actions/runner-container-hooks
1
0
Fork 0
mirror of https://github.com/actions/runner-container-hooks.git synced 2025-12-14 16:46:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pass secrets more securely for container action

Browse Source
This commit is contained in:
Thomas Boop
2022-06-06 18:43:57 -04:00
parent 689a74e352
commit e928fa3252
6 changed files with 84 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
packages/k8s/src/hooks/prepare-job.ts
View File

@@ -14,7 +14,7 @@ import {
isAuthPermissionsOK,
isPodContainerAlpine,
namespace,
podPrune,
prunePods,
requiredPermissions,
waitForPodPhases
} from '../k8s'
@@ -29,7 +29,7 @@ export async function prepareJob(
args: prepareJobArgs,
responseFile
): Promise<void> {
await podPrune()
await prunePods()
if (!(await isAuthPermissionsOK())) {
throw new Error(
`The Service account needs the following permissions ${JSON.stringify(
@@ -58,7 +58,7 @@ export async function prepareJob(
try {
createdPod = await createPod(container, services, args.registry)
} catch (err) {
await podPrune()
await prunePods()
throw new Error(`failed to create job pod: ${JSON.stringify(err)}`)
}
@@ -73,7 +73,7 @@ export async function prepareJob(
new Set([PodPhase.PENDING])
)
} catch (err) {
await podPrune()
await prunePods()
throw new Error(`Pod failed to come online with error: ${err}`)
}