mirror of
https://github.com/actions/actions-runner-controller.git
synced 2025-12-10 19:50:30 +00:00
d0d316252e
This will work on GHES but GitHub Enterprise Cloud due to excessive GitHub API calls required. More work is needed, like adding a cache layer to the GitHub client, to make it usable on GitHub Enterprise Cloud. Fixes additional cases from https://github.com/actions-runner-controller/actions-runner-controller/pull/1012 If GitHub auth is provided in the webhooks controller then runner groups with custom visibility are supported. Otherwise, all runner groups will be assumed to be visible to all repositories `getScaleUpTargetWithFunction()` will check if there is an HRA available with the following flow: 1. Search for **repository** HRAs - if so it ends here 2. Get available HRAs in k8s 3. Compute visible runner groups a. If GitHub auth is provided - get all the runner groups that are visible to the repository of the incoming webhook using GitHub API calls. b. If GitHub auth is not provided - assume all runner groups are visible to all repositories 4. Search for **default organization** runners (a.k.a runners from organization's visible default runner group) with matching labels 5. Search for **default enterprise** runners (a.k.a runners from enterprise's visible default runner group) with matching labels 6. Search for **custom organization runner groups** with matching labels 7. Search for **custom enterprise runner groups** with matching labels Co-authored-by: Yusuke Kuoka <ykuoka@gmail.com>
64 lines
1.4 KiB
Go
64 lines
1.4 KiB
Go
package simulator
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/actions-runner-controller/actions-runner-controller/github"
|
|
)
|
|
|
|
type Simulator struct {
|
|
Client *github.Client
|
|
}
|
|
|
|
func (c *Simulator) GetRunnerGroupsVisibleToRepository(ctx context.Context, org, repo string, managed *VisibleRunnerGroups) (*VisibleRunnerGroups, error) {
|
|
visible := NewVisibleRunnerGroups()
|
|
|
|
if org == "" {
|
|
panic(fmt.Sprintf("BUG: owner should not be empty in this context. repo=%v", repo))
|
|
}
|
|
|
|
runnerGroups, err := c.Client.ListOrganizationRunnerGroups(ctx, org)
|
|
if err != nil {
|
|
return visible, err
|
|
}
|
|
|
|
for _, runnerGroup := range runnerGroups {
|
|
ref := NewRunnerGroupFromGitHub(runnerGroup)
|
|
|
|
if !managed.Includes(ref) {
|
|
continue
|
|
}
|
|
|
|
if runnerGroup.GetVisibility() != "all" {
|
|
hasAccess, err := c.hasRepoAccessToOrganizationRunnerGroup(ctx, org, runnerGroup.GetID(), repo)
|
|
if err != nil {
|
|
return visible, err
|
|
}
|
|
|
|
if !hasAccess {
|
|
continue
|
|
}
|
|
}
|
|
|
|
visible.Add(ref)
|
|
}
|
|
|
|
return visible, nil
|
|
}
|
|
|
|
func (c *Simulator) hasRepoAccessToOrganizationRunnerGroup(ctx context.Context, org string, runnerGroupId int64, repo string) (bool, error) {
|
|
repos, err := c.Client.ListRunnerGroupRepositoryAccesses(ctx, org, runnerGroupId)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
for _, githubRepo := range repos {
|
|
if githubRepo.GetFullName() == repo {
|
|
return true, nil
|
|
}
|
|
}
|
|
|
|
return false, nil
|
|
}
|