summaryrefslogtreecommitdiff
path: root/lib/api/ci/job_artifacts.rb
blob: 37c7cc73c46e7d0a43f3316992d633231ea15629 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
# frozen_string_literal: true

module API
  module Ci
    class JobArtifacts < ::API::Base
      helpers ::API::Helpers::ProjectStatsRefreshConflictsHelpers

      before { authenticate_non_get! }

      feature_category :build_artifacts

      # EE::API::Ci::JobArtifacts would override the following helpers
      helpers do
        def authorize_download_artifacts!
          authorize_read_builds!
        end
      end

      prepend_mod_with('API::Ci::JobArtifacts') # rubocop: disable Cop/InjectEnterpriseEditionModule

      params do
        requires :id, type: String, desc: 'The ID of a project'
      end
      resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
        desc 'Download the artifacts archive from a job' do
          detail 'This feature was introduced in GitLab 8.10'
        end
        params do
          requires :ref_name, type: String, desc: 'The ref from repository'
          requires :job,      type: String, desc: 'The name for the job'
        end
        route_setting :authentication, job_token_allowed: true
        get ':id/jobs/artifacts/:ref_name/download',
            urgency: :low,
            requirements: { ref_name: /.+/ } do
          authorize_download_artifacts!

          latest_build = user_project.latest_successful_build_for_ref!(params[:job], params[:ref_name])
          authorize_read_job_artifacts!(latest_build)

          present_artifacts_file!(latest_build.artifacts_file, project: latest_build.project)
        end

        desc 'Download a specific file from artifacts archive from a ref' do
          detail 'This feature was introduced in GitLab 11.5'
        end
        params do
          requires :ref_name, type: String, desc: 'The ref from repository'
          requires :job, type: String, desc: 'The name for the job'
          requires :artifact_path, type: String, desc: 'Artifact path'
        end
        route_setting :authentication, job_token_allowed: true
        get ':id/jobs/artifacts/:ref_name/raw/*artifact_path',
            urgency: :low,
            format: false,
            requirements: { ref_name: /.+/ } do
          authorize_download_artifacts!

          build = user_project.latest_successful_build_for_ref!(params[:job], params[:ref_name])
          authorize_read_job_artifacts!(build)

          path = Gitlab::Ci::Build::Artifacts::Path
            .new(params[:artifact_path])

          bad_request! unless path.valid?

          send_artifacts_entry(build.artifacts_file, path)
        end

        desc 'Download the artifacts archive from a job' do
          detail 'This feature was introduced in GitLab 8.5'
        end
        params do
          requires :job_id, type: Integer, desc: 'The ID of a job'
        end
        route_setting :authentication, job_token_allowed: true
        get ':id/jobs/:job_id/artifacts', urgency: :low do
          authorize_download_artifacts!

          build = find_build!(params[:job_id])
          authorize_read_job_artifacts!(build)

          present_artifacts_file!(build.artifacts_file, project: build.project)
        end

        desc 'Download a specific file from artifacts archive' do
          detail 'This feature was introduced in GitLab 10.0'
        end
        params do
          requires :job_id, type: Integer, desc: 'The ID of a job'
          requires :artifact_path, type: String, desc: 'Artifact path'
        end
        route_setting :authentication, job_token_allowed: true
        get ':id/jobs/:job_id/artifacts/*artifact_path', urgency: :low, format: false do
          authorize_download_artifacts!

          build = find_build!(params[:job_id])
          authorize_read_job_artifacts!(build)

          not_found! unless build.available_artifacts?

          path = Gitlab::Ci::Build::Artifacts::Path
            .new(params[:artifact_path])

          bad_request! unless path.valid?

          # This endpoint is being used for Artifact Browser feature that renders the content via pages.
          # Since Content-Type is controlled by Rails and Workhorse, if a wrong
          # content-type is sent, it could cause a regression on pages rendering.
          # See https://gitlab.com/gitlab-org/gitlab/-/issues/357078 for more information.
          legacy_send_artifacts_entry(build.artifacts_file, path)
        end

        desc 'Keep the artifacts to prevent them from being deleted' do
          success ::API::Entities::Ci::Job
        end
        params do
          requires :job_id, type: Integer, desc: 'The ID of a job'
        end
        post ':id/jobs/:job_id/artifacts/keep' do
          authorize_update_builds!

          build = find_build!(params[:job_id])
          authorize!(:update_build, build)
          break not_found!(build) unless build.artifacts?

          build.keep_artifacts!

          status 200
          present build, with: ::API::Entities::Ci::Job
        end

        desc 'Delete the artifacts files from a job' do
          detail 'This feature was introduced in GitLab 11.9'
        end
        params do
          requires :job_id, type: Integer, desc: 'The ID of a job'
        end
        delete ':id/jobs/:job_id/artifacts' do
          authorize_destroy_artifacts!
          build = find_build!(params[:job_id])
          authorize!(:destroy_artifacts, build)

          reject_if_build_artifacts_size_refreshing!(build.project)

          ::Ci::JobArtifacts::DeleteService.new(build).execute

          status :no_content
        end

        desc 'Expire the artifacts files from a project'
        delete ':id/artifacts' do
          authorize_destroy_artifacts!

          reject_if_build_artifacts_size_refreshing!(user_project)

          ::Ci::JobArtifacts::DeleteProjectArtifactsService.new(project: user_project).execute

          accepted!
        end
      end
    end
  end
end