mirror of
https://github.com/actions/runner.git
synced 2025-12-10 12:36:23 +00:00
Broker fixes for token refreshes and AccessDeniedException (#3161)
This commit is contained in:
Luke Tomlinson
@@ -21,6 +21,8 @@ namespace GitHub.Runner.Common
|
|||||||
Task DeleteSessionAsync(CancellationToken cancellationToken);
|
Task DeleteSessionAsync(CancellationToken cancellationToken);
|
||||||
|
|
||||||
Task<TaskAgentMessage> GetRunnerMessageAsync(Guid? sessionId, TaskAgentStatus status, string version, string os, string architecture, bool disableUpdate, CancellationToken token);
|
Task<TaskAgentMessage> GetRunnerMessageAsync(Guid? sessionId, TaskAgentStatus status, string version, string os, string architecture, bool disableUpdate, CancellationToken token);
|
||||||
|
|
||||||
|
Task UpdateConnectionIfNeeded(Uri serverUri, VssCredentials credentials);
|
||||||
}
|
}
|
||||||
|
|
||||||
public sealed class BrokerServer : RunnerService, IBrokerServer
|
public sealed class BrokerServer : RunnerService, IBrokerServer
|
||||||
@@ -59,7 +61,7 @@ namespace GitHub.Runner.Common
|
|||||||
{
|
{
|
||||||
CheckConnection();
|
CheckConnection();
|
||||||
var brokerSession = RetryRequest<TaskAgentMessage>(
|
var brokerSession = RetryRequest<TaskAgentMessage>(
|
||||||
async () => await _brokerHttpClient.GetRunnerMessageAsync(sessionId, version, status, os, architecture, disableUpdate, cancellationToken), cancellationToken);
|
async () => await _brokerHttpClient.GetRunnerMessageAsync(sessionId, version, status, os, architecture, disableUpdate, cancellationToken), cancellationToken, shouldRetry: ShouldRetryException);
|
||||||
|
|
||||||
return brokerSession;
|
return brokerSession;
|
||||||
}
|
}
|
||||||
@@ -69,5 +71,25 @@ namespace GitHub.Runner.Common
|
|||||||
CheckConnection();
|
CheckConnection();
|
||||||
await _brokerHttpClient.DeleteSessionAsync(cancellationToken);
|
await _brokerHttpClient.DeleteSessionAsync(cancellationToken);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Task UpdateConnectionIfNeeded(Uri serverUri, VssCredentials credentials)
|
||||||
|
{
|
||||||
|
if (_brokerUri != serverUri || !_hasConnection)
|
||||||
|
{
|
||||||
|
return ConnectAsync(serverUri, credentials);
|
||||||
|
}
|
||||||
|
|
||||||
|
return Task.CompletedTask;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool ShouldRetryException(Exception ex)
|
||||||
|
{
|
||||||
|
if (ex is AccessDeniedException ade && ade.ErrorCode == 1)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -109,7 +109,8 @@ namespace GitHub.Runner.Listener
|
|||||||
if (_session.BrokerMigrationMessage != null)
|
if (_session.BrokerMigrationMessage != null)
|
||||||
{
|
{
|
||||||
Trace.Info("Runner session is in migration mode: Creating Broker session with BrokerBaseUrl: {0}", _session.BrokerMigrationMessage.BrokerBaseUrl);
|
Trace.Info("Runner session is in migration mode: Creating Broker session with BrokerBaseUrl: {0}", _session.BrokerMigrationMessage.BrokerBaseUrl);
|
||||||
await _brokerServer.ConnectAsync(_session.BrokerMigrationMessage.BrokerBaseUrl, _creds);
|
|
||||||
|
await _brokerServer.UpdateConnectionIfNeeded(_session.BrokerMigrationMessage.BrokerBaseUrl, _creds);
|
||||||
_session = await _brokerServer.CreateSessionAsync(taskAgentSession, token);
|
_session = await _brokerServer.CreateSessionAsync(taskAgentSession, token);
|
||||||
_isBrokerSession = true;
|
_isBrokerSession = true;
|
||||||
}
|
}
|
||||||
@@ -256,7 +257,7 @@ namespace GitHub.Runner.Listener
|
|||||||
|
|
||||||
var migrationMessage = JsonUtility.FromString<BrokerMigrationMessage>(message.Body);
|
var migrationMessage = JsonUtility.FromString<BrokerMigrationMessage>(message.Body);
|
||||||
|
|
||||||
await _brokerServer.ConnectAsync(migrationMessage.BrokerBaseUrl, _creds);
|
await _brokerServer.UpdateConnectionIfNeeded(migrationMessage.BrokerBaseUrl, _creds);
|
||||||
message = await _brokerServer.GetRunnerMessageAsync(_session.SessionId,
|
message = await _brokerServer.GetRunnerMessageAsync(_session.SessionId,
|
||||||
runnerStatus,
|
runnerStatus,
|
||||||
BuildConstants.RunnerPackage.Version,
|
BuildConstants.RunnerPackage.Version,
|
||||||
|
|||||||
@@ -110,9 +110,14 @@ namespace GitHub.Actions.RunService.WebApi
|
|||||||
return result.Value;
|
return result.Value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// the only time we throw a `Forbidden` exception from Listener /messages is when the runner is
|
||||||
|
// disable_update and is too old to poll
|
||||||
if (result.StatusCode == HttpStatusCode.Forbidden)
|
if (result.StatusCode == HttpStatusCode.Forbidden)
|
||||||
{
|
{
|
||||||
throw new AccessDeniedException(result.Error);
|
throw new AccessDeniedException($"{result.Error} Runner version v{runnerVersion} is deprecated and cannot receive messages.")
|
||||||
|
{
|
||||||
|
ErrorCode = 1
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
throw new Exception($"Failed to get job message: {result.Error}");
|
throw new Exception($"Failed to get job message: {result.Error}");
|
||||||
|
|||||||
Reference in New Issue
Block a user