMsg)

View File

@ -32,7 +32,7 @@ func RunnersList(ctx *context.Context, opts actions_model.FindRunnerOptions) {
var token *actions_model.ActionRunnerToken
token, err = actions_model.GetLatestRunnerToken(ctx, opts.OwnerID, opts.RepoID)
if errors.Is(err, util.ErrNotExist) || (token != nil && !token.IsActive) {
token, err = actions_model.NewRunnerToken(ctx, opts.OwnerID, opts.RepoID)
token, err = actions_model.NewRunnerToken(ctx, opts.OwnerID, opts.RepoID, "")
if err != nil {
ctx.ServerError("CreateRunnerToken", err)
return
@ -131,7 +131,7 @@ func RunnerDetailsEditPost(ctx *context.Context, runnerID, ownerID, repoID int64
// RunnerResetRegistrationToken reset registration token
func RunnerResetRegistrationToken(ctx *context.Context, ownerID, repoID int64, redirectTo string) {
_, err := actions_model.NewRunnerToken(ctx, ownerID, repoID)
_, err := actions_model.NewRunnerToken(ctx, ownerID, repoID, "")
if err != nil {
ctx.ServerError("ResetRunnerRegistrationToken", err)
return