mirror of
https://github.com/actions/runner.git
synced 2026-01-06 18:17:23 +08:00
Compare commits
16 Commits
users/tihu
...
v2.324.0
| Author | SHA1 | Date | |
|---|---|---|---|
|
da3412efd4 | ||
|
|
26185d43d0 | ||
|
|
e911d2908d | ||
|
|
ce4b7f4dd6 | ||
|
|
505fa60905 | ||
|
|
57459ad274 | ||
|
|
890e43f6c5 | ||
|
|
3a27ca292a | ||
|
|
282f7cd2b2 | ||
|
|
f060fe5c85 | ||
|
|
1a092a24a3 | ||
|
|
26eff8e55a | ||
|
|
d7cfd2e341 | ||
|
|
a3a7b6a77e | ||
|
|
db6005b0a7 | ||
|
|
9155c42c09 |
25
.github/copilot-instructions.md
vendored
Normal file
25
.github/copilot-instructions.md
vendored
Normal file
@@ -0,0 +1,25 @@
|
||||
## Making changes
|
||||
|
||||
### Tests
|
||||
|
||||
Whenever possible, changes should be accompanied by non-trivial tests that meaningfully exercise the core functionality of the new code being introduced.
|
||||
|
||||
All tests are in the `Test/` directory at the repo root. Fast unit tests are in the `Test/L0` directory and by convention have the suffix `L0.cs`. For example: unit tests for a hypothetical `src/Runner.Worker/Foo.cs` would go in `src/Test/L0/Worker/FooL0.cs`.
|
||||
|
||||
Run tests using this command:
|
||||
|
||||
```sh
|
||||
cd src && ./dev.sh test
|
||||
```
|
||||
|
||||
### Formatting
|
||||
|
||||
After editing .cs files, always format the code using this command:
|
||||
|
||||
```sh
|
||||
cd src && ./dev.sh format
|
||||
```
|
||||
|
||||
### Feature Flags
|
||||
|
||||
Wherever possible, all changes should be safeguarded by a feature flag; `Features` are declared in [Constants.cs](src/Runner.Common/Constants.cs).
|
||||
14
.github/workflows/release.yml
vendored
14
.github/workflows/release.yml
vendored
@@ -214,7 +214,7 @@ jobs:
|
||||
|
||||
# Upload release assets (full runner packages)
|
||||
- name: Upload Release Asset (win-x64)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -224,7 +224,7 @@ jobs:
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Release Asset (win-arm64)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -234,7 +234,7 @@ jobs:
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Release Asset (linux-x64)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -244,7 +244,7 @@ jobs:
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Release Asset (osx-x64)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -254,7 +254,7 @@ jobs:
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Release Asset (osx-arm64)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -264,7 +264,7 @@ jobs:
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Release Asset (linux-arm)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
@@ -274,7 +274,7 @@ jobs:
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Release Asset (linux-arm64)
|
||||
uses: actions/upload-release-asset@v1.0.1
|
||||
uses: actions/upload-release-asset@v1.0.2
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
|
||||
@@ -250,6 +250,42 @@ Two problem matchers can be used:
|
||||
}
|
||||
```
|
||||
|
||||
#### Default from path
|
||||
|
||||
The problem matcher can specify a `fromPath` property at the top level, which applies when a specific pattern doesn't provide a value for `fromPath`. This is useful for tools that don't include project file information in their output.
|
||||
|
||||
For example, given the following compiler output that doesn't include project file information:
|
||||
|
||||
```
|
||||
ClassLibrary.cs(16,24): warning CS0612: 'ClassLibrary.Helpers.MyHelper.Name' is obsolete
|
||||
```
|
||||
|
||||
A problem matcher with a default from path can be used:
|
||||
|
||||
```json
|
||||
{
|
||||
"problemMatcher": [
|
||||
{
|
||||
"owner": "csc-minimal",
|
||||
"fromPath": "ClassLibrary/ClassLibrary.csproj",
|
||||
"pattern": [
|
||||
{
|
||||
"regexp": "^(.+)\\((\\d+),(\\d+)\\): (error|warning) (.+): (.*)$",
|
||||
"file": 1,
|
||||
"line": 2,
|
||||
"column": 3,
|
||||
"severity": 4,
|
||||
"code": 5,
|
||||
"message": 6
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
This ensures that the file is rooted to the correct path when there's not enough information in the error messages to extract a `fromPath`.
|
||||
|
||||
#### Mitigate regular expression denial of service (ReDos)
|
||||
|
||||
If a matcher exceeds a 1 second timeout when processing a line, retry up to two three times total.
|
||||
|
||||
@@ -5,8 +5,8 @@ ARG TARGETOS
|
||||
ARG TARGETARCH
|
||||
ARG RUNNER_VERSION
|
||||
ARG RUNNER_CONTAINER_HOOKS_VERSION=0.7.0
|
||||
ARG DOCKER_VERSION=28.0.1
|
||||
ARG BUILDX_VERSION=0.21.2
|
||||
ARG DOCKER_VERSION=28.1.1
|
||||
ARG BUILDX_VERSION=0.23.0
|
||||
|
||||
RUN apt update -y && apt install curl unzip -y
|
||||
|
||||
|
||||
@@ -1,36 +1,37 @@
|
||||
## What's Changed
|
||||
* Bump docker/login-action from 2 to 3 by @dependabot in https://github.com/actions/runner/pull/3673
|
||||
* Bump actions/stale from 8 to 9 by @dependabot in https://github.com/actions/runner/pull/3554
|
||||
* Bump docker/build-push-action from 3 to 6 by @dependabot in https://github.com/actions/runner/pull/3674
|
||||
* update node version from 20.18.0 -> 20.18.2 by @aiqiaoy in https://github.com/actions/runner/pull/3682
|
||||
* Pass BillingOwnerId through Acquire/Complete calls by @luketomlinson in https://github.com/actions/runner/pull/3689
|
||||
* Do not retry CompleteJobAsync for known non-retryable errors by @ericsciple in https://github.com/actions/runner/pull/3696
|
||||
* Update dotnet sdk to latest version @8.0.406 by @github-actions in https://github.com/actions/runner/pull/3712
|
||||
* Update Dockerfile with new docker and buildx versions by @thboop in https://github.com/actions/runner/pull/3680
|
||||
* chore: remove redundant words by @finaltrip in https://github.com/actions/runner/pull/3705
|
||||
* fix: actions feedback link is incorrect by @Yaminyam in https://github.com/actions/runner/pull/3165
|
||||
* Bump actions/github-script from 0.3.0 to 7.0.1 by @dependabot in https://github.com/actions/runner/pull/3557
|
||||
* Docker container provenance by @paveliak in https://github.com/actions/runner/pull/3736
|
||||
* Add request-id to http eventsource trace. by @TingluoHuang in https://github.com/actions/runner/pull/3740
|
||||
* Update Bocker and Buildx version to mitigate images scanners alerts by @Blizter in https://github.com/actions/runner/pull/3750
|
||||
* Fix typo, add invariant culture to timestamp for workflow log reporting by @GhadimiR in https://github.com/actions/runner/pull/3749
|
||||
* Create vssconnection to actions service when URL provided. by @TingluoHuang in https://github.com/actions/runner/pull/3751
|
||||
* Housekeeping: Update npm packages and node version by @thboop in https://github.com/actions/runner/pull/3752
|
||||
* Improve the out-of-date warning message. by @tecimovic in https://github.com/actions/runner/pull/3595
|
||||
* Update dotnet sdk to latest version @8.0.407 by @github-actions in https://github.com/actions/runner/pull/3753
|
||||
* Exit hosted runner cleanly during deprovisioning. by @TingluoHuang in https://github.com/actions/runner/pull/3755
|
||||
* Send annotation title to run-service. by @TingluoHuang in https://github.com/actions/runner/pull/3757
|
||||
* Allow server enforce runner settings. by @TingluoHuang in https://github.com/actions/runner/pull/3758
|
||||
* Support refresh runner configs with pipelines service. by @TingluoHuang in https://github.com/actions/runner/pull/3706
|
||||
* Increase error body max length before truncation by @ericsciple in https://github.com/actions/runner/pull/3762
|
||||
* Fix release.yml break by upgrading actions/github-script by @TingluoHuang in https://github.com/actions/runner/pull/3772
|
||||
* Small runner code cleanup. by @TingluoHuang in https://github.com/actions/runner/pull/3773
|
||||
* Enable hostcontext to track auth migration. by @TingluoHuang in https://github.com/actions/runner/pull/3776
|
||||
* Add option in OAuthCred to load authUrlV2. by @TingluoHuang in https://github.com/actions/runner/pull/3777
|
||||
* Remove create session with broker in MessageListener. by @TingluoHuang in https://github.com/actions/runner/pull/3782
|
||||
* Enable auth migration based on config refresh. by @TingluoHuang in https://github.com/actions/runner/pull/3786
|
||||
* Set JWT.alg to PS256 with PssPadding. by @TingluoHuang in https://github.com/actions/runner/pull/3789
|
||||
* Enable FIPS by default. by @TingluoHuang in https://github.com/actions/runner/pull/3793
|
||||
* Support auth migration using authUrlV2 in Runner/MessageListener. by @TingluoHuang in https://github.com/actions/runner/pull/3787
|
||||
* Cleanup feature flag actions_skip_retry_complete_job_upon_known_errors by @ericsciple in https://github.com/actions/runner/pull/3806
|
||||
* Update dotnet sdk to latest version @8.0.408 by @github-actions in https://github.com/actions/runner/pull/3808
|
||||
* Bump hook to 0.7.0 by @nikola-jokic in https://github.com/actions/runner/pull/3813
|
||||
* Allow enable auth migration by default. by @TingluoHuang in https://github.com/actions/runner/pull/3804
|
||||
* Do not retry /renewjob on 404 by @ericsciple in https://github.com/actions/runner/pull/3828
|
||||
* Bump Microsoft.NET.Test.Sdk from 17.12.0 to 17.13.0 in /src by @dependabot in https://github.com/actions/runner/pull/3719
|
||||
* Add copilot-instructions.md by @pje in https://github.com/actions/runner/pull/3810
|
||||
* Bump actions/upload-release-asset from 1.0.1 to 1.0.2 by @dependabot in https://github.com/actions/runner/pull/3553
|
||||
* Ignore exception during auth migration. by @TingluoHuang in https://github.com/actions/runner/pull/3835
|
||||
* feat: default fromPath for problem matchers by @dsanders11 in https://github.com/actions/runner/pull/3802
|
||||
* Bump Azure.Storage.Blobs from 12.23.0 to 12.24.0 in /src by @dependabot in https://github.com/actions/runner/pull/3837
|
||||
* Bump nodejs version. by @TingluoHuang in https://github.com/actions/runner/pull/3840
|
||||
* Feature-flagged support for `JobContext.CheckRunID` by @pje in https://github.com/actions/runner/pull/3811
|
||||
* Bump System.ServiceProcess.ServiceController from 8.0.0 to 8.0.1 in /src by @dependabot in https://github.com/actions/runner/pull/3844
|
||||
* Bump xunit.runner.visualstudio from 2.5.8 to 2.8.2 in /src by @dependabot in https://github.com/actions/runner/pull/3845
|
||||
* Make sure the token's claims are match as expected. by @TingluoHuang in https://github.com/actions/runner/pull/3846
|
||||
* Prefer _migrated config on startup by @lokesh755 in https://github.com/actions/runner/pull/3853
|
||||
* Update docker and buildx by @TingluoHuang in https://github.com/actions/runner/pull/3854
|
||||
|
||||
## New Contributors
|
||||
* @finaltrip made their first contribution in https://github.com/actions/runner/pull/3705
|
||||
* @Yaminyam made their first contribution in https://github.com/actions/runner/pull/3165
|
||||
* @Blizter made their first contribution in https://github.com/actions/runner/pull/3750
|
||||
* @GhadimiR made their first contribution in https://github.com/actions/runner/pull/3749
|
||||
* @tecimovic made their first contribution in https://github.com/actions/runner/pull/3595
|
||||
* @dsanders11 made their first contribution in https://github.com/actions/runner/pull/3802
|
||||
|
||||
**Full Changelog**: https://github.com/actions/runner/compare/v2.322.0...v2.323.0
|
||||
**Full Changelog**: https://github.com/actions/runner/compare/v2.323.0...v2.324.0
|
||||
|
||||
_Note: Actions Runner follows a progressive release policy, so the latest release might not be available to your enterprise, organization, or repository yet.
|
||||
To confirm which version of the Actions Runner you should expect, please view the download instructions for your enterprise, organization, or repository.
|
||||
|
||||
@@ -1 +1 @@
|
||||
<Update to ./src/runnerversion when creating release>
|
||||
2.324.0
|
||||
|
||||
@@ -6,7 +6,7 @@ NODE_URL=https://nodejs.org/dist
|
||||
NODE_ALPINE_URL=https://github.com/actions/alpine_nodejs/releases/download
|
||||
# When you update Node versions you must also create a new release of alpine_nodejs at that updated version.
|
||||
# Follow the instructions here: https://github.com/actions/alpine_nodejs?tab=readme-ov-file#getting-started
|
||||
NODE20_VERSION="20.19.0"
|
||||
NODE20_VERSION="20.19.1"
|
||||
|
||||
get_abs_path() {
|
||||
# exploits the fact that pwd will print abs path when no args
|
||||
|
||||
@@ -116,6 +116,7 @@ namespace GitHub.Runner.Common
|
||||
bool IsConfigured();
|
||||
bool IsServiceConfigured();
|
||||
bool HasCredentials();
|
||||
bool IsMigratedConfigured();
|
||||
CredentialData GetCredentials();
|
||||
CredentialData GetMigratedCredentials();
|
||||
RunnerSettings GetSettings();
|
||||
@@ -198,6 +199,14 @@ namespace GitHub.Runner.Common
|
||||
return serviceConfigured;
|
||||
}
|
||||
|
||||
public bool IsMigratedConfigured()
|
||||
{
|
||||
Trace.Info("IsMigratedConfigured()");
|
||||
bool configured = new FileInfo(_migratedConfigFilePath).Exists;
|
||||
Trace.Info("IsMigratedConfigured: {0}", configured);
|
||||
return configured;
|
||||
}
|
||||
|
||||
public CredentialData GetCredentials()
|
||||
{
|
||||
if (_creds == null)
|
||||
|
||||
@@ -155,6 +155,10 @@ namespace GitHub.Runner.Common
|
||||
public const int RunnerUpdating = 3;
|
||||
public const int RunOnceRunnerUpdating = 4;
|
||||
public const int SessionConflict = 5;
|
||||
// Temporary error code to indicate that the runner configuration has been refreshed
|
||||
// and the runner should be restarted. This is a temporary code and will be removed in the future after
|
||||
// the runner is migrated to runner admin.
|
||||
public const int RunnerConfigurationRefreshed = 6;
|
||||
}
|
||||
|
||||
public static class Features
|
||||
@@ -163,6 +167,7 @@ namespace GitHub.Runner.Common
|
||||
public static readonly string LogTemplateErrorsAsDebugMessages = "DistributedTask.LogTemplateErrorsAsDebugMessages";
|
||||
public static readonly string UseContainerPathForTemplate = "DistributedTask.UseContainerPathForTemplate";
|
||||
public static readonly string AllowRunnerContainerHooks = "DistributedTask.AllowRunnerContainerHooks";
|
||||
public static readonly string AddCheckRunIdToJobContext = "actions_add_check_run_id_to_job_context";
|
||||
}
|
||||
|
||||
public static readonly string InternalTelemetryIssueDataKey = "_internal_telemetry";
|
||||
|
||||
@@ -94,7 +94,9 @@ namespace GitHub.Runner.Common
|
||||
{
|
||||
CheckConnection();
|
||||
return RetryRequest<RenewJobResponse>(
|
||||
async () => await _runServiceHttpClient.RenewJobAsync(requestUri, planId, jobId, cancellationToken), cancellationToken);
|
||||
async () => await _runServiceHttpClient.RenewJobAsync(requestUri, planId, jobId, cancellationToken), cancellationToken,
|
||||
shouldRetry: ex =>
|
||||
ex is not TaskOrchestrationJobNotFoundException); // HTTP status 404
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -38,6 +38,19 @@ namespace GitHub.Runner.Listener
|
||||
private readonly TimeSpan _clockSkewRetryLimit = TimeSpan.FromMinutes(30);
|
||||
private bool _needRefreshCredsV2 = false;
|
||||
private bool _handlerInitialized = false;
|
||||
private bool _isMigratedSettings = false;
|
||||
private const int _maxMigratedSettingsRetries = 3;
|
||||
private int _migratedSettingsRetryCount = 0;
|
||||
|
||||
public BrokerMessageListener()
|
||||
{
|
||||
}
|
||||
|
||||
public BrokerMessageListener(RunnerSettings settings, bool isMigratedSettings = false)
|
||||
{
|
||||
_settings = settings;
|
||||
_isMigratedSettings = isMigratedSettings;
|
||||
}
|
||||
|
||||
public override void Initialize(IHostContext hostContext)
|
||||
{
|
||||
@@ -53,9 +66,22 @@ namespace GitHub.Runner.Listener
|
||||
{
|
||||
Trace.Entering();
|
||||
|
||||
// Settings
|
||||
var configManager = HostContext.GetService<IConfigurationManager>();
|
||||
_settings = configManager.LoadSettings();
|
||||
// Load settings if not provided through constructor
|
||||
if (_settings == null)
|
||||
{
|
||||
var configManager = HostContext.GetService<IConfigurationManager>();
|
||||
_settings = configManager.LoadSettings();
|
||||
Trace.Info("Settings loaded from config manager");
|
||||
}
|
||||
else
|
||||
{
|
||||
Trace.Info("Using provided settings");
|
||||
if (_isMigratedSettings)
|
||||
{
|
||||
Trace.Info("Using migrated settings from .runner_migrated");
|
||||
}
|
||||
}
|
||||
|
||||
var serverUrlV2 = _settings.ServerUrlV2;
|
||||
var serverUrl = _settings.ServerUrl;
|
||||
Trace.Info(_settings);
|
||||
@@ -141,7 +167,22 @@ namespace GitHub.Runner.Listener
|
||||
Trace.Error("Catch exception during create session.");
|
||||
Trace.Error(ex);
|
||||
|
||||
if (ex is VssOAuthTokenRequestException vssOAuthEx && _credsV2.Federated is VssOAuthCredential vssOAuthCred)
|
||||
// If using migrated settings, limit the number of retries before returning failure
|
||||
if (_isMigratedSettings)
|
||||
{
|
||||
_migratedSettingsRetryCount++;
|
||||
Trace.Warning($"Migrated settings retry {_migratedSettingsRetryCount} of {_maxMigratedSettingsRetries}");
|
||||
|
||||
if (_migratedSettingsRetryCount >= _maxMigratedSettingsRetries)
|
||||
{
|
||||
Trace.Warning("Reached maximum retry attempts for migrated settings. Returning failure to try default settings.");
|
||||
return CreateSessionResult.Failure;
|
||||
}
|
||||
}
|
||||
|
||||
if (!HostContext.AllowAuthMigration &&
|
||||
ex is VssOAuthTokenRequestException vssOAuthEx &&
|
||||
_credsV2.Federated is VssOAuthCredential vssOAuthCred)
|
||||
{
|
||||
// "invalid_client" means the runner registration has been deleted from the server.
|
||||
if (string.Equals(vssOAuthEx.Error, "invalid_client", StringComparison.OrdinalIgnoreCase))
|
||||
@@ -162,7 +203,8 @@ namespace GitHub.Runner.Listener
|
||||
}
|
||||
}
|
||||
|
||||
if (!IsSessionCreationExceptionRetriable(ex))
|
||||
if (!HostContext.AllowAuthMigration &&
|
||||
!IsSessionCreationExceptionRetriable(ex))
|
||||
{
|
||||
_term.WriteError($"Failed to create session. {ex.Message}");
|
||||
if (ex is TaskAgentSessionConflictException)
|
||||
@@ -283,11 +325,11 @@ namespace GitHub.Runner.Listener
|
||||
Trace.Info("Hosted runner has been deprovisioned.");
|
||||
throw;
|
||||
}
|
||||
catch (AccessDeniedException e) when (e.ErrorCode == 1)
|
||||
catch (AccessDeniedException e) when (e.ErrorCode == 1 && !HostContext.AllowAuthMigration)
|
||||
{
|
||||
throw;
|
||||
}
|
||||
catch (RunnerNotFoundException)
|
||||
catch (RunnerNotFoundException) when (!HostContext.AllowAuthMigration)
|
||||
{
|
||||
throw;
|
||||
}
|
||||
@@ -296,7 +338,8 @@ namespace GitHub.Runner.Listener
|
||||
Trace.Error("Catch exception during get next message.");
|
||||
Trace.Error(ex);
|
||||
|
||||
if (!IsGetNextMessageExceptionRetriable(ex))
|
||||
if (!HostContext.AllowAuthMigration &&
|
||||
!IsGetNextMessageExceptionRetriable(ex))
|
||||
{
|
||||
throw new NonRetryableException("Get next message failed with non-retryable error.", ex);
|
||||
}
|
||||
|
||||
@@ -25,6 +25,7 @@ namespace GitHub.Runner.Listener.Configuration
|
||||
Task UnconfigureAsync(CommandSettings command);
|
||||
void DeleteLocalRunnerConfig();
|
||||
RunnerSettings LoadSettings();
|
||||
RunnerSettings LoadMigratedSettings();
|
||||
}
|
||||
|
||||
public sealed class ConfigurationManager : RunnerService, IConfigurationManager
|
||||
@@ -66,6 +67,22 @@ namespace GitHub.Runner.Listener.Configuration
|
||||
return settings;
|
||||
}
|
||||
|
||||
public RunnerSettings LoadMigratedSettings()
|
||||
{
|
||||
Trace.Info(nameof(LoadMigratedSettings));
|
||||
|
||||
// Check if migrated settings file exists
|
||||
if (!_store.IsMigratedConfigured())
|
||||
{
|
||||
throw new NonRetryableException("No migrated configuration found.");
|
||||
}
|
||||
|
||||
RunnerSettings settings = _store.GetMigratedSettings();
|
||||
Trace.Info("Migrated Settings Loaded");
|
||||
|
||||
return settings;
|
||||
}
|
||||
|
||||
public async Task ConfigureAsync(CommandSettings command)
|
||||
{
|
||||
_term.WriteLine();
|
||||
|
||||
@@ -315,11 +315,11 @@ namespace GitHub.Runner.Listener
|
||||
Trace.Info("Hosted runner has been deprovisioned.");
|
||||
throw;
|
||||
}
|
||||
catch (AccessDeniedException e) when (e.ErrorCode == 1)
|
||||
catch (AccessDeniedException e) when (e.ErrorCode == 1 && !HostContext.AllowAuthMigration)
|
||||
{
|
||||
throw;
|
||||
}
|
||||
catch (RunnerNotFoundException)
|
||||
catch (RunnerNotFoundException) when (!HostContext.AllowAuthMigration)
|
||||
{
|
||||
throw;
|
||||
}
|
||||
@@ -333,11 +333,14 @@ namespace GitHub.Runner.Listener
|
||||
message = null;
|
||||
|
||||
// don't retry if SkipSessionRecover = true, DT service will delete agent session to stop agent from taking more jobs.
|
||||
if (ex is TaskAgentSessionExpiredException && !_settings.SkipSessionRecover && (await CreateSessionAsync(token) == CreateSessionResult.Success))
|
||||
if (!HostContext.AllowAuthMigration &&
|
||||
ex is TaskAgentSessionExpiredException &&
|
||||
!_settings.SkipSessionRecover && (await CreateSessionAsync(token) == CreateSessionResult.Success))
|
||||
{
|
||||
Trace.Info($"{nameof(TaskAgentSessionExpiredException)} received, recovered by recreate session.");
|
||||
}
|
||||
else if (!IsGetNextMessageExceptionRetriable(ex))
|
||||
else if (!HostContext.AllowAuthMigration &&
|
||||
!IsGetNextMessageExceptionRetriable(ex))
|
||||
{
|
||||
throw;
|
||||
}
|
||||
|
||||
@@ -23,7 +23,7 @@
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
|
||||
<PackageReference Include="System.IO.FileSystem.AccessControl" Version="5.0.0" />
|
||||
<PackageReference Include="System.Security.Cryptography.ProtectedData" Version="8.0.0" />
|
||||
<PackageReference Include="System.ServiceProcess.ServiceController" Version="8.0.0" />
|
||||
<PackageReference Include="System.ServiceProcess.ServiceController" Version="8.0.1" />
|
||||
</ItemGroup>
|
||||
|
||||
<PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
|
||||
|
||||
@@ -6,6 +6,7 @@ using System.Linq;
|
||||
using System.Reflection;
|
||||
using System.Runtime.CompilerServices;
|
||||
using System.Security.Cryptography;
|
||||
using System.Security.Claims;
|
||||
using System.Text;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
@@ -15,7 +16,9 @@ using GitHub.Runner.Common.Util;
|
||||
using GitHub.Runner.Listener.Check;
|
||||
using GitHub.Runner.Listener.Configuration;
|
||||
using GitHub.Runner.Sdk;
|
||||
using GitHub.Services.OAuth;
|
||||
using GitHub.Services.WebApi;
|
||||
using GitHub.Services.WebApi.Jwt;
|
||||
using Pipelines = GitHub.DistributedTask.Pipelines;
|
||||
|
||||
namespace GitHub.Runner.Listener
|
||||
@@ -35,8 +38,11 @@ namespace GitHub.Runner.Listener
|
||||
private readonly ConcurrentQueue<string> _authMigrationTelemetries = new();
|
||||
private Task _authMigrationTelemetryTask;
|
||||
private readonly object _authMigrationTelemetryLock = new();
|
||||
private Task _authMigrationClaimsCheckTask;
|
||||
private readonly object _authMigrationClaimsCheckLock = new();
|
||||
private IRunnerServer _runnerServer;
|
||||
private CancellationTokenSource _authMigrationTelemetryTokenSource = new();
|
||||
private CancellationTokenSource _authMigrationClaimsCheckTokenSource = new();
|
||||
|
||||
// <summary>
|
||||
// Helps avoid excessive calls to Run Service when encountering non-retriable errors from /acquirejob.
|
||||
@@ -319,7 +325,7 @@ namespace GitHub.Runner.Listener
|
||||
}
|
||||
|
||||
// Run the runner interactively or as service
|
||||
return await RunAsync(settings, command.RunOnce || settings.Ephemeral);
|
||||
return await ExecuteRunnerAsync(settings, command.RunOnce || settings.Ephemeral);
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -329,6 +335,7 @@ namespace GitHub.Runner.Listener
|
||||
}
|
||||
finally
|
||||
{
|
||||
_authMigrationClaimsCheckTokenSource?.Cancel();
|
||||
_authMigrationTelemetryTokenSource?.Cancel();
|
||||
HostContext.AuthMigrationChanged -= HandleAuthMigrationChanged;
|
||||
_term.CancelKeyPress -= CtrlCHandler;
|
||||
@@ -380,12 +387,12 @@ namespace GitHub.Runner.Listener
|
||||
}
|
||||
}
|
||||
|
||||
private IMessageListener GetMessageListener(RunnerSettings settings)
|
||||
private IMessageListener GetMessageListener(RunnerSettings settings, bool isMigratedSettings = false)
|
||||
{
|
||||
if (settings.UseV2Flow)
|
||||
{
|
||||
Trace.Info($"Using BrokerMessageListener");
|
||||
var brokerListener = new BrokerMessageListener();
|
||||
var brokerListener = new BrokerMessageListener(settings, isMigratedSettings);
|
||||
brokerListener.Initialize(HostContext);
|
||||
return brokerListener;
|
||||
}
|
||||
@@ -399,15 +406,65 @@ namespace GitHub.Runner.Listener
|
||||
try
|
||||
{
|
||||
Trace.Info(nameof(RunAsync));
|
||||
_listener = GetMessageListener(settings);
|
||||
CreateSessionResult createSessionResult = await _listener.CreateSessionAsync(HostContext.RunnerShutdownToken);
|
||||
if (createSessionResult == CreateSessionResult.SessionConflict)
|
||||
|
||||
// First try using migrated settings if available
|
||||
var configManager = HostContext.GetService<IConfigurationManager>();
|
||||
RunnerSettings migratedSettings = null;
|
||||
|
||||
try
|
||||
{
|
||||
return Constants.Runner.ReturnCode.SessionConflict;
|
||||
migratedSettings = configManager.LoadMigratedSettings();
|
||||
Trace.Info("Loaded migrated settings from .runner_migrated file");
|
||||
Trace.Info(migratedSettings);
|
||||
}
|
||||
else if (createSessionResult == CreateSessionResult.Failure)
|
||||
catch (Exception ex)
|
||||
{
|
||||
return Constants.Runner.ReturnCode.TerminatedError;
|
||||
// If migrated settings file doesn't exist or can't be loaded, we'll use the provided settings
|
||||
Trace.Info($"Failed to load migrated settings: {ex.Message}");
|
||||
}
|
||||
|
||||
bool usedMigratedSettings = false;
|
||||
|
||||
if (migratedSettings != null)
|
||||
{
|
||||
// Try to create session with migrated settings first
|
||||
Trace.Info("Attempting to create session using migrated settings");
|
||||
_listener = GetMessageListener(migratedSettings, isMigratedSettings: true);
|
||||
|
||||
try
|
||||
{
|
||||
CreateSessionResult createSessionResult = await _listener.CreateSessionAsync(HostContext.RunnerShutdownToken);
|
||||
if (createSessionResult == CreateSessionResult.Success)
|
||||
{
|
||||
Trace.Info("Successfully created session with migrated settings");
|
||||
settings = migratedSettings; // Use migrated settings for the rest of the process
|
||||
usedMigratedSettings = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
Trace.Warning($"Failed to create session with migrated settings: {createSessionResult}");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Trace.Error($"Exception when creating session with migrated settings: {ex}");
|
||||
}
|
||||
}
|
||||
|
||||
// If migrated settings weren't used or session creation failed, use original settings
|
||||
if (!usedMigratedSettings)
|
||||
{
|
||||
Trace.Info("Falling back to original .runner settings");
|
||||
_listener = GetMessageListener(settings);
|
||||
CreateSessionResult createSessionResult = await _listener.CreateSessionAsync(HostContext.RunnerShutdownToken);
|
||||
if (createSessionResult == CreateSessionResult.SessionConflict)
|
||||
{
|
||||
return Constants.Runner.ReturnCode.SessionConflict;
|
||||
}
|
||||
else if (createSessionResult == CreateSessionResult.Failure)
|
||||
{
|
||||
return Constants.Runner.ReturnCode.TerminatedError;
|
||||
}
|
||||
}
|
||||
|
||||
HostContext.WritePerfCounter("SessionCreated");
|
||||
@@ -421,6 +478,8 @@ namespace GitHub.Runner.Listener
|
||||
// Should we try to cleanup ephemeral runners
|
||||
bool runOnceJobCompleted = false;
|
||||
bool skipSessionDeletion = false;
|
||||
bool restartSession = false; // Flag to indicate session restart
|
||||
bool restartSessionPending = false;
|
||||
try
|
||||
{
|
||||
var notification = HostContext.GetService<IJobNotification>();
|
||||
@@ -436,6 +495,15 @@ namespace GitHub.Runner.Listener
|
||||
|
||||
while (!HostContext.RunnerShutdownToken.IsCancellationRequested)
|
||||
{
|
||||
// Check if we need to restart the session and can do so (job dispatcher not busy)
|
||||
if (restartSessionPending && !jobDispatcher.Busy)
|
||||
{
|
||||
Trace.Info("Pending session restart detected and job dispatcher is not busy. Restarting session now.");
|
||||
messageQueueLoopTokenSource.Cancel();
|
||||
restartSession = true;
|
||||
break;
|
||||
}
|
||||
|
||||
TaskAgentMessage message = null;
|
||||
bool skipMessageDeletion = false;
|
||||
try
|
||||
@@ -672,6 +740,17 @@ namespace GitHub.Runner.Listener
|
||||
configType: runnerRefreshConfigMessage.ConfigType,
|
||||
serviceType: runnerRefreshConfigMessage.ServiceType,
|
||||
configRefreshUrl: runnerRefreshConfigMessage.ConfigRefreshUrl);
|
||||
|
||||
// Set flag to schedule session restart if ConfigType is "runner"
|
||||
if (string.Equals(runnerRefreshConfigMessage.ConfigType, "runner", StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
Trace.Info("Runner configuration was updated. Session restart has been scheduled");
|
||||
restartSessionPending = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
Trace.Info($"No session restart needed for config type: {runnerRefreshConfigMessage.ConfigType}");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -726,10 +805,16 @@ namespace GitHub.Runner.Listener
|
||||
|
||||
if (settings.Ephemeral && runOnceJobCompleted)
|
||||
{
|
||||
var configManager = HostContext.GetService<IConfigurationManager>();
|
||||
configManager.DeleteLocalRunnerConfig();
|
||||
}
|
||||
}
|
||||
|
||||
// After cleanup, check if we need to restart the session
|
||||
if (restartSession)
|
||||
{
|
||||
Trace.Info("Restarting runner session after config update...");
|
||||
return Constants.Runner.ReturnCode.RunnerConfigurationRefreshed;
|
||||
}
|
||||
}
|
||||
catch (TaskAgentAccessTokenExpiredException)
|
||||
{
|
||||
@@ -743,6 +828,28 @@ namespace GitHub.Runner.Listener
|
||||
return Constants.Runner.ReturnCode.Success;
|
||||
}
|
||||
|
||||
private async Task<int> ExecuteRunnerAsync(RunnerSettings settings, bool runOnce)
|
||||
{
|
||||
int returnCode = Constants.Runner.ReturnCode.Success;
|
||||
bool restart = false;
|
||||
do
|
||||
{
|
||||
restart = false;
|
||||
returnCode = await RunAsync(settings, runOnce);
|
||||
|
||||
if (returnCode == Constants.Runner.ReturnCode.RunnerConfigurationRefreshed)
|
||||
{
|
||||
Trace.Info("Runner configuration was refreshed, restarting session...");
|
||||
// Reload settings in case they changed
|
||||
var configManager = HostContext.GetService<IConfigurationManager>();
|
||||
settings = configManager.LoadSettings();
|
||||
restart = true;
|
||||
}
|
||||
} while (restart);
|
||||
|
||||
return returnCode;
|
||||
}
|
||||
|
||||
private void HandleAuthMigrationChanged(object sender, AuthMigrationEventArgs e)
|
||||
{
|
||||
Trace.Verbose("Handle AuthMigrationChanged in Runner");
|
||||
@@ -756,6 +863,131 @@ namespace GitHub.Runner.Listener
|
||||
_authMigrationTelemetryTask = ReportAuthMigrationTelemetryAsync(_authMigrationTelemetryTokenSource.Token);
|
||||
}
|
||||
}
|
||||
|
||||
// only start the claims check task once auth migration is changed (enabled or disabled)
|
||||
lock (_authMigrationClaimsCheckLock)
|
||||
{
|
||||
if (_authMigrationClaimsCheckTask == null)
|
||||
{
|
||||
_authMigrationClaimsCheckTask = CheckOAuthTokenClaimsAsync(_authMigrationClaimsCheckTokenSource.Token);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private async Task CheckOAuthTokenClaimsAsync(CancellationToken token)
|
||||
{
|
||||
string[] expectedClaims =
|
||||
[
|
||||
"owner_id",
|
||||
"runner_id",
|
||||
"runner_group_id",
|
||||
"scale_set_id",
|
||||
"is_ephemeral",
|
||||
"labels"
|
||||
];
|
||||
|
||||
try
|
||||
{
|
||||
var credMgr = HostContext.GetService<ICredentialManager>();
|
||||
while (!token.IsCancellationRequested)
|
||||
{
|
||||
try
|
||||
{
|
||||
await HostContext.Delay(TimeSpan.FromMinutes(100), token);
|
||||
}
|
||||
catch (TaskCanceledException)
|
||||
{
|
||||
// Ignore cancellation
|
||||
}
|
||||
|
||||
if (token.IsCancellationRequested)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
if (!HostContext.AllowAuthMigration)
|
||||
{
|
||||
Trace.Info("Skip checking oauth token claims since auth migration is disabled.");
|
||||
continue;
|
||||
}
|
||||
|
||||
var baselineCred = credMgr.LoadCredentials(allowAuthUrlV2: false);
|
||||
var authV2Cred = credMgr.LoadCredentials(allowAuthUrlV2: true);
|
||||
|
||||
if (!(baselineCred.Federated is VssOAuthCredential baselineVssOAuthCred) ||
|
||||
!(authV2Cred.Federated is VssOAuthCredential vssOAuthCredV2) ||
|
||||
baselineVssOAuthCred == null ||
|
||||
vssOAuthCredV2 == null)
|
||||
{
|
||||
Trace.Info("Skip checking oauth token claims for non-oauth credentials");
|
||||
continue;
|
||||
}
|
||||
|
||||
if (string.Equals(baselineVssOAuthCred.AuthorizationUrl.AbsoluteUri, vssOAuthCredV2.AuthorizationUrl.AbsoluteUri, StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
Trace.Info("Skip checking oauth token claims for same authorization url");
|
||||
continue;
|
||||
}
|
||||
|
||||
var baselineProvider = baselineVssOAuthCred.GetTokenProvider(baselineVssOAuthCred.AuthorizationUrl);
|
||||
var v2Provider = vssOAuthCredV2.GetTokenProvider(vssOAuthCredV2.AuthorizationUrl);
|
||||
try
|
||||
{
|
||||
using (var timeoutTokenSource = new CancellationTokenSource(TimeSpan.FromSeconds(30)))
|
||||
using (var requestTokenSource = CancellationTokenSource.CreateLinkedTokenSource(token, timeoutTokenSource.Token))
|
||||
{
|
||||
var baselineToken = await baselineProvider.GetTokenAsync(null, requestTokenSource.Token);
|
||||
var v2Token = await v2Provider.GetTokenAsync(null, requestTokenSource.Token);
|
||||
if (baselineToken is VssOAuthAccessToken baselineAccessToken &&
|
||||
v2Token is VssOAuthAccessToken v2AccessToken &&
|
||||
!string.IsNullOrEmpty(baselineAccessToken.Value) &&
|
||||
!string.IsNullOrEmpty(v2AccessToken.Value))
|
||||
{
|
||||
var baselineJwt = JsonWebToken.Create(baselineAccessToken.Value);
|
||||
var baselineClaims = baselineJwt.ExtractClaims();
|
||||
var v2Jwt = JsonWebToken.Create(v2AccessToken.Value);
|
||||
var v2Claims = v2Jwt.ExtractClaims();
|
||||
|
||||
// Log extracted claims for debugging
|
||||
Trace.Verbose($"Baseline token expected claims: {string.Join(", ", baselineClaims
|
||||
.Where(c => expectedClaims.Contains(c.Type.ToLowerInvariant()))
|
||||
.Select(c => $"{c.Type}:{c.Value}"))}");
|
||||
Trace.Verbose($"V2 token expected claims: {string.Join(", ", v2Claims
|
||||
.Where(c => expectedClaims.Contains(c.Type.ToLowerInvariant()))
|
||||
.Select(c => $"{c.Type}:{c.Value}"))}");
|
||||
|
||||
foreach (var claim in expectedClaims)
|
||||
{
|
||||
// if baseline has the claim, v2 should have it too with exactly same value.
|
||||
if (baselineClaims.FirstOrDefault(c => c.Type.ToLowerInvariant() == claim) is Claim baselineClaim &&
|
||||
!string.IsNullOrEmpty(baselineClaim?.Value))
|
||||
{
|
||||
var v2Claim = v2Claims.FirstOrDefault(c => c.Type.ToLowerInvariant() == claim);
|
||||
if (v2Claim?.Value != baselineClaim.Value)
|
||||
{
|
||||
Trace.Info($"Token Claim mismatch between two issuers. Expected: {baselineClaim.Type}:{baselineClaim.Value}. Actual: {v2Claim?.Type ?? "Empty"}:{v2Claim?.Value ?? "Empty"}");
|
||||
HostContext.DeferAuthMigration(TimeSpan.FromMinutes(60), $"Expected claim {baselineClaim.Type}:{baselineClaim.Value} does not match {v2Claim?.Type ?? "Empty"}:{v2Claim?.Value ?? "Empty"}");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Trace.Info("OAuth token claims check passed.");
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Trace.Error("Failed to fetch and check OAuth token claims.");
|
||||
Trace.Error(ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Trace.Error("Failed to check OAuth token claims in background.");
|
||||
Trace.Error(ex);
|
||||
}
|
||||
}
|
||||
|
||||
private async Task ReportAuthMigrationTelemetryAsync(CancellationToken token)
|
||||
|
||||
@@ -862,7 +862,21 @@ namespace GitHub.Runner.Worker
|
||||
|
||||
ExpressionValues["secrets"] = Global.Variables.ToSecretsContext();
|
||||
ExpressionValues["runner"] = new RunnerContext();
|
||||
ExpressionValues["job"] = new JobContext();
|
||||
|
||||
Trace.Info("Initializing Job context");
|
||||
var jobContext = new JobContext();
|
||||
if (Global.Variables.GetBoolean(Constants.Runner.Features.AddCheckRunIdToJobContext) ?? false)
|
||||
{
|
||||
ExpressionValues.TryGetValue("job", out var jobDictionary);
|
||||
if (jobDictionary != null)
|
||||
{
|
||||
foreach (var pair in jobDictionary.AssertDictionary("job"))
|
||||
{
|
||||
jobContext[pair.Key] = pair.Value;
|
||||
}
|
||||
}
|
||||
}
|
||||
ExpressionValues["job"] = jobContext;
|
||||
|
||||
Trace.Info("Initialize GitHub context");
|
||||
var githubAccessToken = new StringContextData(Global.Variables.Get("system.github.token"));
|
||||
|
||||
@@ -21,6 +21,7 @@ namespace GitHub.Runner.Worker
|
||||
public sealed class IssueMatcher
|
||||
{
|
||||
private string _defaultSeverity;
|
||||
private string _defaultFromPath;
|
||||
private string _owner;
|
||||
private IssuePattern[] _patterns;
|
||||
private IssueMatch[] _state;
|
||||
@@ -29,6 +30,7 @@ namespace GitHub.Runner.Worker
|
||||
{
|
||||
_owner = config.Owner;
|
||||
_defaultSeverity = config.Severity;
|
||||
_defaultFromPath = config.FromPath;
|
||||
_patterns = config.Patterns.Select(x => new IssuePattern(x, timeout)).ToArray();
|
||||
Reset();
|
||||
}
|
||||
@@ -59,6 +61,19 @@ namespace GitHub.Runner.Worker
|
||||
}
|
||||
}
|
||||
|
||||
public string DefaultFromPath
|
||||
{
|
||||
get
|
||||
{
|
||||
if (_defaultFromPath == null)
|
||||
{
|
||||
_defaultFromPath = string.Empty;
|
||||
}
|
||||
|
||||
return _defaultFromPath;
|
||||
}
|
||||
}
|
||||
|
||||
public IssueMatch Match(string line)
|
||||
{
|
||||
// Single pattern
|
||||
@@ -69,7 +84,7 @@ namespace GitHub.Runner.Worker
|
||||
|
||||
if (regexMatch.Success)
|
||||
{
|
||||
return new IssueMatch(null, pattern, regexMatch.Groups, DefaultSeverity);
|
||||
return new IssueMatch(null, pattern, regexMatch.Groups, DefaultSeverity, DefaultFromPath);
|
||||
}
|
||||
|
||||
return null;
|
||||
@@ -110,7 +125,7 @@ namespace GitHub.Runner.Worker
|
||||
}
|
||||
|
||||
// Return
|
||||
return new IssueMatch(runningMatch, pattern, regexMatch.Groups, DefaultSeverity);
|
||||
return new IssueMatch(runningMatch, pattern, regexMatch.Groups, DefaultSeverity, DefaultFromPath);
|
||||
}
|
||||
// Not the last pattern
|
||||
else
|
||||
@@ -184,7 +199,7 @@ namespace GitHub.Runner.Worker
|
||||
|
||||
public sealed class IssueMatch
|
||||
{
|
||||
public IssueMatch(IssueMatch runningMatch, IssuePattern pattern, GroupCollection groups, string defaultSeverity = null)
|
||||
public IssueMatch(IssueMatch runningMatch, IssuePattern pattern, GroupCollection groups, string defaultSeverity = null, string defaultFromPath = null)
|
||||
{
|
||||
File = runningMatch?.File ?? GetValue(groups, pattern.File);
|
||||
Line = runningMatch?.Line ?? GetValue(groups, pattern.Line);
|
||||
@@ -198,6 +213,11 @@ namespace GitHub.Runner.Worker
|
||||
{
|
||||
Severity = defaultSeverity;
|
||||
}
|
||||
|
||||
if (string.IsNullOrEmpty(FromPath) && !string.IsNullOrEmpty(defaultFromPath))
|
||||
{
|
||||
FromPath = defaultFromPath;
|
||||
}
|
||||
}
|
||||
|
||||
public string File { get; }
|
||||
@@ -282,6 +302,9 @@ namespace GitHub.Runner.Worker
|
||||
[DataMember(Name = "pattern")]
|
||||
private IssuePatternConfig[] _patterns;
|
||||
|
||||
[DataMember(Name = "fromPath")]
|
||||
private string _fromPath;
|
||||
|
||||
public string Owner
|
||||
{
|
||||
get
|
||||
@@ -318,6 +341,24 @@ namespace GitHub.Runner.Worker
|
||||
}
|
||||
}
|
||||
|
||||
public string FromPath
|
||||
{
|
||||
get
|
||||
{
|
||||
if (_fromPath == null)
|
||||
{
|
||||
_fromPath = string.Empty;
|
||||
}
|
||||
|
||||
return _fromPath;
|
||||
}
|
||||
|
||||
set
|
||||
{
|
||||
_fromPath = value;
|
||||
}
|
||||
}
|
||||
|
||||
public IssuePatternConfig[] Patterns
|
||||
{
|
||||
get
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using GitHub.DistributedTask.Pipelines.ContextData;
|
||||
using GitHub.DistributedTask.Pipelines.ContextData;
|
||||
using GitHub.Runner.Common.Util;
|
||||
using GitHub.Runner.Common;
|
||||
|
||||
@@ -56,5 +56,31 @@ namespace GitHub.Runner.Worker
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public double? CheckRunId
|
||||
{
|
||||
get
|
||||
{
|
||||
if (this.TryGetValue("check_run_id", out var value) && value is NumberContextData number)
|
||||
{
|
||||
return number.Value;
|
||||
}
|
||||
else
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
set
|
||||
{
|
||||
if (value.HasValue)
|
||||
{
|
||||
this["check_run_id"] = new NumberContextData(value.Value);
|
||||
}
|
||||
else
|
||||
{
|
||||
this["check_run_id"] = null;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="System.Security.Cryptography.ProtectedData" Version="8.0.0" />
|
||||
<PackageReference Include="System.ServiceProcess.ServiceController" Version="8.0.0" />
|
||||
<PackageReference Include="System.ServiceProcess.ServiceController" Version="8.0.1" />
|
||||
<PackageReference Include="System.Threading.Channels" Version="8.0.0" />
|
||||
<PackageReference Include="YamlDotNet.Signed" Version="5.3.0" />
|
||||
</ItemGroup>
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Azure.Storage.Blobs" Version="12.23.0" />
|
||||
<PackageReference Include="Azure.Storage.Blobs" Version="12.24.0" />
|
||||
<PackageReference Include="Microsoft.Win32.Registry" Version="5.0.0" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
|
||||
<PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="6.0.0" />
|
||||
|
||||
@@ -363,6 +363,49 @@ namespace GitHub.Runner.Common.Tests.Listener
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Runner")]
|
||||
public async Task CreatesSessionWithProvidedSettings()
|
||||
{
|
||||
using (TestHostContext tc = CreateTestContext())
|
||||
using (var tokenSource = new CancellationTokenSource())
|
||||
{
|
||||
Tracing trace = tc.GetTrace();
|
||||
|
||||
// Arrange.
|
||||
var expectedSession = new TaskAgentSession();
|
||||
_brokerServer
|
||||
.Setup(x => x.CreateSessionAsync(
|
||||
It.Is<TaskAgentSession>(y => y != null),
|
||||
tokenSource.Token))
|
||||
.Returns(Task.FromResult(expectedSession));
|
||||
|
||||
_credMgr.Setup(x => x.LoadCredentials(true)).Returns(new VssCredentials());
|
||||
|
||||
// Make sure the config is never called when settings are provided
|
||||
_config.Setup(x => x.LoadSettings()).Throws(new InvalidOperationException("Should not be called"));
|
||||
|
||||
// Act.
|
||||
// Use the constructor that accepts settings
|
||||
BrokerMessageListener listener = new(_settings);
|
||||
listener.Initialize(tc);
|
||||
|
||||
CreateSessionResult result = await listener.CreateSessionAsync(tokenSource.Token);
|
||||
trace.Info("result: {0}", result);
|
||||
|
||||
// Assert.
|
||||
Assert.Equal(CreateSessionResult.Success, result);
|
||||
_brokerServer
|
||||
.Verify(x => x.CreateSessionAsync(
|
||||
It.Is<TaskAgentSession>(y => y != null),
|
||||
tokenSource.Token), Times.Once());
|
||||
|
||||
// Verify LoadSettings was never called
|
||||
_config.Verify(x => x.LoadSettings(), Times.Never());
|
||||
}
|
||||
}
|
||||
|
||||
private TestHostContext CreateTestContext([CallerMemberName] String testName = "")
|
||||
{
|
||||
TestHostContext tc = new(this, testName);
|
||||
|
||||
@@ -1168,6 +1168,77 @@ namespace GitHub.Runner.Common.Tests.Worker
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
public void InitializeJob_HydratesJobContextWithCheckRunId()
|
||||
{
|
||||
using (TestHostContext hc = CreateTestContext())
|
||||
{
|
||||
// Arrange: Create a job request message and make sure the feature flag is enabled
|
||||
var variables = new Dictionary<string, VariableValue>()
|
||||
{
|
||||
[Constants.Runner.Features.AddCheckRunIdToJobContext] = new VariableValue("true"),
|
||||
};
|
||||
var jobRequest = new Pipelines.AgentJobRequestMessage(new TaskOrchestrationPlanReference(), new TimelineReference(), Guid.NewGuid(), "some job name", "some job name", null, null, null, variables, new List<MaskHint>(), new Pipelines.JobResources(), new Pipelines.ContextData.DictionaryContextData(), new Pipelines.WorkspaceOptions(), new List<Pipelines.ActionStep>(), null, null, null, null, null);
|
||||
var pagingLogger = new Moq.Mock<IPagingLogger>();
|
||||
var jobServerQueue = new Moq.Mock<IJobServerQueue>();
|
||||
hc.EnqueueInstance(pagingLogger.Object);
|
||||
hc.SetSingleton(jobServerQueue.Object);
|
||||
var ec = new Runner.Worker.ExecutionContext();
|
||||
ec.Initialize(hc);
|
||||
|
||||
// Arrange: Add check_run_id to the job context
|
||||
var jobContext = new Pipelines.ContextData.DictionaryContextData();
|
||||
jobContext["check_run_id"] = new NumberContextData(123456);
|
||||
jobRequest.ContextData["job"] = jobContext;
|
||||
jobRequest.ContextData["github"] = new Pipelines.ContextData.DictionaryContextData();
|
||||
|
||||
// Act
|
||||
ec.InitializeJob(jobRequest, CancellationToken.None);
|
||||
|
||||
// Assert
|
||||
Assert.NotNull(ec.JobContext);
|
||||
Assert.Equal(123456, ec.JobContext.CheckRunId);
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: this test can be deleted when `AddCheckRunIdToJobContext` is fully rolled out
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
public void InitializeJob_HydratesJobContextWithCheckRunId_FeatureFlagDisabled()
|
||||
{
|
||||
using (TestHostContext hc = CreateTestContext())
|
||||
{
|
||||
// Arrange: Create a job request message and make sure the feature flag is disabled
|
||||
var variables = new Dictionary<string, VariableValue>()
|
||||
{
|
||||
[Constants.Runner.Features.AddCheckRunIdToJobContext] = new VariableValue("false"),
|
||||
};
|
||||
var jobRequest = new Pipelines.AgentJobRequestMessage(new TaskOrchestrationPlanReference(), new TimelineReference(), Guid.NewGuid(), "some job name", "some job name", null, null, null, variables, new List<MaskHint>(), new Pipelines.JobResources(), new Pipelines.ContextData.DictionaryContextData(), new Pipelines.WorkspaceOptions(), new List<Pipelines.ActionStep>(), null, null, null, null, null);
|
||||
var pagingLogger = new Moq.Mock<IPagingLogger>();
|
||||
var jobServerQueue = new Moq.Mock<IJobServerQueue>();
|
||||
hc.EnqueueInstance(pagingLogger.Object);
|
||||
hc.SetSingleton(jobServerQueue.Object);
|
||||
var ec = new Runner.Worker.ExecutionContext();
|
||||
ec.Initialize(hc);
|
||||
|
||||
// Arrange: Add check_run_id to the job context
|
||||
var jobContext = new Pipelines.ContextData.DictionaryContextData();
|
||||
jobContext["check_run_id"] = new NumberContextData(123456);
|
||||
jobRequest.ContextData["job"] = jobContext;
|
||||
jobRequest.ContextData["github"] = new Pipelines.ContextData.DictionaryContextData();
|
||||
|
||||
// Act
|
||||
ec.InitializeJob(jobRequest, CancellationToken.None);
|
||||
|
||||
// Assert
|
||||
Assert.NotNull(ec.JobContext);
|
||||
Assert.Null(ec.JobContext.CheckRunId); // with the feature flag disabled we should not have added a CheckRunId to the JobContext
|
||||
}
|
||||
}
|
||||
|
||||
private bool ExpressionValuesAssertEqual(DictionaryContextData expect, DictionaryContextData actual)
|
||||
{
|
||||
foreach (var key in expect.Keys.ToList())
|
||||
|
||||
@@ -896,5 +896,173 @@ namespace GitHub.Runner.Common.Tests.Worker
|
||||
Assert.Equal("not-working", match.Message);
|
||||
Assert.Equal("my-project.proj", match.FromPath);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
public void Matcher_SinglePattern_DefaultFromPath()
|
||||
{
|
||||
var config = JsonUtility.FromString<IssueMatchersConfig>(@"
|
||||
{
|
||||
""problemMatcher"": [
|
||||
{
|
||||
""owner"": ""myMatcher"",
|
||||
""fromPath"": ""subdir/default-project.csproj"",
|
||||
""pattern"": [
|
||||
{
|
||||
""regexp"": ""^file:(.+) line:(.+) column:(.+) severity:(.+) code:(.+) message:(.+)$"",
|
||||
""file"": 1,
|
||||
""line"": 2,
|
||||
""column"": 3,
|
||||
""severity"": 4,
|
||||
""code"": 5,
|
||||
""message"": 6
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
");
|
||||
config.Validate();
|
||||
var matcher = new IssueMatcher(config.Matchers[0], TimeSpan.FromSeconds(1));
|
||||
|
||||
var match = matcher.Match("file:my-file.cs line:123 column:45 severity:real-bad code:uh-oh message:not-working");
|
||||
Assert.Equal("my-file.cs", match.File);
|
||||
Assert.Equal("123", match.Line);
|
||||
Assert.Equal("45", match.Column);
|
||||
Assert.Equal("real-bad", match.Severity);
|
||||
Assert.Equal("uh-oh", match.Code);
|
||||
Assert.Equal("not-working", match.Message);
|
||||
Assert.Equal("subdir/default-project.csproj", match.FromPath);
|
||||
|
||||
// Test that a pattern-specific fromPath overrides the default
|
||||
config = JsonUtility.FromString<IssueMatchersConfig>(@"
|
||||
{
|
||||
""problemMatcher"": [
|
||||
{
|
||||
""owner"": ""myMatcher"",
|
||||
""fromPath"": ""subdir/default-project.csproj"",
|
||||
""pattern"": [
|
||||
{
|
||||
""regexp"": ""^file:(.+) line:(.+) column:(.+) severity:(.+) code:(.+) message:(.+) fromPath:(.+)$"",
|
||||
""file"": 1,
|
||||
""line"": 2,
|
||||
""column"": 3,
|
||||
""severity"": 4,
|
||||
""code"": 5,
|
||||
""message"": 6,
|
||||
""fromPath"": 7
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
");
|
||||
config.Validate();
|
||||
matcher = new IssueMatcher(config.Matchers[0], TimeSpan.FromSeconds(1));
|
||||
|
||||
match = matcher.Match("file:my-file.cs line:123 column:45 severity:real-bad code:uh-oh message:not-working fromPath:my-project.proj");
|
||||
Assert.Equal("my-file.cs", match.File);
|
||||
Assert.Equal("123", match.Line);
|
||||
Assert.Equal("45", match.Column);
|
||||
Assert.Equal("real-bad", match.Severity);
|
||||
Assert.Equal("uh-oh", match.Code);
|
||||
Assert.Equal("not-working", match.Message);
|
||||
Assert.Equal("my-project.proj", match.FromPath);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
public void Matcher_MultiplePatterns_DefaultFromPath()
|
||||
{
|
||||
var config = JsonUtility.FromString<IssueMatchersConfig>(@"
|
||||
{
|
||||
""problemMatcher"": [
|
||||
{
|
||||
""owner"": ""myMatcher"",
|
||||
""fromPath"": ""subdir/default-project.csproj"",
|
||||
""pattern"": [
|
||||
{
|
||||
""regexp"": ""^file:(.+)$"",
|
||||
""file"": 1,
|
||||
},
|
||||
{
|
||||
""regexp"": ""^severity:(.+)$"",
|
||||
""severity"": 1
|
||||
},
|
||||
{
|
||||
""regexp"": ""^line:(.+) column:(.+) code:(.+) message:(.+)$"",
|
||||
""line"": 1,
|
||||
""column"": 2,
|
||||
""code"": 3,
|
||||
""message"": 4
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
");
|
||||
config.Validate();
|
||||
var matcher = new IssueMatcher(config.Matchers[0], TimeSpan.FromSeconds(1));
|
||||
|
||||
var match = matcher.Match("file:my-file.cs");
|
||||
Assert.Null(match);
|
||||
match = matcher.Match("severity:real-bad");
|
||||
Assert.Null(match);
|
||||
match = matcher.Match("line:123 column:45 code:uh-oh message:not-working");
|
||||
Assert.Equal("my-file.cs", match.File);
|
||||
Assert.Equal("123", match.Line);
|
||||
Assert.Equal("45", match.Column);
|
||||
Assert.Equal("real-bad", match.Severity);
|
||||
Assert.Equal("uh-oh", match.Code);
|
||||
Assert.Equal("not-working", match.Message);
|
||||
Assert.Equal("subdir/default-project.csproj", match.FromPath);
|
||||
|
||||
// Test that pattern-specific fromPath overrides the default
|
||||
config = JsonUtility.FromString<IssueMatchersConfig>(@"
|
||||
{
|
||||
""problemMatcher"": [
|
||||
{
|
||||
""owner"": ""myMatcher"",
|
||||
""fromPath"": ""subdir/default-project.csproj"",
|
||||
""pattern"": [
|
||||
{
|
||||
""regexp"": ""^file:(.+) fromPath:(.+)$"",
|
||||
""file"": 1,
|
||||
""fromPath"": 2
|
||||
},
|
||||
{
|
||||
""regexp"": ""^severity:(.+)$"",
|
||||
""severity"": 1
|
||||
},
|
||||
{
|
||||
""regexp"": ""^line:(.+) column:(.+) code:(.+) message:(.+)$"",
|
||||
""line"": 1,
|
||||
""column"": 2,
|
||||
""code"": 3,
|
||||
""message"": 4
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
");
|
||||
config.Validate();
|
||||
matcher = new IssueMatcher(config.Matchers[0], TimeSpan.FromSeconds(1));
|
||||
|
||||
match = matcher.Match("file:my-file.cs fromPath:my-project.proj");
|
||||
Assert.Null(match);
|
||||
match = matcher.Match("severity:real-bad");
|
||||
Assert.Null(match);
|
||||
match = matcher.Match("line:123 column:45 code:uh-oh message:not-working");
|
||||
Assert.Equal("my-file.cs", match.File);
|
||||
Assert.Equal("123", match.Line);
|
||||
Assert.Equal("45", match.Column);
|
||||
Assert.Equal("real-bad", match.Severity);
|
||||
Assert.Equal("uh-oh", match.Code);
|
||||
Assert.Equal("not-working", match.Message);
|
||||
Assert.Equal("my-project.proj", match.FromPath);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
38
src/Test/L0/Worker/JobContextL0.cs
Normal file
38
src/Test/L0/Worker/JobContextL0.cs
Normal file
@@ -0,0 +1,38 @@
|
||||
using System;
|
||||
using GitHub.DistributedTask.Pipelines.ContextData;
|
||||
using GitHub.Runner.Worker;
|
||||
using Xunit;
|
||||
|
||||
namespace GitHub.Runner.Common.Tests.Worker
|
||||
{
|
||||
public class JobContextL0
|
||||
{
|
||||
[Fact]
|
||||
public void CheckRunId_SetAndGet_WorksCorrectly()
|
||||
{
|
||||
var ctx = new JobContext();
|
||||
ctx.CheckRunId = 12345;
|
||||
Assert.Equal(12345, ctx.CheckRunId);
|
||||
Assert.True(ctx.TryGetValue("check_run_id", out var value));
|
||||
Assert.IsType<NumberContextData>(value);
|
||||
Assert.Equal(12345, ((NumberContextData)value).Value);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CheckRunId_NotSet_ReturnsNull()
|
||||
{
|
||||
var ctx = new JobContext();
|
||||
Assert.Null(ctx.CheckRunId);
|
||||
Assert.False(ctx.TryGetValue("check_run_id", out var value));
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void CheckRunId_SetNull_RemovesKey()
|
||||
{
|
||||
var ctx = new JobContext();
|
||||
ctx.CheckRunId = 12345;
|
||||
ctx.CheckRunId = null;
|
||||
Assert.Null(ctx.CheckRunId);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -937,6 +937,62 @@ namespace GitHub.Runner.Common.Tests.Worker
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
public async void MatcherDefaultFromPath()
|
||||
{
|
||||
var matchers = new IssueMatchersConfig
|
||||
{
|
||||
Matchers =
|
||||
{
|
||||
new IssueMatcherConfig
|
||||
{
|
||||
Owner = "my-matcher-1",
|
||||
FromPath = "workflow-repo/some-project/some-project.proj",
|
||||
Patterns = new[]
|
||||
{
|
||||
new IssuePatternConfig
|
||||
{
|
||||
Pattern = @"(.+): (.+)",
|
||||
File = 1,
|
||||
Message = 2,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
};
|
||||
using (var hostContext = Setup(matchers: matchers))
|
||||
using (_outputManager)
|
||||
{
|
||||
// Setup github.workspace, github.repository
|
||||
var workDirectory = hostContext.GetDirectory(WellKnownDirectory.Work);
|
||||
ArgUtil.NotNullOrEmpty(workDirectory, nameof(workDirectory));
|
||||
Directory.CreateDirectory(workDirectory);
|
||||
var workspaceDirectory = Path.Combine(workDirectory, "workspace");
|
||||
Directory.CreateDirectory(workspaceDirectory);
|
||||
_executionContext.Setup(x => x.GetGitHubContext("workspace")).Returns(workspaceDirectory);
|
||||
_executionContext.Setup(x => x.GetGitHubContext("repository")).Returns("my-org/workflow-repo");
|
||||
|
||||
// Setup a git repository
|
||||
var repositoryPath = Path.Combine(workspaceDirectory, "workflow-repo");
|
||||
await CreateRepository(hostContext, repositoryPath, "https://github.com/my-org/workflow-repo");
|
||||
|
||||
// Create a test file
|
||||
var filePath = Path.Combine(repositoryPath, "some-project", "some-directory", "some-file.txt");
|
||||
Directory.CreateDirectory(Path.GetDirectoryName(filePath));
|
||||
File.WriteAllText(filePath, "");
|
||||
|
||||
// Process
|
||||
Process("some-directory/some-file.txt: some error");
|
||||
Assert.Equal(1, _issues.Count);
|
||||
Assert.Equal("some error", _issues[0].Item1.Message);
|
||||
Assert.Equal("some-project/some-directory/some-file.txt", _issues[0].Item1.Data["file"]);
|
||||
Assert.Equal(0, _commands.Count);
|
||||
Assert.Equal(0, _messages.Count);
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
[Trait("Level", "L0")]
|
||||
[Trait("Category", "Worker")]
|
||||
|
||||
@@ -15,9 +15,9 @@
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
|
||||
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.13.0" />
|
||||
<PackageReference Include="xunit" Version="2.7.1" />
|
||||
<PackageReference Include="xunit.runner.visualstudio" Version="2.5.8" />
|
||||
<PackageReference Include="xunit.runner.visualstudio" Version="2.8.2" />
|
||||
<PackageReference Include="System.Reflection.TypeExtensions" Version="4.7.0" />
|
||||
<PackageReference Include="System.Threading.ThreadPool" Version="4.3.0" />
|
||||
<PackageReference Include="Moq" Version="4.20.72" />
|
||||
|
||||
@@ -1 +1 @@
|
||||
2.323.0
|
||||
2.324.0
|
||||
|
||||
Reference in New Issue
Block a user