gitea/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-06-22 22:18:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implement actions (#21937)

Browse Source 
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
This commit is contained in:
Jason Song
2023-01-31 09:45:19 +08:00
committed by GitHub
parent b5b3e0714e
commit 4011821c94
117 changed files with 7545 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
routers/web/admin/runners.go Normal file
View File

@ -0,0 +1,78 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package admin
import (
"net/url"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting"
actions_shared "code.gitea.io/gitea/routers/web/shared/actions"
)
const (
tplRunners base.TplName = "admin/runners/base"
tplRunnerEdit base.TplName = "admin/runners/edit"
)
// Runners show all the runners
func Runners(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.runners")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminRunners"] = true
page := ctx.FormInt("page")
if page <= 1 {
page = 1
}
opts := actions_model.FindRunnerOptions{
ListOptions: db.ListOptions{
Page: page,
PageSize: 100,
},
Sort: ctx.Req.URL.Query().Get("sort"),
Filter: ctx.Req.URL.Query().Get("q"),
}
actions_shared.RunnersList(ctx, tplRunners, opts)
}
// EditRunner show editing runner page
func EditRunner(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.runners.edit_runner")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminRunners"] = true
page := ctx.FormInt("page")
if page <= 1 {
page = 1
}
actions_shared.RunnerDetails(ctx, tplRunnerEdit, page, ctx.ParamsInt64(":runnerid"), 0, 0)
}
// EditRunnerPost response for editing runner
func EditRunnerPost(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.runners.edit")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminRunners"] = true
actions_shared.RunnerDetailsEditPost(ctx, ctx.ParamsInt64(":runnerid"), 0, 0,
setting.AppSubURL+"/admin/runners/"+url.PathEscape(ctx.Params(":runnerid")))
}
// DeleteRunnerPost response for deleting a runner
func DeleteRunnerPost(ctx *context.Context) {
actions_shared.RunnerDeletePost(ctx, ctx.ParamsInt64(":runnerid"),
setting.AppSubURL+"/admin/runners/",
setting.AppSubURL+"/admin/runners/"+url.PathEscape(ctx.Params(":runnerid")),
)
}
func ResetRunnerRegistrationToken(ctx *context.Context) {
actions_shared.RunnerResetRegistrationToken(ctx, 0, 0, setting.AppSubURL+"/admin/runners/")
}

78
routers/web/org/org_runners.go Normal file
View File

@ -0,0 +1,78 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package org
import (
"net/url"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/context"
actions_shared "code.gitea.io/gitea/routers/web/shared/actions"
)
// Runners render runners page
func Runners(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("org.runners")
ctx.Data["PageIsOrgSettings"] = true
ctx.Data["PageIsOrgSettingsRunners"] = true
page := ctx.FormInt("page")
if page <= 1 {
page = 1
}
opts := actions_model.FindRunnerOptions{
ListOptions: db.ListOptions{
Page: page,
PageSize: 100,
},
Sort: ctx.Req.URL.Query().Get("sort"),
Filter: ctx.Req.URL.Query().Get("q"),
OwnerID: ctx.Org.Organization.ID,
WithAvailable: true,
}
actions_shared.RunnersList(ctx, tplSettingsRunners, opts)
}
// ResetRunnerRegistrationToken reset runner registration token
func ResetRunnerRegistrationToken(ctx *context.Context) {
actions_shared.RunnerResetRegistrationToken(ctx,
ctx.Org.Organization.ID, 0,
ctx.Org.OrgLink+"/settings/runners")
}
// RunnersEdit render runner edit page
func RunnersEdit(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("org.runners.edit")
ctx.Data["PageIsOrgSettings"] = true
ctx.Data["PageIsOrgSettingsRunners"] = true
page := ctx.FormInt("page")
if page <= 1 {
page = 1
}
actions_shared.RunnerDetails(ctx, tplSettingsRunnersEdit, page,
ctx.ParamsInt64(":runnerid"), ctx.Org.Organization.ID, 0,
)
}
// RunnersEditPost response for editing runner
func RunnersEditPost(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("org.runners.edit")
ctx.Data["PageIsOrgSettings"] = true
ctx.Data["PageIsOrgSettingsRunners"] = true
actions_shared.RunnerDetailsEditPost(ctx, ctx.ParamsInt64(":runnerid"),
ctx.Org.Organization.ID, 0,
ctx.Org.OrgLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
}
// RunnerDeletePost response for deleting runner
func RunnerDeletePost(ctx *context.Context) {
actions_shared.RunnerDeletePost(ctx,
ctx.ParamsInt64(":runnerid"),
ctx.Org.OrgLink+"/settings/runners",
ctx.Org.OrgLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
}

4
routers/web/org/setting.go
View File

@ -40,6 +40,10 @@ const (
tplSettingsLabels base.TplName = "org/settings/labels"
// tplSettingsSecrets template path for render secrets settings
tplSettingsSecrets base.TplName = "org/settings/secrets"
// tplSettingsRunners template path for render runners settings
tplSettingsRunners base.TplName = "org/settings/runners"
// tplSettingsRunnersEdit template path for render runners edit settings
tplSettingsRunnersEdit base.TplName = "org/settings/runners_edit"
)
// Settings render the main settings page

139
routers/web/repo/actions/actions.go Normal file
View File

@ -0,0 +1,139 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package actions
import (
"net/http"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unit"
"code.gitea.io/gitea/modules/actions"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/services/convert"
)
const (
tplListActions base.TplName = "repo/actions/list"
tplViewActions base.TplName = "repo/actions/view"
)
// MustEnableActions check if actions are enabled in settings
func MustEnableActions(ctx *context.Context) {
if !setting.Actions.Enabled {
ctx.NotFound("MustEnableActions", nil)
return
}
if unit.TypeActions.UnitGlobalDisabled() {
ctx.NotFound("MustEnableActions", nil)
return
}
if ctx.Repo.Repository != nil {
if !ctx.Repo.CanRead(unit.TypeActions) {
ctx.NotFound("MustEnableActions", nil)
return
}
}
}
func List(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.actions")
ctx.Data["PageIsActions"] = true
var workflows git.Entries
if empty, err := ctx.Repo.GitRepo.IsEmpty(); err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
} else if !empty {
defaultBranch, err := ctx.Repo.GitRepo.GetDefaultBranch()
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
commit, err := ctx.Repo.GitRepo.GetBranchCommit(defaultBranch)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
workflows, err = actions.ListWorkflows(commit)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
}
ctx.Data["workflows"] = workflows
ctx.Data["RepoLink"] = ctx.Repo.Repository.HTMLURL()
page := ctx.FormInt("page")
if page <= 0 {
page = 1
}
workflow := ctx.FormString("workflow")
ctx.Data["CurWorkflow"] = workflow
opts := actions_model.FindRunOptions{
ListOptions: db.ListOptions{
Page: page,
PageSize: convert.ToCorrectPageSize(ctx.FormInt("limit")),
},
RepoID: ctx.Repo.Repository.ID,
WorkflowFileName: workflow,
}
// open counts
opts.IsClosed = util.OptionalBoolFalse
numOpenRuns, err := actions_model.CountRuns(ctx, opts)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
ctx.Data["NumOpenActionRuns"] = numOpenRuns
// closed counts
opts.IsClosed = util.OptionalBoolTrue
numClosedRuns, err := actions_model.CountRuns(ctx, opts)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
ctx.Data["NumClosedActionRuns"] = numClosedRuns
opts.IsClosed = util.OptionalBoolNone
if ctx.FormString("state") == "closed" {
opts.IsClosed = util.OptionalBoolTrue
ctx.Data["IsShowClosed"] = true
} else {
opts.IsClosed = util.OptionalBoolFalse
}
runs, total, err := actions_model.FindRuns(ctx, opts)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
for _, run := range runs {
run.Repo = ctx.Repo.Repository
}
if err := runs.LoadTriggerUser(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
ctx.Data["Runs"] = runs
pager := context.NewPagination(int(total), opts.PageSize, opts.Page, 5)
pager.SetDefaultParams(ctx)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplListActions)
}

297
routers/web/repo/actions/view.go Normal file
View File

@ -0,0 +1,297 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package actions
import (
"context"
"errors"
"fmt"
"net/http"
"time"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unit"
"code.gitea.io/gitea/modules/actions"
context_module "code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/web"
actions_service "code.gitea.io/gitea/services/actions"
"xorm.io/builder"
)
func View(ctx *context_module.Context) {
ctx.Data["PageIsActions"] = true
runIndex := ctx.ParamsInt64("run")
jobIndex := ctx.ParamsInt64("job")
ctx.Data["RunIndex"] = runIndex
ctx.Data["JobIndex"] = jobIndex
ctx.Data["ActionsURL"] = ctx.Repo.RepoLink + "/actions"
if getRunJobs(ctx, runIndex, jobIndex); ctx.Written() {
return
}
ctx.HTML(http.StatusOK, tplViewActions)
}
type ViewRequest struct {
LogCursors []struct {
Step int `json:"step"`
Cursor int64 `json:"cursor"`
Expanded bool `json:"expanded"`
} `json:"logCursors"`
}
type ViewResponse struct {
State struct {
Run struct {
HTMLURL string `json:"htmlurl"`
Title string `json:"title"`
CanCancel bool `json:"canCancel"`
Done bool `json:"done"`
Jobs []*ViewJob `json:"jobs"`
} `json:"run"`
CurrentJob struct {
Title string `json:"title"`
Detail string `json:"detail"`
Steps []*ViewJobStep `json:"steps"`
} `json:"currentJob"`
} `json:"state"`
Logs struct {
StepsLog []*ViewStepLog `json:"stepsLog"`
} `json:"logs"`
}
type ViewJob struct {
ID int64 `json:"id"`
Name string `json:"name"`
Status string `json:"status"`
CanRerun bool `json:"canRerun"`
}
type ViewJobStep struct {
Summary string `json:"summary"`
Duration string `json:"duration"`
Status string `json:"status"`
}
type ViewStepLog struct {
Step int `json:"step"`
Cursor int64 `json:"cursor"`
Lines []*ViewStepLogLine `json:"lines"`
}
type ViewStepLogLine struct {
Index int64 `json:"index"`
Message string `json:"message"`
Timestamp float64 `json:"timestamp"`
}
func ViewPost(ctx *context_module.Context) {
req := web.GetForm(ctx).(*ViewRequest)
runIndex := ctx.ParamsInt64("run")
jobIndex := ctx.ParamsInt64("job")
current, jobs := getRunJobs(ctx, runIndex, jobIndex)
if ctx.Written() {
return
}
run := current.Run
resp := &ViewResponse{}
resp.State.Run.Title = run.Title
resp.State.Run.HTMLURL = run.HTMLURL()
resp.State.Run.CanCancel = !run.Status.IsDone() && ctx.Repo.CanWrite(unit.TypeActions)
resp.State.Run.Done = run.Status.IsDone()
resp.State.Run.Jobs = make([]*ViewJob, 0, len(jobs)) // marshal to '[]' instead fo 'null' in json
for _, v := range jobs {
resp.State.Run.Jobs = append(resp.State.Run.Jobs, &ViewJob{
ID: v.ID,
Name: v.Name,
Status: v.Status.String(),
CanRerun: v.Status.IsDone() && ctx.Repo.CanWrite(unit.TypeActions),
})
}
var task *actions_model.ActionTask
if current.TaskID > 0 {
var err error
task, err = actions_model.GetTaskByID(ctx, current.TaskID)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
task.Job = current
if err := task.LoadAttributes(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
}
resp.State.CurrentJob.Title = current.Name
resp.State.CurrentJob.Detail = current.Status.LocaleString(ctx.Locale)
resp.State.CurrentJob.Steps = make([]*ViewJobStep, 0) // marshal to '[]' instead fo 'null' in json
resp.Logs.StepsLog = make([]*ViewStepLog, 0) // marshal to '[]' instead fo 'null' in json
if task != nil {
steps := actions.FullSteps(task)
for _, v := range steps {
resp.State.CurrentJob.Steps = append(resp.State.CurrentJob.Steps, &ViewJobStep{
Summary: v.Name,
Duration: v.Duration().String(),
Status: v.Status.String(),
})
}
for _, cursor := range req.LogCursors {
if !cursor.Expanded {
continue
}
step := steps[cursor.Step]
logLines := make([]*ViewStepLogLine, 0) // marshal to '[]' instead fo 'null' in json
if c := cursor.Cursor; c < step.LogLength && c >= 0 {
index := step.LogIndex + c
length := step.LogLength - cursor.Cursor
offset := task.LogIndexes[index]
var err error
logRows, err := actions.ReadLogs(ctx, task.LogInStorage, task.LogFilename, offset, length)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
for i, row := range logRows {
logLines = append(logLines, &ViewStepLogLine{
Index: cursor.Cursor + int64(i) + 1, // start at 1
Message: row.Content,
Timestamp: float64(row.Time.AsTime().UnixNano()) / float64(time.Second),
})
}
}
resp.Logs.StepsLog = append(resp.Logs.StepsLog, &ViewStepLog{
Step: cursor.Step,
Cursor: cursor.Cursor + int64(len(logLines)),
Lines: logLines,
})
}
}
ctx.JSON(http.StatusOK, resp)
}
func Rerun(ctx *context_module.Context) {
runIndex := ctx.ParamsInt64("run")
jobIndex := ctx.ParamsInt64("job")
job, _ := getRunJobs(ctx, runIndex, jobIndex)
if ctx.Written() {
return
}
status := job.Status
if !status.IsDone() {
ctx.JSON(http.StatusOK, struct{}{})
return
}
job.TaskID = 0
job.Status = actions_model.StatusWaiting
job.Started = 0
job.Stopped = 0
if err := db.WithTx(ctx, func(ctx context.Context) error {
if _, err := actions_model.UpdateRunJob(ctx, job, builder.Eq{"status": status}, "task_id", "status", "started", "stopped"); err != nil {
return err
}
return actions_service.CreateCommitStatus(ctx, job)
}); err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
ctx.JSON(http.StatusOK, struct{}{})
}
func Cancel(ctx *context_module.Context) {
runIndex := ctx.ParamsInt64("run")
_, jobs := getRunJobs(ctx, runIndex, -1)
if ctx.Written() {
return
}
if err := db.WithTx(ctx, func(ctx context.Context) error {
for _, job := range jobs {
status := job.Status
if status.IsDone() {
continue
}
if job.TaskID == 0 {
job.Status = actions_model.StatusCancelled
job.Stopped = timeutil.TimeStampNow()
n, err := actions_model.UpdateRunJob(ctx, job, builder.Eq{"task_id": 0}, "status", "stopped")
if err != nil {
return err
}
if n == 0 {
return fmt.Errorf("job has changed, try again")
}
continue
}
if err := actions_model.StopTask(ctx, job.TaskID, actions_model.StatusCancelled); err != nil {
return err
}
if err := actions_service.CreateCommitStatus(ctx, job); err != nil {
return err
}
}
return nil
}); err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return
}
ctx.JSON(http.StatusOK, struct{}{})
}
// getRunJobs gets the jobs of runIndex, and returns jobs[jobIndex], jobs.
// Any error will be written to the ctx.
// It never returns a nil job of an empty jobs, if the jobIndex is out of range, it will be treated as 0.
func getRunJobs(ctx *context_module.Context, runIndex, jobIndex int64) (*actions_model.ActionRunJob, []*actions_model.ActionRunJob) {
run, err := actions_model.GetRunByIndex(ctx, ctx.Repo.Repository.ID, runIndex)
if err != nil {
if errors.Is(err, util.ErrNotExist) {
ctx.Error(http.StatusNotFound, err.Error())
return nil, nil
}
ctx.Error(http.StatusInternalServerError, err.Error())
return nil, nil
}
run.Repo = ctx.Repo.Repository
jobs, err := actions_model.GetRunJobsByRunID(ctx, run.ID)
if err != nil {
ctx.Error(http.StatusInternalServerError, err.Error())
return nil, nil
}
if len(jobs) == 0 {
ctx.Error(http.StatusNotFound, err.Error())
return nil, nil
}
for _, v := range jobs {
v.Run = run
}
if jobIndex >= 0 && jobIndex < int64(len(jobs)) {
return jobs[jobIndex], jobs
}
return jobs[0], jobs
}

76
routers/web/repo/http.go
View File

@ -18,6 +18,7 @@ import (
"sync"
"time"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/perm"
access_model "code.gitea.io/gitea/models/perm/access"
@ -163,7 +164,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
return
}
if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true {
if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true && ctx.Data["IsActionsToken"] != true {
_, err = auth.GetTwoFactorByUID(ctx.Doer.ID)
if err == nil {
// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented
@ -180,29 +181,6 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
return
}
if repoExist {
p, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
if err != nil {
ctx.ServerError("GetUserRepoPermission", err)
return
}
// Because of special ref "refs/for" .. , need delay write permission check
if git.SupportProcReceive {
accessMode = perm.AccessModeRead
}
if !p.CanAccess(accessMode, unitType) {
ctx.PlainText(http.StatusForbidden, "User permission denied")
return
}
if !isPull && repo.IsMirror {
ctx.PlainText(http.StatusForbidden, "mirror repository is read-only")
return
}
}
environ = []string{
repo_module.EnvRepoUsername + "=" + username,
repo_module.EnvRepoName + "=" + reponame,
@ -211,6 +189,56 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
repo_module.EnvAppURL + "=" + setting.AppURL,
}
if repoExist {
// Because of special ref "refs/for" .. , need delay write permission check
if git.SupportProcReceive {
accessMode = perm.AccessModeRead
}
if ctx.Data["IsActionsToken"] == true {
taskID := ctx.Data["ActionsTaskID"].(int64)
task, err := actions_model.GetTaskByID(ctx, taskID)
if err != nil {
ctx.ServerError("GetTaskByID", err)
return
}
if task.RepoID != repo.ID {
ctx.PlainText(http.StatusForbidden, "User permission denied")
return
}
if task.IsForkPullRequest {
if accessMode > perm.AccessModeRead {
ctx.PlainText(http.StatusForbidden, "User permission denied")
return
}
environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeRead))
} else {
if accessMode > perm.AccessModeWrite {
ctx.PlainText(http.StatusForbidden, "User permission denied")
return
}
environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeWrite))
}
} else {
p, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
if err != nil {
ctx.ServerError("GetUserRepoPermission", err)
return
}
if !p.CanAccess(accessMode, unitType) {
ctx.PlainText(http.StatusForbidden, "User permission denied")
return
}
}
if !isPull && repo.IsMirror {
ctx.PlainText(http.StatusForbidden, "mirror repository is read-only")
return
}
}
if !ctx.Doer.KeepEmailPrivate {
environ = append(environ, repo_module.EnvPusherEmail+"="+ctx.Doer.Email)
}

76
routers/web/repo/runners.go Normal file
View File

@ -0,0 +1,76 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package repo
import (
"net/url"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/context"
actions_shared "code.gitea.io/gitea/routers/web/shared/actions"
)
const (
tplRunners = "repo/settings/runners"
tplRunnerEdit = "repo/settings/runner_edit"
)
// Runners render runners page
func Runners(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.runners")
ctx.Data["PageIsSettingsRunners"] = true
page := ctx.FormInt("page")
if page <= 1 {
page = 1
}
opts := actions_model.FindRunnerOptions{
ListOptions: db.ListOptions{
Page: page,
PageSize: 100,
},
Sort: ctx.Req.URL.Query().Get("sort"),
Filter: ctx.Req.URL.Query().Get("q"),
RepoID: ctx.Repo.Repository.ID,
WithAvailable: true,
}
actions_shared.RunnersList(ctx, tplRunners, opts)
}
func RunnersEdit(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.runners")
ctx.Data["PageIsSettingsRunners"] = true
page := ctx.FormInt("page")
if page <= 1 {
page = 1
}
actions_shared.RunnerDetails(ctx, tplRunnerEdit, page,
ctx.ParamsInt64(":runnerid"), 0, ctx.Repo.Repository.ID,
)
}
func RunnersEditPost(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("actions.runners")
ctx.Data["PageIsSettingsRunners"] = true
actions_shared.RunnerDetailsEditPost(ctx, ctx.ParamsInt64(":runnerid"),
0, ctx.Repo.Repository.ID,
ctx.Repo.RepoLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
}
func ResetRunnerRegistrationToken(ctx *context.Context) {
actions_shared.RunnerResetRegistrationToken(ctx,
0, ctx.Repo.Repository.ID,
ctx.Repo.RepoLink+"/settings/runners")
}
// RunnerDeletePost response for deleting runner
func RunnerDeletePost(ctx *context.Context) {
actions_shared.RunnerDeletePost(ctx, ctx.ParamsInt64(":runnerid"),
ctx.Repo.RepoLink+"/settings/runners",
ctx.Repo.RepoLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
}

10
routers/web/repo/setting.go
View File

@ -497,6 +497,15 @@ func SettingsPost(ctx *context.Context) {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePackages)
}
if form.EnableActions && !unit_model.TypeActions.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeActions,
})
} else if !unit_model.TypeActions.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeActions)
}
if form.EnablePulls && !unit_model.TypePullRequests.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
@ -1143,7 +1152,6 @@ func SecretsPost(ctx *context.Context) {
// DeployKeysPost response for adding a deploy key of a repository
func DeployKeysPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.AddKeyForm)
ctx.Data["Title"] = ctx.Tr("repo.settings.deploy_keys")
ctx.Data["PageIsSettingsKeys"] = true
ctx.Data["DisableSSH"] = setting.SSH.Disabled

190
routers/web/shared/actions/runners.go Normal file
View File

@ -0,0 +1,190 @@
// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package actions
import (
"errors"
"net/http"
"strings"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/services/forms"
)
// RunnersList render common runners list page
func RunnersList(ctx *context.Context, tplName base.TplName, opts actions_model.FindRunnerOptions) {
count, err := actions_model.CountRunners(ctx, opts)
if err != nil {
ctx.ServerError("AdminRunners", err)
return
}
runners, err := actions_model.FindRunners(ctx, opts)
if err != nil {
ctx.ServerError("AdminRunners", err)
return
}
if err := runners.LoadAttributes(ctx); err != nil {
ctx.ServerError("LoadAttributes", err)
return
}
// ownid=0,repo_id=0,means this token is used for global
var token *actions_model.ActionRunnerToken
token, err = actions_model.GetUnactivatedRunnerToken(ctx, opts.OwnerID, opts.RepoID)
if errors.Is(err, util.ErrNotExist) {
token, err = actions_model.NewRunnerToken(ctx, opts.OwnerID, opts.RepoID)
if err != nil {
ctx.ServerError("CreateRunnerToken", err)
return
}
} else if err != nil {
ctx.ServerError("GetUnactivatedRunnerToken", err)
return
}
ctx.Data["Keyword"] = opts.Filter
ctx.Data["Runners"] = runners
ctx.Data["Total"] = count
ctx.Data["RegistrationToken"] = token.Token
ctx.Data["RunnerOnwerID"] = opts.OwnerID
ctx.Data["RunnerRepoID"] = opts.RepoID
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplName)
}
// RunnerDetails render runner details page
func RunnerDetails(ctx *context.Context, tplName base.TplName, page int, runnerID, ownerID, repoID int64) {
runner, err := actions_model.GetRunnerByID(ctx, runnerID)
if err != nil {
ctx.ServerError("GetRunnerByID", err)
return
}
if err := runner.LoadAttributes(ctx); err != nil {
ctx.ServerError("LoadAttributes", err)
return
}
if !runner.Editable(ownerID, repoID) {
err = errors.New("no permission to edit this runner")
ctx.NotFound("RunnerDetails", err)
return
}
ctx.Data["Runner"] = runner
opts := actions_model.FindTaskOptions{
ListOptions: db.ListOptions{
Page: page,
PageSize: 30,
},
Status: actions_model.StatusUnknown, // Unknown means all
IDOrderDesc: true,
RunnerID: runner.ID,
}
count, err := actions_model.CountTasks(ctx, opts)
if err != nil {
ctx.ServerError("CountTasks", err)
return
}
tasks, err := actions_model.FindTasks(ctx, opts)
if err != nil {
ctx.ServerError("FindTasks", err)
return
}
if err = tasks.LoadAttributes(ctx); err != nil {
ctx.ServerError("TasksLoadAttributes", err)
return
}
ctx.Data["Tasks"] = tasks
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplName)
}
// RunnerDetailsEditPost response for edit runner details
func RunnerDetailsEditPost(ctx *context.Context, runnerID, ownerID, repoID int64, redirectTo string) {
runner, err := actions_model.GetRunnerByID(ctx, runnerID)
if err != nil {
log.Warn("RunnerDetailsEditPost.GetRunnerByID failed: %v, url: %s", err, ctx.Req.URL)
ctx.ServerError("RunnerDetailsEditPost.GetRunnerByID", err)
return
}
if !runner.Editable(ownerID, repoID) {
ctx.NotFound("RunnerDetailsEditPost.Editable", util.NewPermissionDeniedErrorf("no permission to edit this runner"))
return
}
form := web.GetForm(ctx).(*forms.EditRunnerForm)
runner.Description = form.Description
runner.CustomLabels = splitLabels(form.CustomLabels)
err = actions_model.UpdateRunner(ctx, runner, "description", "custom_labels")
if err != nil {
log.Warn("RunnerDetailsEditPost.UpdateRunner failed: %v, url: %s", err, ctx.Req.URL)
ctx.Flash.Warning(ctx.Tr("actions.runners.update_runner_failed"))
ctx.Redirect(redirectTo)
return
}
log.Debug("RunnerDetailsEditPost success: %s", ctx.Req.URL)
ctx.Flash.Success(ctx.Tr("actions.runners.update_runner_success"))
ctx.Redirect(redirectTo)
}
// RunnerResetRegistrationToken reset registration token
func RunnerResetRegistrationToken(ctx *context.Context, ownerID, repoID int64, redirectTo string) {
_, err := actions_model.NewRunnerToken(ctx, ownerID, repoID)
if err != nil {
ctx.ServerError("ResetRunnerRegistrationToken", err)
return
}
ctx.Flash.Success(ctx.Tr("actions.runners.reset_registration_token_success"))
ctx.Redirect(redirectTo)
}
// RunnerDeletePost response for deleting a runner
func RunnerDeletePost(ctx *context.Context, runnerID int64,
successRedirectTo, failedRedirectTo string,
) {
if err := actions_model.DeleteRunner(ctx, runnerID); err != nil {
log.Warn("DeleteRunnerPost.UpdateRunner failed: %v, url: %s", err, ctx.Req.URL)
ctx.Flash.Warning(ctx.Tr("actions.runners.delete_runner_failed"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": failedRedirectTo,
})
return
}
log.Info("DeleteRunnerPost success: %s", ctx.Req.URL)
ctx.Flash.Success(ctx.Tr("actions.runners.delete_runner_success"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": successRedirectTo,
})
}
func splitLabels(s string) []string {
labels := strings.Split(s, ",")
for i, v := range labels {
labels[i] = strings.TrimSpace(v)
}
return labels
}

43
routers/web/web.go
View File

@ -34,6 +34,7 @@ import (
"code.gitea.io/gitea/routers/web/misc"
"code.gitea.io/gitea/routers/web/org"
"code.gitea.io/gitea/routers/web/repo"
"code.gitea.io/gitea/routers/web/repo/actions"
"code.gitea.io/gitea/routers/web/user"
user_setting "code.gitea.io/gitea/routers/web/user/setting"
"code.gitea.io/gitea/routers/web/user/setting/security"
@ -620,6 +621,13 @@ func RegisterRoutes(m *web.Route) {
return
}
})
m.Group("/runners", func() {
m.Get("", admin.Runners)
m.Get("/reset_registration_token", admin.ResetRunnerRegistrationToken)
m.Combo("/{runnerid}").Get(admin.EditRunner).Post(web.Bind(forms.EditRunnerForm{}), admin.EditRunnerPost)
m.Post("/{runnerid}/delete", admin.DeleteRunnerPost)
}, actions.MustEnableActions)
}, func(ctx *context.Context) {
ctx.Data["EnableOAuth2"] = setting.OAuth2.Enable
ctx.Data["EnablePackages"] = setting.Packages.Enabled
@ -661,6 +669,8 @@ func RegisterRoutes(m *web.Route) {
reqRepoIssuesOrPullsReader := context.RequireRepoReaderOr(unit.TypeIssues, unit.TypePullRequests)
reqRepoProjectsReader := context.RequireRepoReader(unit.TypeProjects)
reqRepoProjectsWriter := context.RequireRepoWriter(unit.TypeProjects)
reqRepoActionsReader := context.RequireRepoReader(unit.TypeActions)
reqRepoActionsWriter := context.RequireRepoWriter(unit.TypeActions)
reqPackageAccess := func(accessMode perm.AccessMode) func(ctx *context.Context) {
return func(ctx *context.Context) {
@ -774,6 +784,14 @@ func RegisterRoutes(m *web.Route) {
m.Post("/initialize", web.Bind(forms.InitializeLabelsForm{}), org.InitializeLabels)
})
m.Group("/runners", func() {
m.Get("", org.Runners)
m.Combo("/{runnerid}").Get(org.RunnersEdit).
Post(web.Bind(forms.EditRunnerForm{}), org.RunnersEditPost)
m.Post("/{runnerid}/delete", org.RunnerDeletePost)
m.Get("/reset_registration_token", org.ResetRunnerRegistrationToken)
}, actions.MustEnableActions)
m.Group("/secrets", func() {
m.Get("", org.Secrets)
m.Post("", web.Bind(forms.AddSecretForm{}), org.SecretsPost)
@ -983,6 +1001,14 @@ func RegisterRoutes(m *web.Route) {
m.Post("/{lid}/unlock", repo.LFSUnlock)
})
})
m.Group("/runners", func() {
m.Get("", repo.Runners)
m.Combo("/{runnerid}").Get(repo.RunnersEdit).
Post(web.Bind(forms.EditRunnerForm{}), repo.RunnersEditPost)
m.Post("/{runnerid}/delete", repo.RunnerDeletePost)
m.Get("/reset_registration_token", repo.ResetRunnerRegistrationToken)
}, actions.MustEnableActions)
}, func(ctx *context.Context) {
ctx.Data["PageIsSettings"] = true
ctx.Data["LFSStartServer"] = setting.LFS.StartServer
@ -1230,6 +1256,23 @@ func RegisterRoutes(m *web.Route) {
}, reqRepoProjectsWriter, context.RepoMustNotBeArchived())
}, reqRepoProjectsReader, repo.MustEnableProjects)
m.Group("/actions", func() {
m.Get("", actions.List)
m.Group("/runs/{run}", func() {
m.Combo("").
Get(actions.View).
Post(web.Bind(actions.ViewRequest{}), actions.ViewPost)
m.Group("/jobs/{job}", func() {
m.Combo("").
Get(actions.View).
Post(web.Bind(actions.ViewRequest{}), actions.ViewPost)
m.Post("/rerun", reqRepoActionsWriter, actions.Rerun)
})
m.Post("/cancel", reqRepoActionsWriter, actions.Cancel)
})
}, reqRepoActionsReader, actions.MustEnableActions)
m.Group("/wiki", func() {
m.Combo("/").
Get(repo.Wiki).