diff options
author | Kamil Trzciński <ayufan@ayufan.eu> | 2016-11-21 20:22:55 +0000 |
---|---|---|
committer | Kamil Trzciński <ayufan@ayufan.eu> | 2016-11-21 20:22:55 +0000 |
commit | 3c8d2148fc81cf75af322744221a0ff284216988 (patch) | |
tree | e9bc950f5b5c8b2515fd1ce52abb2e92662e272f | |
parent | 3e3b2fab28af3412032be05252ae7868610346b2 (diff) | |
parent | 461195665b22291d5e57287efc0567b89a9ee262 (diff) | |
download | gitlab-ce-3c8d2148fc81cf75af322744221a0ff284216988.tar.gz |
Merge branch 'feature/send-registry-address-with-build-payload' into 'master'
Send registry address with build payload
## What does this MR do?
Adds `registry_url` as a part of a build payload, when sending a response to a GitLab Runner which requested a new build.
## Are there points in the code the reviewer needs to double check?
Change in `lib/ci/api/entities.rb`.
## Why was this MR needed?
This is one of the steps needed to add support for private/protected registries hosted with GitLab CE/EE.
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
- [x] Added for this feature/bug
- [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
Related to gitlab-org/gitlab-ci-multi-runner#1828, gitlab-org/gitlab-ci-multi-runner!386, gitlab-org/gitlab-ci-multi-runner#1434
See merge request !7474
-rw-r--r-- | app/models/ci/build.rb | 4 | ||||
-rw-r--r-- | changelogs/unreleased/feature-send-registry-address-with-build-payload.yml | 4 | ||||
-rw-r--r-- | lib/ci/api/entities.rb | 6 | ||||
-rw-r--r-- | lib/gitlab/ci/build/credentials/base.rb | 13 | ||||
-rw-r--r-- | lib/gitlab/ci/build/credentials/factory.rb | 27 | ||||
-rw-r--r-- | lib/gitlab/ci/build/credentials/registry.rb | 24 | ||||
-rw-r--r-- | spec/lib/gitlab/ci/build/credentials/factory_spec.rb | 38 | ||||
-rw-r--r-- | spec/lib/gitlab/ci/build/credentials/registry_spec.rb | 41 | ||||
-rw-r--r-- | spec/requests/ci/api/builds_spec.rb | 39 |
9 files changed, 196 insertions, 0 deletions
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index 83c0c64e5fb..e7d33bd26db 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -487,6 +487,10 @@ module Ci ] end + def credentials + Gitlab::Ci::Build::Credentials::Factory.new(self).create! + end + private def update_artifacts_size diff --git a/changelogs/unreleased/feature-send-registry-address-with-build-payload.yml b/changelogs/unreleased/feature-send-registry-address-with-build-payload.yml new file mode 100644 index 00000000000..db9bb2bc31f --- /dev/null +++ b/changelogs/unreleased/feature-send-registry-address-with-build-payload.yml @@ -0,0 +1,4 @@ +--- +title: Send credentials (currently for registry only) with build data to GitLab Runner +merge_request: 7474 +author: diff --git a/lib/ci/api/entities.rb b/lib/ci/api/entities.rb index 66c05773b68..792ff628b09 100644 --- a/lib/ci/api/entities.rb +++ b/lib/ci/api/entities.rb @@ -32,6 +32,10 @@ module Ci expose :artifacts_file, using: ArtifactFile, if: ->(build, _) { build.artifacts? } end + class BuildCredentials < Grape::Entity + expose :type, :url, :username, :password + end + class BuildDetails < Build expose :commands expose :repo_url @@ -50,6 +54,8 @@ module Ci expose :variables expose :depends_on_builds, using: Build + + expose :credentials, using: BuildCredentials end class Runner < Grape::Entity diff --git a/lib/gitlab/ci/build/credentials/base.rb b/lib/gitlab/ci/build/credentials/base.rb new file mode 100644 index 00000000000..29a7a27c963 --- /dev/null +++ b/lib/gitlab/ci/build/credentials/base.rb @@ -0,0 +1,13 @@ +module Gitlab + module Ci + module Build + module Credentials + class Base + def type + self.class.name.demodulize.underscore + end + end + end + end + end +end diff --git a/lib/gitlab/ci/build/credentials/factory.rb b/lib/gitlab/ci/build/credentials/factory.rb new file mode 100644 index 00000000000..2423aa8857d --- /dev/null +++ b/lib/gitlab/ci/build/credentials/factory.rb @@ -0,0 +1,27 @@ +module Gitlab + module Ci + module Build + module Credentials + class Factory + def initialize(build) + @build = build + end + + def create! + credentials.select(&:valid?) + end + + private + + def credentials + providers.map { |provider| provider.new(@build) } + end + + def providers + [Registry] + end + end + end + end + end +end diff --git a/lib/gitlab/ci/build/credentials/registry.rb b/lib/gitlab/ci/build/credentials/registry.rb new file mode 100644 index 00000000000..55eafcaed10 --- /dev/null +++ b/lib/gitlab/ci/build/credentials/registry.rb @@ -0,0 +1,24 @@ +module Gitlab + module Ci + module Build + module Credentials + class Registry < Base + attr_reader :username, :password + + def initialize(build) + @username = 'gitlab-ci-token' + @password = build.token + end + + def url + Gitlab.config.registry.host_port + end + + def valid? + Gitlab.config.registry.enabled + end + end + end + end + end +end diff --git a/spec/lib/gitlab/ci/build/credentials/factory_spec.rb b/spec/lib/gitlab/ci/build/credentials/factory_spec.rb new file mode 100644 index 00000000000..10b4b7a8826 --- /dev/null +++ b/spec/lib/gitlab/ci/build/credentials/factory_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper' + +describe Gitlab::Ci::Build::Credentials::Factory do + let(:build) { create(:ci_build, name: 'spinach', stage: 'test', stage_idx: 0) } + + subject { Gitlab::Ci::Build::Credentials::Factory.new(build).create! } + + class TestProvider + def initialize(build); end + end + + before do + allow_any_instance_of(Gitlab::Ci::Build::Credentials::Factory).to receive(:providers).and_return([TestProvider]) + end + + context 'when provider is valid' do + before do + allow_any_instance_of(TestProvider).to receive(:valid?).and_return(true) + end + + it 'generates an array of credentials objects' do + is_expected.to be_kind_of(Array) + is_expected.not_to be_empty + expect(subject.first).to be_kind_of(TestProvider) + end + end + + context 'when provider is not valid' do + before do + allow_any_instance_of(TestProvider).to receive(:valid?).and_return(false) + end + + it 'generates an array without specific credential object' do + is_expected.to be_kind_of(Array) + is_expected.to be_empty + end + end +end diff --git a/spec/lib/gitlab/ci/build/credentials/registry_spec.rb b/spec/lib/gitlab/ci/build/credentials/registry_spec.rb new file mode 100644 index 00000000000..84e44dd53e2 --- /dev/null +++ b/spec/lib/gitlab/ci/build/credentials/registry_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe Gitlab::Ci::Build::Credentials::Registry do + let(:build) { create(:ci_build, name: 'spinach', stage: 'test', stage_idx: 0) } + let(:registry_url) { 'registry.example.com:5005' } + + subject { Gitlab::Ci::Build::Credentials::Registry.new(build) } + + before do + stub_container_registry_config(host_port: registry_url) + end + + it 'contains valid DockerRegistry credentials' do + expect(subject).to be_kind_of(Gitlab::Ci::Build::Credentials::Registry) + + expect(subject.username).to eq 'gitlab-ci-token' + expect(subject.password).to eq build.token + expect(subject.url).to eq registry_url + expect(subject.type).to eq 'registry' + end + + describe '.valid?' do + subject { Gitlab::Ci::Build::Credentials::Registry.new(build).valid? } + + context 'when registry is enabled' do + before do + stub_container_registry_config(enabled: true) + end + + it { is_expected.to be_truthy } + end + + context 'when registry is disabled' do + before do + stub_container_registry_config(enabled: false) + end + + it { is_expected.to be_falsey } + end + end +end diff --git a/spec/requests/ci/api/builds_spec.rb b/spec/requests/ci/api/builds_spec.rb index a611c5e3823..a09d8689ff2 100644 --- a/spec/requests/ci/api/builds_spec.rb +++ b/spec/requests/ci/api/builds_spec.rb @@ -17,6 +17,10 @@ describe Ci::API::API do let!(:build) { create(:ci_build, pipeline: pipeline, name: 'spinach', stage: 'test', stage_idx: 0) } let(:user_agent) { 'gitlab-ci-multi-runner 1.5.2 (1-5-stable; go1.6.3; linux/amd64)' } + before do + stub_container_registry_config(enabled: false) + end + shared_examples 'no builds available' do context 'when runner sends version in User-Agent' do context 'for stable version' do @@ -53,6 +57,41 @@ describe Ci::API::API do it 'updates runner info' do expect { register_builds }.to change { runner.reload.contacted_at } end + + context 'registry credentials' do + let(:registry_credentials) do + { 'type' => 'registry', + 'url' => 'registry.example.com:5005', + 'username' => 'gitlab-ci-token', + 'password' => build.token } + end + + context 'when registry is enabled' do + before do + stub_container_registry_config(enabled: true, host_port: 'registry.example.com:5005') + end + + it 'sends registry credentials key' do + register_builds info: { platform: :darwin } + + expect(json_response).to have_key('credentials') + expect(json_response['credentials']).to include(registry_credentials) + end + end + + context 'when registry is disabled' do + before do + stub_container_registry_config(enabled: false, host_port: 'registry.example.com:5005') + end + + it 'does not send registry credentials' do + register_builds info: { platform: :darwin } + + expect(json_response).to have_key('credentials') + expect(json_response['credentials']).not_to include(registry_credentials) + end + end + end end context 'when builds are finished' do |