aboutsummaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
Diffstat (limited to 'routers')
-rw-r--r--routers/api/actions/actions.go25
-rw-r--r--routers/api/actions/ping/ping.go38
-rw-r--r--routers/api/actions/ping/ping_test.go61
-rw-r--r--routers/api/actions/runner/interceptor.go79
-rw-r--r--routers/api/actions/runner/runner.go221
-rw-r--r--routers/api/actions/runner/utils.go122
-rw-r--r--routers/api/v1/api.go43
-rw-r--r--routers/init.go10
-rw-r--r--routers/private/hook_pre_receive.go52
-rw-r--r--routers/web/admin/runners.go78
-rw-r--r--routers/web/org/org_runners.go78
-rw-r--r--routers/web/org/setting.go4
-rw-r--r--routers/web/repo/actions/actions.go139
-rw-r--r--routers/web/repo/actions/view.go297
-rw-r--r--routers/web/repo/http.go64
-rw-r--r--routers/web/repo/runners.go76
-rw-r--r--routers/web/repo/setting.go10
-rw-r--r--routers/web/shared/actions/runners.go190
-rw-r--r--routers/web/web.go43
19 files changed, 1589 insertions, 41 deletions
diff --git a/routers/api/actions/actions.go b/routers/api/actions/actions.go
new file mode 100644
index 0000000000..bdcac41206
--- /dev/null
+++ b/routers/api/actions/actions.go
@@ -0,0 +1,25 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package actions
+
+import (
+ "context"
+ "net/http"
+
+ "code.gitea.io/gitea/modules/web"
+ "code.gitea.io/gitea/routers/api/actions/ping"
+ "code.gitea.io/gitea/routers/api/actions/runner"
+)
+
+func Routes(_ context.Context, prefix string) *web.Route {
+ m := web.NewRoute()
+
+ path, handler := ping.NewPingServiceHandler()
+ m.Post(path+"*", http.StripPrefix(prefix, handler).ServeHTTP)
+
+ path, handler = runner.NewRunnerServiceHandler()
+ m.Post(path+"*", http.StripPrefix(prefix, handler).ServeHTTP)
+
+ return m
+}
diff --git a/routers/api/actions/ping/ping.go b/routers/api/actions/ping/ping.go
new file mode 100644
index 0000000000..55219fe12b
--- /dev/null
+++ b/routers/api/actions/ping/ping.go
@@ -0,0 +1,38 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package ping
+
+import (
+ "context"
+ "fmt"
+ "net/http"
+
+ "code.gitea.io/gitea/modules/log"
+
+ pingv1 "code.gitea.io/actions-proto-go/ping/v1"
+ "code.gitea.io/actions-proto-go/ping/v1/pingv1connect"
+ "github.com/bufbuild/connect-go"
+)
+
+func NewPingServiceHandler() (string, http.Handler) {
+ return pingv1connect.NewPingServiceHandler(&Service{})
+}
+
+var _ pingv1connect.PingServiceHandler = (*Service)(nil)
+
+type Service struct {
+ pingv1connect.UnimplementedPingServiceHandler
+}
+
+func (s *Service) Ping(
+ ctx context.Context,
+ req *connect.Request[pingv1.PingRequest],
+) (*connect.Response[pingv1.PingResponse], error) {
+ log.Trace("Content-Type: %s", req.Header().Get("Content-Type"))
+ log.Trace("User-Agent: %s", req.Header().Get("User-Agent"))
+ res := connect.NewResponse(&pingv1.PingResponse{
+ Data: fmt.Sprintf("Hello, %s!", req.Msg.Data),
+ })
+ return res, nil
+}
diff --git a/routers/api/actions/ping/ping_test.go b/routers/api/actions/ping/ping_test.go
new file mode 100644
index 0000000000..f39e94a1f3
--- /dev/null
+++ b/routers/api/actions/ping/ping_test.go
@@ -0,0 +1,61 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package ping
+
+import (
+ "context"
+ "net/http"
+ "net/http/httptest"
+ "testing"
+
+ pingv1 "code.gitea.io/actions-proto-go/ping/v1"
+ "code.gitea.io/actions-proto-go/ping/v1/pingv1connect"
+ "github.com/bufbuild/connect-go"
+ "github.com/stretchr/testify/assert"
+ "github.com/stretchr/testify/require"
+)
+
+func TestService(t *testing.T) {
+ mux := http.NewServeMux()
+ mux.Handle(pingv1connect.NewPingServiceHandler(
+ &Service{},
+ ))
+ MainServiceTest(t, mux)
+}
+
+func MainServiceTest(t *testing.T, h http.Handler) {
+ t.Parallel()
+ server := httptest.NewUnstartedServer(h)
+ server.EnableHTTP2 = true
+ server.StartTLS()
+ defer server.Close()
+
+ connectClient := pingv1connect.NewPingServiceClient(
+ server.Client(),
+ server.URL,
+ )
+
+ grpcClient := pingv1connect.NewPingServiceClient(
+ server.Client(),
+ server.URL,
+ connect.WithGRPC(),
+ )
+
+ grpcWebClient := pingv1connect.NewPingServiceClient(
+ server.Client(),
+ server.URL,
+ connect.WithGRPCWeb(),
+ )
+
+ clients := []pingv1connect.PingServiceClient{connectClient, grpcClient, grpcWebClient}
+ t.Run("ping request", func(t *testing.T) {
+ for _, client := range clients {
+ result, err := client.Ping(context.Background(), connect.NewRequest(&pingv1.PingRequest{
+ Data: "foobar",
+ }))
+ require.NoError(t, err)
+ assert.Equal(t, "Hello, foobar!", result.Msg.Data)
+ }
+ })
+}
diff --git a/routers/api/actions/runner/interceptor.go b/routers/api/actions/runner/interceptor.go
new file mode 100644
index 0000000000..8c0bd86ecb
--- /dev/null
+++ b/routers/api/actions/runner/interceptor.go
@@ -0,0 +1,79 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package runner
+
+import (
+ "context"
+ "crypto/subtle"
+ "errors"
+ "strings"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ auth_model "code.gitea.io/gitea/models/auth"
+ "code.gitea.io/gitea/modules/log"
+ "code.gitea.io/gitea/modules/timeutil"
+ "code.gitea.io/gitea/modules/util"
+
+ "github.com/bufbuild/connect-go"
+ "google.golang.org/grpc/codes"
+ "google.golang.org/grpc/status"
+)
+
+const (
+ uuidHeaderKey = "x-runner-uuid"
+ tokenHeaderKey = "x-runner-token"
+)
+
+var withRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unaryFunc connect.UnaryFunc) connect.UnaryFunc {
+ return func(ctx context.Context, request connect.AnyRequest) (connect.AnyResponse, error) {
+ methodName := getMethodName(request)
+ if methodName == "Register" {
+ return unaryFunc(ctx, request)
+ }
+ uuid := request.Header().Get(uuidHeaderKey)
+ token := request.Header().Get(tokenHeaderKey)
+ runner, err := actions_model.GetRunnerByUUID(ctx, uuid)
+ if err != nil {
+ if errors.Is(err, util.ErrNotExist) {
+ return nil, status.Error(codes.Unauthenticated, "unregistered runner")
+ }
+ return nil, status.Error(codes.Internal, err.Error())
+ }
+ if subtle.ConstantTimeCompare([]byte(runner.TokenHash), []byte(auth_model.HashToken(token, runner.TokenSalt))) != 1 {
+ return nil, status.Error(codes.Unauthenticated, "unregistered runner")
+ }
+
+ cols := []string{"last_online"}
+ runner.LastOnline = timeutil.TimeStampNow()
+ if methodName == "UpdateTask" || methodName == "UpdateLog" {
+ runner.LastActive = timeutil.TimeStampNow()
+ cols = append(cols, "last_active")
+ }
+ if err := actions_model.UpdateRunner(ctx, runner, cols...); err != nil {
+ log.Error("can't update runner status: %v", err)
+ }
+
+ ctx = context.WithValue(ctx, runnerCtxKey{}, runner)
+ return unaryFunc(ctx, request)
+ }
+}))
+
+func getMethodName(req connect.AnyRequest) string {
+ splits := strings.Split(req.Spec().Procedure, "/")
+ if len(splits) > 0 {
+ return splits[len(splits)-1]
+ }
+ return ""
+}
+
+type runnerCtxKey struct{}
+
+func GetRunner(ctx context.Context) *actions_model.ActionRunner {
+ if v := ctx.Value(runnerCtxKey{}); v != nil {
+ if r, ok := v.(*actions_model.ActionRunner); ok {
+ return r
+ }
+ }
+ return nil
+}
diff --git a/routers/api/actions/runner/runner.go b/routers/api/actions/runner/runner.go
new file mode 100644
index 0000000000..7dbab9da0a
--- /dev/null
+++ b/routers/api/actions/runner/runner.go
@@ -0,0 +1,221 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package runner
+
+import (
+ "context"
+ "errors"
+ "net/http"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/modules/actions"
+ "code.gitea.io/gitea/modules/json"
+ "code.gitea.io/gitea/modules/log"
+ actions_service "code.gitea.io/gitea/services/actions"
+
+ runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
+ "code.gitea.io/actions-proto-go/runner/v1/runnerv1connect"
+ "github.com/bufbuild/connect-go"
+ gouuid "github.com/google/uuid"
+ "google.golang.org/grpc/codes"
+ "google.golang.org/grpc/status"
+)
+
+func NewRunnerServiceHandler() (string, http.Handler) {
+ return runnerv1connect.NewRunnerServiceHandler(
+ &Service{},
+ connect.WithCompressMinBytes(1024),
+ withRunner,
+ )
+}
+
+var _ runnerv1connect.RunnerServiceClient = (*Service)(nil)
+
+type Service struct {
+ runnerv1connect.UnimplementedRunnerServiceHandler
+}
+
+// Register for new runner.
+func (s *Service) Register(
+ ctx context.Context,
+ req *connect.Request[runnerv1.RegisterRequest],
+) (*connect.Response[runnerv1.RegisterResponse], error) {
+ if req.Msg.Token == "" || req.Msg.Name == "" {
+ return nil, errors.New("missing runner token, name")
+ }
+
+ runnerToken, err := actions_model.GetRunnerToken(ctx, req.Msg.Token)
+ if err != nil {
+ return nil, errors.New("runner token not found")
+ }
+
+ if runnerToken.IsActive {
+ return nil, errors.New("runner token has already activated")
+ }
+
+ // create new runner
+ runner := &actions_model.ActionRunner{
+ UUID: gouuid.New().String(),
+ Name: req.Msg.Name,
+ OwnerID: runnerToken.OwnerID,
+ RepoID: runnerToken.RepoID,
+ AgentLabels: req.Msg.AgentLabels,
+ CustomLabels: req.Msg.CustomLabels,
+ }
+ if err := runner.GenerateToken(); err != nil {
+ return nil, errors.New("can't generate token")
+ }
+
+ // create new runner
+ if err := actions_model.CreateRunner(ctx, runner); err != nil {
+ return nil, errors.New("can't create new runner")
+ }
+
+ // update token status
+ runnerToken.IsActive = true
+ if err := actions_model.UpdateRunnerToken(ctx, runnerToken, "is_active"); err != nil {
+ return nil, errors.New("can't update runner token status")
+ }
+
+ res := connect.NewResponse(&runnerv1.RegisterResponse{
+ Runner: &runnerv1.Runner{
+ Id: runner.ID,
+ Uuid: runner.UUID,
+ Token: runner.Token,
+ Name: runner.Name,
+ AgentLabels: runner.AgentLabels,
+ CustomLabels: runner.CustomLabels,
+ },
+ })
+
+ return res, nil
+}
+
+// FetchTask assigns a task to the runner
+func (s *Service) FetchTask(
+ ctx context.Context,
+ req *connect.Request[runnerv1.FetchTaskRequest],
+) (*connect.Response[runnerv1.FetchTaskResponse], error) {
+ runner := GetRunner(ctx)
+
+ var task *runnerv1.Task
+ if t, ok, err := pickTask(ctx, runner); err != nil {
+ log.Error("pick task failed: %v", err)
+ return nil, status.Errorf(codes.Internal, "pick task: %v", err)
+ } else if ok {
+ task = t
+ }
+
+ res := connect.NewResponse(&runnerv1.FetchTaskResponse{
+ Task: task,
+ })
+ return res, nil
+}
+
+// UpdateTask updates the task status.
+func (s *Service) UpdateTask(
+ ctx context.Context,
+ req *connect.Request[runnerv1.UpdateTaskRequest],
+) (*connect.Response[runnerv1.UpdateTaskResponse], error) {
+ {
+ // to debug strange runner behaviors, it could be removed if all problems have been solved.
+ stateMsg, _ := json.Marshal(req.Msg.State)
+ log.Trace("update task with state: %s", stateMsg)
+ }
+
+ // Get Task first
+ task, err := actions_model.GetTaskByID(ctx, req.Msg.State.Id)
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "can't find the task: %v", err)
+ }
+ if task.Status.IsCancelled() {
+ return connect.NewResponse(&runnerv1.UpdateTaskResponse{
+ State: &runnerv1.TaskState{
+ Id: req.Msg.State.Id,
+ Result: task.Status.AsResult(),
+ },
+ }), nil
+ }
+
+ task, err = actions_model.UpdateTaskByState(ctx, req.Msg.State)
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "update task: %v", err)
+ }
+
+ if err := task.LoadJob(ctx); err != nil {
+ return nil, status.Errorf(codes.Internal, "load job: %v", err)
+ }
+
+ if err := actions_service.CreateCommitStatus(ctx, task.Job); err != nil {
+ log.Error("Update commit status failed: %v", err)
+ // go on
+ }
+
+ if req.Msg.State.Result != runnerv1.Result_RESULT_UNSPECIFIED {
+ if err := actions_service.EmitJobsIfReady(task.Job.RunID); err != nil {
+ log.Error("Emit ready jobs of run %d: %v", task.Job.RunID, err)
+ }
+ }
+
+ return connect.NewResponse(&runnerv1.UpdateTaskResponse{
+ State: &runnerv1.TaskState{
+ Id: req.Msg.State.Id,
+ Result: task.Status.AsResult(),
+ },
+ }), nil
+}
+
+// UpdateLog uploads log of the task.
+func (s *Service) UpdateLog(
+ ctx context.Context,
+ req *connect.Request[runnerv1.UpdateLogRequest],
+) (*connect.Response[runnerv1.UpdateLogResponse], error) {
+ res := connect.NewResponse(&runnerv1.UpdateLogResponse{})
+
+ task, err := actions_model.GetTaskByID(ctx, req.Msg.TaskId)
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "get task: %v", err)
+ }
+ ack := task.LogLength
+
+ if len(req.Msg.Rows) == 0 || req.Msg.Index > ack || int64(len(req.Msg.Rows))+req.Msg.Index <= ack {
+ res.Msg.AckIndex = ack
+ return res, nil
+ }
+
+ if task.LogInStorage {
+ return nil, status.Errorf(codes.AlreadyExists, "log file has been archived")
+ }
+
+ rows := req.Msg.Rows[ack-req.Msg.Index:]
+ ns, err := actions.WriteLogs(ctx, task.LogFilename, task.LogSize, rows)
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "write logs: %v", err)
+ }
+ task.LogLength += int64(len(rows))
+ for _, n := range ns {
+ task.LogIndexes = append(task.LogIndexes, task.LogSize)
+ task.LogSize += int64(n)
+ }
+
+ res.Msg.AckIndex = task.LogLength
+
+ var remove func()
+ if req.Msg.NoMore {
+ task.LogInStorage = true
+ remove, err = actions.TransferLogs(ctx, task.LogFilename)
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "transfer logs: %v", err)
+ }
+ }
+
+ if err := actions_model.UpdateTask(ctx, task, "log_indexes", "log_length", "log_size", "log_in_storage"); err != nil {
+ return nil, status.Errorf(codes.Internal, "update task: %v", err)
+ }
+ if remove != nil {
+ remove()
+ }
+
+ return res, nil
+}
diff --git a/routers/api/actions/runner/utils.go b/routers/api/actions/runner/utils.go
new file mode 100644
index 0000000000..80e71941f2
--- /dev/null
+++ b/routers/api/actions/runner/utils.go
@@ -0,0 +1,122 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package runner
+
+import (
+ "context"
+ "fmt"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ secret_model "code.gitea.io/gitea/models/secret"
+ "code.gitea.io/gitea/modules/json"
+ "code.gitea.io/gitea/modules/log"
+ secret_module "code.gitea.io/gitea/modules/secret"
+ "code.gitea.io/gitea/modules/setting"
+
+ runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
+ "google.golang.org/protobuf/types/known/structpb"
+)
+
+func pickTask(ctx context.Context, runner *actions_model.ActionRunner) (*runnerv1.Task, bool, error) {
+ t, ok, err := actions_model.CreateTaskForRunner(ctx, runner)
+ if err != nil {
+ return nil, false, fmt.Errorf("CreateTaskForRunner: %w", err)
+ }
+ if !ok {
+ return nil, false, nil
+ }
+
+ task := &runnerv1.Task{
+ Id: t.ID,
+ WorkflowPayload: t.Job.WorkflowPayload,
+ Context: generateTaskContext(t),
+ Secrets: getSecretsOfTask(ctx, t),
+ }
+ return task, true, nil
+}
+
+func getSecretsOfTask(ctx context.Context, task *actions_model.ActionTask) map[string]string {
+ secrets := map[string]string{}
+ if task.Job.Run.IsForkPullRequest {
+ // ignore secrets for fork pull request
+ return secrets
+ }
+
+ ownerSecrets, err := secret_model.FindSecrets(ctx, secret_model.FindSecretsOptions{OwnerID: task.Job.Run.Repo.OwnerID})
+ if err != nil {
+ log.Error("find secrets of owner %v: %v", task.Job.Run.Repo.OwnerID, err)
+ // go on
+ }
+ repoSecrets, err := secret_model.FindSecrets(ctx, secret_model.FindSecretsOptions{RepoID: task.Job.Run.RepoID})
+ if err != nil {
+ log.Error("find secrets of repo %v: %v", task.Job.Run.RepoID, err)
+ // go on
+ }
+
+ for _, secret := range append(ownerSecrets, repoSecrets...) {
+ if v, err := secret_module.DecryptSecret(setting.SecretKey, secret.Data); err != nil {
+ log.Error("decrypt secret %v %q: %v", secret.ID, secret.Name, err)
+ // go on
+ } else {
+ secrets[secret.Name] = v
+ }
+ }
+
+ if _, ok := secrets["GITHUB_TOKEN"]; !ok {
+ secrets["GITHUB_TOKEN"] = task.Token
+ }
+ if _, ok := secrets["GITEA_TOKEN"]; !ok {
+ secrets["GITEA_TOKEN"] = task.Token
+ }
+
+ return secrets
+}
+
+func generateTaskContext(t *actions_model.ActionTask) *structpb.Struct {
+ event := map[string]interface{}{}
+ _ = json.Unmarshal([]byte(t.Job.Run.EventPayload), &event)
+
+ taskContext, _ := structpb.NewStruct(map[string]interface{}{
+ // standard contexts, see https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
+ "action": "", // string, The name of the action currently running, or the id of a step. GitHub removes special characters, and uses the name __run when the current step runs a script without an id. If you use the same action more than once in the same job, the name will include a suffix with the sequence number with underscore before it. For example, the first script you run will have the name __run, and the second script will be named __run_2. Similarly, the second invocation of actions/checkout will be actionscheckout2.
+ "action_path": "", // string, The path where an action is located. This property is only supported in composite actions. You can use this path to access files located in the same repository as the action.
+ "action_ref": "", // string, For a step executing an action, this is the ref of the action being executed. For example, v2.
+ "action_repository": "", // string, For a step executing an action, this is the owner and repository name of the action. For example, actions/checkout.
+ "action_status": "", // string, For a composite action, the current result of the composite action.
+ "actor": t.Job.Run.TriggerUser.Name, // string, The username of the user that triggered the initial workflow run. If the workflow run is a re-run, this value may differ from github.triggering_actor. Any workflow re-runs will use the privileges of github.actor, even if the actor initiating the re-run (github.triggering_actor) has different privileges.
+ "api_url": "", // string, The URL of the GitHub REST API.
+ "base_ref": "", // string, The base_ref or target branch of the pull request in a workflow run. This property is only available when the event that triggers a workflow run is either pull_request or pull_request_target.
+ "env": "", // string, Path on the runner to the file that sets environment variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see "Workflow commands for GitHub Actions."
+ "event": event, // object, The full event webhook payload. You can access individual properties of the event using this context. This object is identical to the webhook payload of the event that triggered the workflow run, and is different for each event. The webhooks for each GitHub Actions event is linked in "Events that trigger workflows." For example, for a workflow run triggered by the push event, this object contains the contents of the push webhook payload.
+ "event_name": t.Job.Run.Event.Event(), // string, The name of the event that triggered the workflow run.
+ "event_path": "", // string, The path to the file on the runner that contains the full event webhook payload.
+ "graphql_url": "", // string, The URL of the GitHub GraphQL API.
+ "head_ref": "", // string, The head_ref or source branch of the pull request in a workflow run. This property is only available when the event that triggers a workflow run is either pull_request or pull_request_target.
+ "job": fmt.Sprint(t.JobID), // string, The job_id of the current job.
+ "ref": t.Job.Run.Ref, // string, The fully-formed ref of the branch or tag that triggered the workflow run. For workflows triggered by push, this is the branch or tag ref that was pushed. For workflows triggered by pull_request, this is the pull request merge branch. For workflows triggered by release, this is the release tag created. For other triggers, this is the branch or tag ref that triggered the workflow run. This is only set if a branch or tag is available for the event type. The ref given is fully-formed, meaning that for branches the format is refs/heads/<branch_name>, for pull requests it is refs/pull/<pr_number>/merge, and for tags it is refs/tags/<tag_name>. For example, refs/heads/feature-branch-1.
+ "ref_name": t.Job.Run.Ref, // string, The short ref name of the branch or tag that triggered the workflow run. This value matches the branch or tag name shown on GitHub. For example, feature-branch-1.
+ "ref_protected": false, // boolean, true if branch protections are configured for the ref that triggered the workflow run.
+ "ref_type": "", // string, The type of ref that triggered the workflow run. Valid values are branch or tag.
+ "path": "", // string, Path on the runner to the file that sets system PATH variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see "Workflow commands for GitHub Actions."
+ "repository": t.Job.Run.Repo.OwnerName + "/" + t.Job.Run.Repo.Name, // string, The owner and repository name. For example, Codertocat/Hello-World.
+ "repository_owner": t.Job.Run.Repo.OwnerName, // string, The repository owner's name. For example, Codertocat.
+ "repositoryUrl": t.Job.Run.Repo.HTMLURL(), // string, The Git URL to the repository. For example, git://github.com/codertocat/hello-world.git.
+ "retention_days": "", // string, The number of days that workflow run logs and artifacts are kept.
+ "run_id": fmt.Sprint(t.Job.RunID), // string, A unique number for each workflow run within a repository. This number does not change if you re-run the workflow run.
+ "run_number": fmt.Sprint(t.Job.Run.Index), // string, A unique number for each run of a particular workflow in a repository. This number begins at 1 for the workflow's first run, and increments with each new run. This number does not change if you re-run the workflow run.
+ "run_attempt": fmt.Sprint(t.Job.Attempt), // string, A unique number for each attempt of a particular workflow run in a repository. This number begins at 1 for the workflow run's first attempt, and increments with each re-run.
+ "secret_source": "Actions", // string, The source of a secret used in a workflow. Possible values are None, Actions, Dependabot, or Codespaces.
+ "server_url": setting.AppURL, // string, The URL of the GitHub server. For example: https://github.com.
+ "sha": t.Job.Run.CommitSHA, // string, The commit SHA that triggered the workflow. The value of this commit SHA depends on the event that triggered the workflow. For more information, see "Events that trigger workflows." For example, ffac537e6cbbf934b08745a378932722df287a53.
+ "token": t.Token, // string, A token to authenticate on behalf of the GitHub App installed on your repository. This is functionally equivalent to the GITHUB_TOKEN secret. For more information, see "Automatic token authentication."
+ "triggering_actor": "", // string, The username of the user that initiated the workflow run. If the workflow run is a re-run, this value may differ from github.actor. Any workflow re-runs will use the privileges of github.actor, even if the actor initiating the re-run (github.triggering_actor) has different privileges.
+ "workflow": t.Job.Run.WorkflowID, // string, The name of the workflow. If the workflow file doesn't specify a name, the value of this property is the full path of the workflow file in the repository.
+ "workspace": "", // string, The default working directory on the runner for steps, and the default location of your repository when using the checkout action.
+
+ // additional contexts
+ "gitea_default_actions_url": setting.Actions.DefaultActionsURL,
+ })
+
+ return taskContext
+}
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index eef2a64244..5f57977c29 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -69,6 +69,7 @@ import (
"net/http"
"strings"
+ actions_model "code.gitea.io/gitea/models/actions"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/organization"
"code.gitea.io/gitea/models/perm"
@@ -184,10 +185,39 @@ func repoAssignment() func(ctx *context.APIContext) {
repo.Owner = owner
ctx.Repo.Repository = repo
- ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
- if err != nil {
- ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
- return
+ if ctx.Doer != nil && ctx.Doer.ID == user_model.ActionsUserID {
+ taskID := ctx.Data["ActionsTaskID"].(int64)
+ task, err := actions_model.GetTaskByID(ctx, taskID)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, "actions_model.GetTaskByID", err)
+ return
+ }
+ if task.RepoID != repo.ID {
+ ctx.NotFound()
+ return
+ }
+
+ if task.IsForkPullRequest {
+ ctx.Repo.Permission.AccessMode = perm.AccessModeRead
+ } else {
+ ctx.Repo.Permission.AccessMode = perm.AccessModeWrite
+ }
+
+ if err := ctx.Repo.Repository.LoadUnits(ctx); err != nil {
+ ctx.Error(http.StatusInternalServerError, "LoadUnits", err)
+ return
+ }
+ ctx.Repo.Permission.Units = ctx.Repo.Repository.Units
+ ctx.Repo.Permission.UnitsMode = make(map[unit.Type]perm.AccessMode)
+ for _, u := range ctx.Repo.Repository.Units {
+ ctx.Repo.Permission.UnitsMode[u.Type] = ctx.Repo.Permission.AccessMode
+ }
+ } else {
+ ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
+ return
+ }
}
if !ctx.Repo.HasAccess() {
@@ -209,6 +239,11 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext)
// Contexter middleware already checks token for user sign in process.
func reqToken(requiredScope auth_model.AccessTokenScope) func(ctx *context.APIContext) {
return func(ctx *context.APIContext) {
+ // If actions token is present
+ if true == ctx.Data["IsActionsToken"] {
+ return
+ }
+
// If OAuth2 token is present
if _, ok := ctx.Data["ApiTokenScope"]; ctx.Data["IsApiToken"] == true && ok {
// no scope required
diff --git a/routers/init.go b/routers/init.go
index 25f557d695..ab2e2a0bb7 100644
--- a/routers/init.go
+++ b/routers/init.go
@@ -30,11 +30,13 @@ import (
"code.gitea.io/gitea/modules/translation"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/web"
+ actions_router "code.gitea.io/gitea/routers/api/actions"
packages_router "code.gitea.io/gitea/routers/api/packages"
apiv1 "code.gitea.io/gitea/routers/api/v1"
"code.gitea.io/gitea/routers/common"
"code.gitea.io/gitea/routers/private"
web_routers "code.gitea.io/gitea/routers/web"
+ actions_service "code.gitea.io/gitea/services/actions"
"code.gitea.io/gitea/services/auth"
"code.gitea.io/gitea/services/auth/source/oauth2"
"code.gitea.io/gitea/services/automerge"
@@ -172,6 +174,8 @@ func GlobalInitInstalled(ctx context.Context) {
auth.Init()
svg.Init()
+ actions_service.Init()
+
// Finally start up the cron
cron.NewContext(ctx)
}
@@ -197,5 +201,11 @@ func NormalRoutes(ctx context.Context) *web.Route {
// This implements the OCI API (Note this is not preceded by /api but is instead /v2)
r.Mount("/v2", packages_router.ContainerRoutes(ctx))
}
+
+ if setting.Actions.Enabled {
+ prefix := "/api/actions"
+ r.Mount(prefix, actions_router.Routes(ctx, prefix))
+ }
+
return r
}
diff --git a/routers/private/hook_pre_receive.go b/routers/private/hook_pre_receive.go
index 8468227077..c711fc9477 100644
--- a/routers/private/hook_pre_receive.go
+++ b/routers/private/hook_pre_receive.go
@@ -472,25 +472,41 @@ func (ctx *preReceiveContext) loadPusherAndPermission() bool {
return true
}
- user, err := user_model.GetUserByID(ctx, ctx.opts.UserID)
- if err != nil {
- log.Error("Unable to get User id %d Error: %v", ctx.opts.UserID, err)
- ctx.JSON(http.StatusInternalServerError, private.Response{
- Err: fmt.Sprintf("Unable to get User id %d Error: %v", ctx.opts.UserID, err),
- })
- return false
- }
- ctx.user = user
-
- userPerm, err := access_model.GetUserRepoPermission(ctx, ctx.Repo.Repository, user)
- if err != nil {
- log.Error("Unable to get Repo permission of repo %s/%s of User %s: %v", ctx.Repo.Repository.OwnerName, ctx.Repo.Repository.Name, user.Name, err)
- ctx.JSON(http.StatusInternalServerError, private.Response{
- Err: fmt.Sprintf("Unable to get Repo permission of repo %s/%s of User %s: %v", ctx.Repo.Repository.OwnerName, ctx.Repo.Repository.Name, user.Name, err),
- })
- return false
+ if ctx.opts.UserID == user_model.ActionsUserID {
+ ctx.user = user_model.NewActionsUser()
+ ctx.userPerm.AccessMode = perm_model.AccessMode(ctx.opts.ActionPerm)
+ if err := ctx.Repo.Repository.LoadUnits(ctx); err != nil {
+ log.Error("Unable to get User id %d Error: %v", ctx.opts.UserID, err)
+ ctx.JSON(http.StatusInternalServerError, private.Response{
+ Err: fmt.Sprintf("Unable to get User id %d Error: %v", ctx.opts.UserID, err),
+ })
+ return false
+ }
+ ctx.userPerm.Units = ctx.Repo.Repository.Units
+ ctx.userPerm.UnitsMode = make(map[unit.Type]perm_model.AccessMode)
+ for _, u := range ctx.Repo.Repository.Units {
+ ctx.userPerm.UnitsMode[u.Type] = ctx.userPerm.AccessMode
+ }
+ } else {
+ user, err := user_model.GetUserByID(ctx, ctx.opts.UserID)
+ if err != nil {
+ log.Error("Unable to get User id %d Error: %v", ctx.opts.UserID, err)
+ ctx.JSON(http.StatusInternalServerError, private.Response{
+ Err: fmt.Sprintf("Unable to get User id %d Error: %v", ctx.opts.UserID, err),
+ })
+ return false
+ }
+ ctx.user = user
+ userPerm, err := access_model.GetUserRepoPermission(ctx, ctx.Repo.Repository, user)
+ if err != nil {
+ log.Error("Unable to get Repo permission of repo %s/%s of User %s: %v", ctx.Repo.Repository.OwnerName, ctx.Repo.Repository.Name, user.Name, err)
+ ctx.JSON(http.StatusInternalServerError, private.Response{
+ Err: fmt.Sprintf("Unable to get Repo permission of repo %s/%s of User %s: %v", ctx.Repo.Repository.OwnerName, ctx.Repo.Repository.Name, user.Name, err),
+ })
+ return false
+ }
+ ctx.userPerm = userPerm
}
- ctx.userPerm = userPerm
if ctx.opts.DeployKeyID != 0 {
deployKey, err := asymkey_model.GetDeployKeyByID(ctx, ctx.opts.DeployKeyID)
diff --git a/routers/web/admin/runners.go b/routers/web/admin/runners.go
new file mode 100644
index 0000000000..a70b53fdcb
--- /dev/null
+++ b/routers/web/admin/runners.go
@@ -0,0 +1,78 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package admin
+
+import (
+ "net/url"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/modules/base"
+ "code.gitea.io/gitea/modules/context"
+ "code.gitea.io/gitea/modules/setting"
+ actions_shared "code.gitea.io/gitea/routers/web/shared/actions"
+)
+
+const (
+ tplRunners base.TplName = "admin/runners/base"
+ tplRunnerEdit base.TplName = "admin/runners/edit"
+)
+
+// Runners show all the runners
+func Runners(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.runners")
+ ctx.Data["PageIsAdmin"] = true
+ ctx.Data["PageIsAdminRunners"] = true
+
+ page := ctx.FormInt("page")
+ if page <= 1 {
+ page = 1
+ }
+
+ opts := actions_model.FindRunnerOptions{
+ ListOptions: db.ListOptions{
+ Page: page,
+ PageSize: 100,
+ },
+ Sort: ctx.Req.URL.Query().Get("sort"),
+ Filter: ctx.Req.URL.Query().Get("q"),
+ }
+
+ actions_shared.RunnersList(ctx, tplRunners, opts)
+}
+
+// EditRunner show editing runner page
+func EditRunner(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.runners.edit_runner")
+ ctx.Data["PageIsAdmin"] = true
+ ctx.Data["PageIsAdminRunners"] = true
+
+ page := ctx.FormInt("page")
+ if page <= 1 {
+ page = 1
+ }
+
+ actions_shared.RunnerDetails(ctx, tplRunnerEdit, page, ctx.ParamsInt64(":runnerid"), 0, 0)
+}
+
+// EditRunnerPost response for editing runner
+func EditRunnerPost(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.runners.edit")
+ ctx.Data["PageIsAdmin"] = true
+ ctx.Data["PageIsAdminRunners"] = true
+ actions_shared.RunnerDetailsEditPost(ctx, ctx.ParamsInt64(":runnerid"), 0, 0,
+ setting.AppSubURL+"/admin/runners/"+url.PathEscape(ctx.Params(":runnerid")))
+}
+
+// DeleteRunnerPost response for deleting a runner
+func DeleteRunnerPost(ctx *context.Context) {
+ actions_shared.RunnerDeletePost(ctx, ctx.ParamsInt64(":runnerid"),
+ setting.AppSubURL+"/admin/runners/",
+ setting.AppSubURL+"/admin/runners/"+url.PathEscape(ctx.Params(":runnerid")),
+ )
+}
+
+func ResetRunnerRegistrationToken(ctx *context.Context) {
+ actions_shared.RunnerResetRegistrationToken(ctx, 0, 0, setting.AppSubURL+"/admin/runners/")
+}
diff --git a/routers/web/org/org_runners.go b/routers/web/org/org_runners.go
new file mode 100644
index 0000000000..f87a506504
--- /dev/null
+++ b/routers/web/org/org_runners.go
@@ -0,0 +1,78 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package org
+
+import (
+ "net/url"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/modules/context"
+ actions_shared "code.gitea.io/gitea/routers/web/shared/actions"
+)
+
+// Runners render runners page
+func Runners(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("org.runners")
+ ctx.Data["PageIsOrgSettings"] = true
+ ctx.Data["PageIsOrgSettingsRunners"] = true
+
+ page := ctx.FormInt("page")
+ if page <= 1 {
+ page = 1
+ }
+
+ opts := actions_model.FindRunnerOptions{
+ ListOptions: db.ListOptions{
+ Page: page,
+ PageSize: 100,
+ },
+ Sort: ctx.Req.URL.Query().Get("sort"),
+ Filter: ctx.Req.URL.Query().Get("q"),
+ OwnerID: ctx.Org.Organization.ID,
+ WithAvailable: true,
+ }
+
+ actions_shared.RunnersList(ctx, tplSettingsRunners, opts)
+}
+
+// ResetRunnerRegistrationToken reset runner registration token
+func ResetRunnerRegistrationToken(ctx *context.Context) {
+ actions_shared.RunnerResetRegistrationToken(ctx,
+ ctx.Org.Organization.ID, 0,
+ ctx.Org.OrgLink+"/settings/runners")
+}
+
+// RunnersEdit render runner edit page
+func RunnersEdit(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("org.runners.edit")
+ ctx.Data["PageIsOrgSettings"] = true
+ ctx.Data["PageIsOrgSettingsRunners"] = true
+ page := ctx.FormInt("page")
+ if page <= 1 {
+ page = 1
+ }
+
+ actions_shared.RunnerDetails(ctx, tplSettingsRunnersEdit, page,
+ ctx.ParamsInt64(":runnerid"), ctx.Org.Organization.ID, 0,
+ )
+}
+
+// RunnersEditPost response for editing runner
+func RunnersEditPost(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("org.runners.edit")
+ ctx.Data["PageIsOrgSettings"] = true
+ ctx.Data["PageIsOrgSettingsRunners"] = true
+ actions_shared.RunnerDetailsEditPost(ctx, ctx.ParamsInt64(":runnerid"),
+ ctx.Org.Organization.ID, 0,
+ ctx.Org.OrgLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
+}
+
+// RunnerDeletePost response for deleting runner
+func RunnerDeletePost(ctx *context.Context) {
+ actions_shared.RunnerDeletePost(ctx,
+ ctx.ParamsInt64(":runnerid"),
+ ctx.Org.OrgLink+"/settings/runners",
+ ctx.Org.OrgLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
+}
diff --git a/routers/web/org/setting.go b/routers/web/org/setting.go
index e625962f75..80f5707245 100644
--- a/routers/web/org/setting.go
+++ b/routers/web/org/setting.go
@@ -40,6 +40,10 @@ const (
tplSettingsLabels base.TplName = "org/settings/labels"
// tplSettingsSecrets template path for render secrets settings
tplSettingsSecrets base.TplName = "org/settings/secrets"
+ // tplSettingsRunners template path for render runners settings
+ tplSettingsRunners base.TplName = "org/settings/runners"
+ // tplSettingsRunnersEdit template path for render runners edit settings
+ tplSettingsRunnersEdit base.TplName = "org/settings/runners_edit"
)
// Settings render the main settings page
diff --git a/routers/web/repo/actions/actions.go b/routers/web/repo/actions/actions.go
new file mode 100644
index 0000000000..146bf27daf
--- /dev/null
+++ b/routers/web/repo/actions/actions.go
@@ -0,0 +1,139 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package actions
+
+import (
+ "net/http"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/models/unit"
+ "code.gitea.io/gitea/modules/actions"
+ "code.gitea.io/gitea/modules/base"
+ "code.gitea.io/gitea/modules/context"
+ "code.gitea.io/gitea/modules/git"
+ "code.gitea.io/gitea/modules/setting"
+ "code.gitea.io/gitea/modules/util"
+ "code.gitea.io/gitea/services/convert"
+)
+
+const (
+ tplListActions base.TplName = "repo/actions/list"
+ tplViewActions base.TplName = "repo/actions/view"
+)
+
+// MustEnableActions check if actions are enabled in settings
+func MustEnableActions(ctx *context.Context) {
+ if !setting.Actions.Enabled {
+ ctx.NotFound("MustEnableActions", nil)
+ return
+ }
+
+ if unit.TypeActions.UnitGlobalDisabled() {
+ ctx.NotFound("MustEnableActions", nil)
+ return
+ }
+
+ if ctx.Repo.Repository != nil {
+ if !ctx.Repo.CanRead(unit.TypeActions) {
+ ctx.NotFound("MustEnableActions", nil)
+ return
+ }
+ }
+}
+
+func List(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.actions")
+ ctx.Data["PageIsActions"] = true
+
+ var workflows git.Entries
+ if empty, err := ctx.Repo.GitRepo.IsEmpty(); err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ } else if !empty {
+ defaultBranch, err := ctx.Repo.GitRepo.GetDefaultBranch()
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ commit, err := ctx.Repo.GitRepo.GetBranchCommit(defaultBranch)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ workflows, err = actions.ListWorkflows(commit)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ }
+
+ ctx.Data["workflows"] = workflows
+ ctx.Data["RepoLink"] = ctx.Repo.Repository.HTMLURL()
+
+ page := ctx.FormInt("page")
+ if page <= 0 {
+ page = 1
+ }
+
+ workflow := ctx.FormString("workflow")
+ ctx.Data["CurWorkflow"] = workflow
+
+ opts := actions_model.FindRunOptions{
+ ListOptions: db.ListOptions{
+ Page: page,
+ PageSize: convert.ToCorrectPageSize(ctx.FormInt("limit")),
+ },
+ RepoID: ctx.Repo.Repository.ID,
+ WorkflowFileName: workflow,
+ }
+
+ // open counts
+ opts.IsClosed = util.OptionalBoolFalse
+ numOpenRuns, err := actions_model.CountRuns(ctx, opts)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ ctx.Data["NumOpenActionRuns"] = numOpenRuns
+
+ // closed counts
+ opts.IsClosed = util.OptionalBoolTrue
+ numClosedRuns, err := actions_model.CountRuns(ctx, opts)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ ctx.Data["NumClosedActionRuns"] = numClosedRuns
+
+ opts.IsClosed = util.OptionalBoolNone
+ if ctx.FormString("state") == "closed" {
+ opts.IsClosed = util.OptionalBoolTrue
+ ctx.Data["IsShowClosed"] = true
+ } else {
+ opts.IsClosed = util.OptionalBoolFalse
+ }
+ runs, total, err := actions_model.FindRuns(ctx, opts)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+
+ for _, run := range runs {
+ run.Repo = ctx.Repo.Repository
+ }
+
+ if err := runs.LoadTriggerUser(ctx); err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+
+ ctx.Data["Runs"] = runs
+
+ pager := context.NewPagination(int(total), opts.PageSize, opts.Page, 5)
+ pager.SetDefaultParams(ctx)
+ ctx.Data["Page"] = pager
+
+ ctx.HTML(http.StatusOK, tplListActions)
+}
diff --git a/routers/web/repo/actions/view.go b/routers/web/repo/actions/view.go
new file mode 100644
index 0000000000..e83494f64a
--- /dev/null
+++ b/routers/web/repo/actions/view.go
@@ -0,0 +1,297 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package actions
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "net/http"
+ "time"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/models/unit"
+ "code.gitea.io/gitea/modules/actions"
+ context_module "code.gitea.io/gitea/modules/context"
+ "code.gitea.io/gitea/modules/timeutil"
+ "code.gitea.io/gitea/modules/util"
+ "code.gitea.io/gitea/modules/web"
+ actions_service "code.gitea.io/gitea/services/actions"
+
+ "xorm.io/builder"
+)
+
+func View(ctx *context_module.Context) {
+ ctx.Data["PageIsActions"] = true
+ runIndex := ctx.ParamsInt64("run")
+ jobIndex := ctx.ParamsInt64("job")
+ ctx.Data["RunIndex"] = runIndex
+ ctx.Data["JobIndex"] = jobIndex
+ ctx.Data["ActionsURL"] = ctx.Repo.RepoLink + "/actions"
+
+ if getRunJobs(ctx, runIndex, jobIndex); ctx.Written() {
+ return
+ }
+
+ ctx.HTML(http.StatusOK, tplViewActions)
+}
+
+type ViewRequest struct {
+ LogCursors []struct {
+ Step int `json:"step"`
+ Cursor int64 `json:"cursor"`
+ Expanded bool `json:"expanded"`
+ } `json:"logCursors"`
+}
+
+type ViewResponse struct {
+ State struct {
+ Run struct {
+ HTMLURL string `json:"htmlurl"`
+ Title string `json:"title"`
+ CanCancel bool `json:"canCancel"`
+ Done bool `json:"done"`
+ Jobs []*ViewJob `json:"jobs"`
+ } `json:"run"`
+ CurrentJob struct {
+ Title string `json:"title"`
+ Detail string `json:"detail"`
+ Steps []*ViewJobStep `json:"steps"`
+ } `json:"currentJob"`
+ } `json:"state"`
+ Logs struct {
+ StepsLog []*ViewStepLog `json:"stepsLog"`
+ } `json:"logs"`
+}
+
+type ViewJob struct {
+ ID int64 `json:"id"`
+ Name string `json:"name"`
+ Status string `json:"status"`
+ CanRerun bool `json:"canRerun"`
+}
+
+type ViewJobStep struct {
+ Summary string `json:"summary"`
+ Duration string `json:"duration"`
+ Status string `json:"status"`
+}
+
+type ViewStepLog struct {
+ Step int `json:"step"`
+ Cursor int64 `json:"cursor"`
+ Lines []*ViewStepLogLine `json:"lines"`
+}
+
+type ViewStepLogLine struct {
+ Index int64 `json:"index"`
+ Message string `json:"message"`
+ Timestamp float64 `json:"timestamp"`
+}
+
+func ViewPost(ctx *context_module.Context) {
+ req := web.GetForm(ctx).(*ViewRequest)
+ runIndex := ctx.ParamsInt64("run")
+ jobIndex := ctx.ParamsInt64("job")
+
+ current, jobs := getRunJobs(ctx, runIndex, jobIndex)
+ if ctx.Written() {
+ return
+ }
+ run := current.Run
+
+ resp := &ViewResponse{}
+
+ resp.State.Run.Title = run.Title
+ resp.State.Run.HTMLURL = run.HTMLURL()
+ resp.State.Run.CanCancel = !run.Status.IsDone() && ctx.Repo.CanWrite(unit.TypeActions)
+ resp.State.Run.Done = run.Status.IsDone()
+ resp.State.Run.Jobs = make([]*ViewJob, 0, len(jobs)) // marshal to '[]' instead fo 'null' in json
+ for _, v := range jobs {
+ resp.State.Run.Jobs = append(resp.State.Run.Jobs, &ViewJob{
+ ID: v.ID,
+ Name: v.Name,
+ Status: v.Status.String(),
+ CanRerun: v.Status.IsDone() && ctx.Repo.CanWrite(unit.TypeActions),
+ })
+ }
+
+ var task *actions_model.ActionTask
+ if current.TaskID > 0 {
+ var err error
+ task, err = actions_model.GetTaskByID(ctx, current.TaskID)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ task.Job = current
+ if err := task.LoadAttributes(ctx); err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+ }
+
+ resp.State.CurrentJob.Title = current.Name
+ resp.State.CurrentJob.Detail = current.Status.LocaleString(ctx.Locale)
+ resp.State.CurrentJob.Steps = make([]*ViewJobStep, 0) // marshal to '[]' instead fo 'null' in json
+ resp.Logs.StepsLog = make([]*ViewStepLog, 0) // marshal to '[]' instead fo 'null' in json
+ if task != nil {
+ steps := actions.FullSteps(task)
+
+ for _, v := range steps {
+ resp.State.CurrentJob.Steps = append(resp.State.CurrentJob.Steps, &ViewJobStep{
+ Summary: v.Name,
+ Duration: v.Duration().String(),
+ Status: v.Status.String(),
+ })
+ }
+
+ for _, cursor := range req.LogCursors {
+ if !cursor.Expanded {
+ continue
+ }
+
+ step := steps[cursor.Step]
+
+ logLines := make([]*ViewStepLogLine, 0) // marshal to '[]' instead fo 'null' in json
+ if c := cursor.Cursor; c < step.LogLength && c >= 0 {
+ index := step.LogIndex + c
+ length := step.LogLength - cursor.Cursor
+ offset := task.LogIndexes[index]
+ var err error
+ logRows, err := actions.ReadLogs(ctx, task.LogInStorage, task.LogFilename, offset, length)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+
+ for i, row := range logRows {
+ logLines = append(logLines, &ViewStepLogLine{
+ Index: cursor.Cursor + int64(i) + 1, // start at 1
+ Message: row.Content,
+ Timestamp: float64(row.Time.AsTime().UnixNano()) / float64(time.Second),
+ })
+ }
+ }
+
+ resp.Logs.StepsLog = append(resp.Logs.StepsLog, &ViewStepLog{
+ Step: cursor.Step,
+ Cursor: cursor.Cursor + int64(len(logLines)),
+ Lines: logLines,
+ })
+ }
+ }
+
+ ctx.JSON(http.StatusOK, resp)
+}
+
+func Rerun(ctx *context_module.Context) {
+ runIndex := ctx.ParamsInt64("run")
+ jobIndex := ctx.ParamsInt64("job")
+
+ job, _ := getRunJobs(ctx, runIndex, jobIndex)
+ if ctx.Written() {
+ return
+ }
+ status := job.Status
+ if !status.IsDone() {
+ ctx.JSON(http.StatusOK, struct{}{})
+ return
+ }
+
+ job.TaskID = 0
+ job.Status = actions_model.StatusWaiting
+ job.Started = 0
+ job.Stopped = 0
+
+ if err := db.WithTx(ctx, func(ctx context.Context) error {
+ if _, err := actions_model.UpdateRunJob(ctx, job, builder.Eq{"status": status}, "task_id", "status", "started", "stopped"); err != nil {
+ return err
+ }
+ return actions_service.CreateCommitStatus(ctx, job)
+ }); err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+
+ ctx.JSON(http.StatusOK, struct{}{})
+}
+
+func Cancel(ctx *context_module.Context) {
+ runIndex := ctx.ParamsInt64("run")
+
+ _, jobs := getRunJobs(ctx, runIndex, -1)
+ if ctx.Written() {
+ return
+ }
+
+ if err := db.WithTx(ctx, func(ctx context.Context) error {
+ for _, job := range jobs {
+ status := job.Status
+ if status.IsDone() {
+ continue
+ }
+ if job.TaskID == 0 {
+ job.Status = actions_model.StatusCancelled
+ job.Stopped = timeutil.TimeStampNow()
+ n, err := actions_model.UpdateRunJob(ctx, job, builder.Eq{"task_id": 0}, "status", "stopped")
+ if err != nil {
+ return err
+ }
+ if n == 0 {
+ return fmt.Errorf("job has changed, try again")
+ }
+ continue
+ }
+ if err := actions_model.StopTask(ctx, job.TaskID, actions_model.StatusCancelled); err != nil {
+ return err
+ }
+ if err := actions_service.CreateCommitStatus(ctx, job); err != nil {
+ return err
+ }
+ }
+ return nil
+ }); err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return
+ }
+
+ ctx.JSON(http.StatusOK, struct{}{})
+}
+
+// getRunJobs gets the jobs of runIndex, and returns jobs[jobIndex], jobs.
+// Any error will be written to the ctx.
+// It never returns a nil job of an empty jobs, if the jobIndex is out of range, it will be treated as 0.
+func getRunJobs(ctx *context_module.Context, runIndex, jobIndex int64) (*actions_model.ActionRunJob, []*actions_model.ActionRunJob) {
+ run, err := actions_model.GetRunByIndex(ctx, ctx.Repo.Repository.ID, runIndex)
+ if err != nil {
+ if errors.Is(err, util.ErrNotExist) {
+ ctx.Error(http.StatusNotFound, err.Error())
+ return nil, nil
+ }
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return nil, nil
+ }
+ run.Repo = ctx.Repo.Repository
+
+ jobs, err := actions_model.GetRunJobsByRunID(ctx, run.ID)
+ if err != nil {
+ ctx.Error(http.StatusInternalServerError, err.Error())
+ return nil, nil
+ }
+ if len(jobs) == 0 {
+ ctx.Error(http.StatusNotFound, err.Error())
+ return nil, nil
+ }
+
+ for _, v := range jobs {
+ v.Run = run
+ }
+
+ if jobIndex >= 0 && jobIndex < int64(len(jobs)) {
+ return jobs[jobIndex], jobs
+ }
+ return jobs[0], jobs
+}
diff --git a/routers/web/repo/http.go b/routers/web/repo/http.go
index b2a49e3e3a..2c91ed6178 100644
--- a/routers/web/repo/http.go
+++ b/routers/web/repo/http.go
@@ -18,6 +18,7 @@ import (
"sync"
"time"
+ actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/perm"
access_model "code.gitea.io/gitea/models/perm/access"
@@ -163,7 +164,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
return
}
- if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true {
+ if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true && ctx.Data["IsActionsToken"] != true {
_, err = auth.GetTwoFactorByUID(ctx.Doer.ID)
if err == nil {
// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented
@@ -180,21 +181,56 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
return
}
- if repoExist {
- p, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
- if err != nil {
- ctx.ServerError("GetUserRepoPermission", err)
- return
- }
+ environ = []string{
+ repo_module.EnvRepoUsername + "=" + username,
+ repo_module.EnvRepoName + "=" + reponame,
+ repo_module.EnvPusherName + "=" + ctx.Doer.Name,
+ repo_module.EnvPusherID + fmt.Sprintf("=%d", ctx.Doer.ID),
+ repo_module.EnvAppURL + "=" + setting.AppURL,
+ }
+ if repoExist {
// Because of special ref "refs/for" .. , need delay write permission check
if git.SupportProcReceive {
accessMode = perm.AccessModeRead
}
- if !p.CanAccess(accessMode, unitType) {
- ctx.PlainText(http.StatusForbidden, "User permission denied")
- return
+ if ctx.Data["IsActionsToken"] == true {
+ taskID := ctx.Data["ActionsTaskID"].(int64)
+ task, err := actions_model.GetTaskByID(ctx, taskID)
+ if err != nil {
+ ctx.ServerError("GetTaskByID", err)
+ return
+ }
+ if task.RepoID != repo.ID {
+ ctx.PlainText(http.StatusForbidden, "User permission denied")
+ return
+ }
+
+ if task.IsForkPullRequest {
+ if accessMode > perm.AccessModeRead {
+ ctx.PlainText(http.StatusForbidden, "User permission denied")
+ return
+ }
+ environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeRead))
+ } else {
+ if accessMode > perm.AccessModeWrite {
+ ctx.PlainText(http.StatusForbidden, "User permission denied")
+ return
+ }
+ environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeWrite))
+ }
+ } else {
+ p, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
+ if err != nil {
+ ctx.ServerError("GetUserRepoPermission", err)
+ return
+ }
+
+ if !p.CanAccess(accessMode, unitType) {
+ ctx.PlainText(http.StatusForbidden, "User permission denied")
+ return
+ }
}
if !isPull && repo.IsMirror {
@@ -203,14 +239,6 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
}
}
- environ = []string{
- repo_module.EnvRepoUsername + "=" + username,
- repo_module.EnvRepoName + "=" + reponame,
- repo_module.EnvPusherName + "=" + ctx.Doer.Name,
- repo_module.EnvPusherID + fmt.Sprintf("=%d", ctx.Doer.ID),
- repo_module.EnvAppURL + "=" + setting.AppURL,
- }
-
if !ctx.Doer.KeepEmailPrivate {
environ = append(environ, repo_module.EnvPusherEmail+"="+ctx.Doer.Email)
}
diff --git a/routers/web/repo/runners.go b/routers/web/repo/runners.go
new file mode 100644
index 0000000000..d3dbff17fd
--- /dev/null
+++ b/routers/web/repo/runners.go
@@ -0,0 +1,76 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+ "net/url"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/modules/context"
+ actions_shared "code.gitea.io/gitea/routers/web/shared/actions"
+)
+
+const (
+ tplRunners = "repo/settings/runners"
+ tplRunnerEdit = "repo/settings/runner_edit"
+)
+
+// Runners render runners page
+func Runners(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.runners")
+ ctx.Data["PageIsSettingsRunners"] = true
+
+ page := ctx.FormInt("page")
+ if page <= 1 {
+ page = 1
+ }
+
+ opts := actions_model.FindRunnerOptions{
+ ListOptions: db.ListOptions{
+ Page: page,
+ PageSize: 100,
+ },
+ Sort: ctx.Req.URL.Query().Get("sort"),
+ Filter: ctx.Req.URL.Query().Get("q"),
+ RepoID: ctx.Repo.Repository.ID,
+ WithAvailable: true,
+ }
+
+ actions_shared.RunnersList(ctx, tplRunners, opts)
+}
+
+func RunnersEdit(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.runners")
+ ctx.Data["PageIsSettingsRunners"] = true
+ page := ctx.FormInt("page")
+ if page <= 1 {
+ page = 1
+ }
+
+ actions_shared.RunnerDetails(ctx, tplRunnerEdit, page,
+ ctx.ParamsInt64(":runnerid"), 0, ctx.Repo.Repository.ID,
+ )
+}
+
+func RunnersEditPost(ctx *context.Context) {
+ ctx.Data["Title"] = ctx.Tr("actions.runners")
+ ctx.Data["PageIsSettingsRunners"] = true
+ actions_shared.RunnerDetailsEditPost(ctx, ctx.ParamsInt64(":runnerid"),
+ 0, ctx.Repo.Repository.ID,
+ ctx.Repo.RepoLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
+}
+
+func ResetRunnerRegistrationToken(ctx *context.Context) {
+ actions_shared.RunnerResetRegistrationToken(ctx,
+ 0, ctx.Repo.Repository.ID,
+ ctx.Repo.RepoLink+"/settings/runners")
+}
+
+// RunnerDeletePost response for deleting runner
+func RunnerDeletePost(ctx *context.Context) {
+ actions_shared.RunnerDeletePost(ctx, ctx.ParamsInt64(":runnerid"),
+ ctx.Repo.RepoLink+"/settings/runners",
+ ctx.Repo.RepoLink+"/settings/runners/"+url.PathEscape(ctx.Params(":runnerid")))
+}
diff --git a/routers/web/repo/setting.go b/routers/web/repo/setting.go
index 43a615abfe..d2d15537ac 100644
--- a/routers/web/repo/setting.go
+++ b/routers/web/repo/setting.go
@@ -497,6 +497,15 @@ func SettingsPost(ctx *context.Context) {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePackages)
}
+ if form.EnableActions && !unit_model.TypeActions.UnitGlobalDisabled() {
+ units = append(units, repo_model.RepoUnit{
+ RepoID: repo.ID,
+ Type: unit_model.TypeActions,
+ })
+ } else if !unit_model.TypeActions.UnitGlobalDisabled() {
+ deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeActions)
+ }
+
if form.EnablePulls && !unit_model.TypePullRequests.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
@@ -1143,7 +1152,6 @@ func SecretsPost(ctx *context.Context) {
// DeployKeysPost response for adding a deploy key of a repository
func DeployKeysPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.AddKeyForm)
-
ctx.Data["Title"] = ctx.Tr("repo.settings.deploy_keys")
ctx.Data["PageIsSettingsKeys"] = true
ctx.Data["DisableSSH"] = setting.SSH.Disabled
diff --git a/routers/web/shared/actions/runners.go b/routers/web/shared/actions/runners.go
new file mode 100644
index 0000000000..f63d37f165
--- /dev/null
+++ b/routers/web/shared/actions/runners.go
@@ -0,0 +1,190 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package actions
+
+import (
+ "errors"
+ "net/http"
+ "strings"
+
+ actions_model "code.gitea.io/gitea/models/actions"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/modules/base"
+ "code.gitea.io/gitea/modules/context"
+ "code.gitea.io/gitea/modules/log"
+ "code.gitea.io/gitea/modules/util"
+ "code.gitea.io/gitea/modules/web"
+ "code.gitea.io/gitea/services/forms"
+)
+
+// RunnersList render common runners list page
+func RunnersList(ctx *context.Context, tplName base.TplName, opts actions_model.FindRunnerOptions) {
+ count, err := actions_model.CountRunners(ctx, opts)
+ if err != nil {
+ ctx.ServerError("AdminRunners", err)
+ return
+ }
+
+ runners, err := actions_model.FindRunners(ctx, opts)
+ if err != nil {
+ ctx.ServerError("AdminRunners", err)
+ return
+ }
+ if err := runners.LoadAttributes(ctx); err != nil {
+ ctx.ServerError("LoadAttributes", err)
+ return
+ }
+
+ // ownid=0,repo_id=0,means this token is used for global
+ var token *actions_model.ActionRunnerToken
+ token, err = actions_model.GetUnactivatedRunnerToken(ctx, opts.OwnerID, opts.RepoID)
+ if errors.Is(err, util.ErrNotExist) {
+ token, err = actions_model.NewRunnerToken(ctx, opts.OwnerID, opts.RepoID)
+ if err != nil {
+ ctx.ServerError("CreateRunnerToken", err)
+ return
+ }
+ } else if err != nil {
+ ctx.ServerError("GetUnactivatedRunnerToken", err)
+ return
+ }
+
+ ctx.Data["Keyword"] = opts.Filter
+ ctx.Data["Runners"] = runners
+ ctx.Data["Total"] = count
+ ctx.Data["RegistrationToken"] = token.Token
+ ctx.Data["RunnerOnwerID"] = opts.OwnerID
+ ctx.Data["RunnerRepoID"] = opts.RepoID
+
+ pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
+ ctx.Data["Page"] = pager
+
+ ctx.HTML(http.StatusOK, tplName)
+}
+
+// RunnerDetails render runner details page
+func RunnerDetails(ctx *context.Context, tplName base.TplName, page int, runnerID, ownerID, repoID int64) {
+ runner, err := actions_model.GetRunnerByID(ctx, runnerID)
+ if err != nil {
+ ctx.ServerError("GetRunnerByID", err)
+ return
+ }
+ if err := runner.LoadAttributes(ctx); err != nil {
+ ctx.ServerError("LoadAttributes", err)
+ return
+ }
+ if !runner.Editable(ownerID, repoID) {
+ err = errors.New("no permission to edit this runner")
+ ctx.NotFound("RunnerDetails", err)
+ return
+ }
+
+ ctx.Data["Runner"] = runner
+
+ opts := actions_model.FindTaskOptions{
+ ListOptions: db.ListOptions{
+ Page: page,
+ PageSize: 30,
+ },
+ Status: actions_model.StatusUnknown, // Unknown means all
+ IDOrderDesc: true,
+ RunnerID: runner.ID,
+ }
+
+ count, err := actions_model.CountTasks(ctx, opts)
+ if err != nil {
+ ctx.ServerError("CountTasks", err)
+ return
+ }
+
+ tasks, err := actions_model.FindTasks(ctx, opts)
+ if err != nil {
+ ctx.ServerError("FindTasks", err)
+ return
+ }
+ if err = tasks.LoadAttributes(ctx); err != nil {
+ ctx.ServerError("TasksLoadAttributes", err)
+ return
+ }
+
+ ctx.Data["Tasks"] = tasks
+ pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
+ ctx.Data["Page"] = pager
+
+ ctx.HTML(http.StatusOK, tplName)
+}
+
+// RunnerDetailsEditPost response for edit runner details
+func RunnerDetailsEditPost(ctx *context.Context, runnerID, ownerID, repoID int64, redirectTo string) {
+ runner, err := actions_model.GetRunnerByID(ctx, runnerID)
+ if err != nil {
+ log.Warn("RunnerDetailsEditPost.GetRunnerByID failed: %v, url: %s", err, ctx.Req.URL)
+ ctx.ServerError("RunnerDetailsEditPost.GetRunnerByID", err)
+ return
+ }
+ if !runner.Editable(ownerID, repoID) {
+ ctx.NotFound("RunnerDetailsEditPost.Editable", util.NewPermissionDeniedErrorf("no permission to edit this runner"))
+ return
+ }
+
+ form := web.GetForm(ctx).(*forms.EditRunnerForm)
+ runner.Description = form.Description
+ runner.CustomLabels = splitLabels(form.CustomLabels)
+
+ err = actions_model.UpdateRunner(ctx, runner, "description", "custom_labels")
+ if err != nil {
+ log.Warn("RunnerDetailsEditPost.UpdateRunner failed: %v, url: %s", err, ctx.Req.URL)
+ ctx.Flash.Warning(ctx.Tr("actions.runners.update_runner_failed"))
+ ctx.Redirect(redirectTo)
+ return
+ }
+
+ log.Debug("RunnerDetailsEditPost success: %s", ctx.Req.URL)
+
+ ctx.Flash.Success(ctx.Tr("actions.runners.update_runner_success"))
+ ctx.Redirect(redirectTo)
+}
+
+// RunnerResetRegistrationToken reset registration token
+func RunnerResetRegistrationToken(ctx *context.Context, ownerID, repoID int64, redirectTo string) {
+ _, err := actions_model.NewRunnerToken(ctx, ownerID, repoID)
+ if err != nil {
+ ctx.ServerError("ResetRunnerRegistrationToken", err)
+ return
+ }
+
+ ctx.Flash.Success(ctx.Tr("actions.runners.reset_registration_token_success"))
+ ctx.Redirect(redirectTo)
+}
+
+// RunnerDeletePost response for deleting a runner
+func RunnerDeletePost(ctx *context.Context, runnerID int64,
+ successRedirectTo, failedRedirectTo string,
+) {
+ if err := actions_model.DeleteRunner(ctx, runnerID); err != nil {
+ log.Warn("DeleteRunnerPost.UpdateRunner failed: %v, url: %s", err, ctx.Req.URL)
+ ctx.Flash.Warning(ctx.Tr("actions.runners.delete_runner_failed"))
+
+ ctx.JSON(http.StatusOK, map[string]interface{}{
+ "redirect": failedRedirectTo,
+ })
+ return
+ }
+
+ log.Info("DeleteRunnerPost success: %s", ctx.Req.URL)
+
+ ctx.Flash.Success(ctx.Tr("actions.runners.delete_runner_success"))
+
+ ctx.JSON(http.StatusOK, map[string]interface{}{
+ "redirect": successRedirectTo,
+ })
+}
+
+func splitLabels(s string) []string {
+ labels := strings.Split(s, ",")
+ for i, v := range labels {
+ labels[i] = strings.TrimSpace(v)
+ }
+ return labels
+}
diff --git a/routers/web/web.go b/routers/web/web.go
index d37d82820d..88a12df19d 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -34,6 +34,7 @@ import (
"code.gitea.io/gitea/routers/web/misc"
"code.gitea.io/gitea/routers/web/org"
"code.gitea.io/gitea/routers/web/repo"
+ "code.gitea.io/gitea/routers/web/repo/actions"
"code.gitea.io/gitea/routers/web/user"
user_setting "code.gitea.io/gitea/routers/web/user/setting"
"code.gitea.io/gitea/routers/web/user/setting/security"
@@ -620,6 +621,13 @@ func RegisterRoutes(m *web.Route) {
return
}
})
+
+ m.Group("/runners", func() {
+ m.Get("", admin.Runners)
+ m.Get("/reset_registration_token", admin.ResetRunnerRegistrationToken)
+ m.Combo("/{runnerid}").Get(admin.EditRunner).Post(web.Bind(forms.EditRunnerForm{}), admin.EditRunnerPost)
+ m.Post("/{runnerid}/delete", admin.DeleteRunnerPost)
+ }, actions.MustEnableActions)
}, func(ctx *context.Context) {
ctx.Data["EnableOAuth2"] = setting.OAuth2.Enable
ctx.Data["EnablePackages"] = setting.Packages.Enabled
@@ -661,6 +669,8 @@ func RegisterRoutes(m *web.Route) {
reqRepoIssuesOrPullsReader := context.RequireRepoReaderOr(unit.TypeIssues, unit.TypePullRequests)
reqRepoProjectsReader := context.RequireRepoReader(unit.TypeProjects)
reqRepoProjectsWriter := context.RequireRepoWriter(unit.TypeProjects)
+ reqRepoActionsReader := context.RequireRepoReader(unit.TypeActions)
+ reqRepoActionsWriter := context.RequireRepoWriter(unit.TypeActions)
reqPackageAccess := func(accessMode perm.AccessMode) func(ctx *context.Context) {
return func(ctx *context.Context) {
@@ -774,6 +784,14 @@ func RegisterRoutes(m *web.Route) {
m.Post("/initialize", web.Bind(forms.InitializeLabelsForm{}), org.InitializeLabels)
})
+ m.Group("/runners", func() {
+ m.Get("", org.Runners)
+ m.Combo("/{runnerid}").Get(org.RunnersEdit).
+ Post(web.Bind(forms.EditRunnerForm{}), org.RunnersEditPost)
+ m.Post("/{runnerid}/delete", org.RunnerDeletePost)
+ m.Get("/reset_registration_token", org.ResetRunnerRegistrationToken)
+ }, actions.MustEnableActions)
+
m.Group("/secrets", func() {
m.Get("", org.Secrets)
m.Post("", web.Bind(forms.AddSecretForm{}), org.SecretsPost)
@@ -983,6 +1001,14 @@ func RegisterRoutes(m *web.Route) {
m.Post("/{lid}/unlock", repo.LFSUnlock)
})
})
+
+ m.Group("/runners", func() {
+ m.Get("", repo.Runners)
+ m.Combo("/{runnerid}").Get(repo.RunnersEdit).
+ Post(web.Bind(forms.EditRunnerForm{}), repo.RunnersEditPost)
+ m.Post("/{runnerid}/delete", repo.RunnerDeletePost)
+ m.Get("/reset_registration_token", repo.ResetRunnerRegistrationToken)
+ }, actions.MustEnableActions)
}, func(ctx *context.Context) {
ctx.Data["PageIsSettings"] = true
ctx.Data["LFSStartServer"] = setting.LFS.StartServer
@@ -1230,6 +1256,23 @@ func RegisterRoutes(m *web.Route) {
}, reqRepoProjectsWriter, context.RepoMustNotBeArchived())
}, reqRepoProjectsReader, repo.MustEnableProjects)
+ m.Group("/actions", func() {
+ m.Get("", actions.List)
+
+ m.Group("/runs/{run}", func() {
+ m.Combo("").
+ Get(actions.View).
+ Post(web.Bind(actions.ViewRequest{}), actions.ViewPost)
+ m.Group("/jobs/{job}", func() {
+ m.Combo("").
+ Get(actions.View).
+ Post(web.Bind(actions.ViewRequest{}), actions.ViewPost)
+ m.Post("/rerun", reqRepoActionsWriter, actions.Rerun)
+ })
+ m.Post("/cancel", reqRepoActionsWriter, actions.Cancel)
+ })
+ }, reqRepoActionsReader, actions.MustEnableActions)
+
m.Group("/wiki", func() {
m.Combo("/").
Get(repo.Wiki).
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 05:14:26 +0000