Commit e2e43a11 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Use new runners registration token to register CI runners

parent 219afbad
module GitlabCi module GitlabCi
VERSION = Gitlab::VERSION VERSION = Gitlab::VERSION
REVISION = Gitlab::REVISION REVISION = Gitlab::REVISION
REGISTRATION_TOKEN = SecureRandom.hex(10)
def self.config def self.config
Settings Settings
......
...@@ -6,7 +6,7 @@ module Ci ...@@ -6,7 +6,7 @@ module Ci
UPDATE_RUNNER_EVERY = 60 UPDATE_RUNNER_EVERY = 60
def authenticate_runners! def authenticate_runners!
forbidden! unless params[:token] == GitlabCi::REGISTRATION_TOKEN forbidden! unless runner_registration_token_valid?
end end
def authenticate_runner! def authenticate_runner!
...@@ -22,6 +22,10 @@ module Ci ...@@ -22,6 +22,10 @@ module Ci
forbidden! unless token && build.valid_token?(token) forbidden! unless token && build.valid_token?(token)
end end
def runner_registration_token_valid?
params[:token] == current_application_settings.runners_registration_token
end
def update_runner_last_contact def update_runner_last_contact
# Use a random threshold to prevent beating DB updates # Use a random threshold to prevent beating DB updates
contacted_at_max_age = UPDATE_RUNNER_EVERY + Random.rand(UPDATE_RUNNER_EVERY) contacted_at_max_age = UPDATE_RUNNER_EVERY + Random.rand(UPDATE_RUNNER_EVERY)
......
...@@ -40,7 +40,7 @@ module Ci ...@@ -40,7 +40,7 @@ module Ci
required_attributes! [:token] required_attributes! [:token]
runner = runner =
if params[:token] == GitlabCi::REGISTRATION_TOKEN if runner_registration_token_valid?
# Create shared runner. Requires admin access # Create shared runner. Requires admin access
Ci::Runner.create( Ci::Runner.create(
description: params[:description], description: params[:description],
......
...@@ -4,8 +4,11 @@ describe Ci::API::API do ...@@ -4,8 +4,11 @@ describe Ci::API::API do
include ApiHelpers include ApiHelpers
include StubGitlabCalls include StubGitlabCalls
let(:registration_token) { 'abcdefg123456' }
before do before do
stub_gitlab_calls stub_gitlab_calls
stub_application_setting(runners_registration_token: registration_token)
end end
describe "GET /runners" do describe "GET /runners" do
...@@ -33,20 +36,20 @@ describe Ci::API::API do ...@@ -33,20 +36,20 @@ describe Ci::API::API do
describe "POST /runners/register" do describe "POST /runners/register" do
describe "should create a runner if token provided" do describe "should create a runner if token provided" do
before { post ci_api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN } before { post ci_api("/runners/register"), token: registration_token }
it { expect(response.status).to eq(201) } it { expect(response.status).to eq(201) }
end end
describe "should create a runner with description" do describe "should create a runner with description" do
before { post ci_api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN, description: "server.hostname" } before { post ci_api("/runners/register"), token: registration_token, description: "server.hostname" }
it { expect(response.status).to eq(201) } it { expect(response.status).to eq(201) }
it { expect(Ci::Runner.first.description).to eq("server.hostname") } it { expect(Ci::Runner.first.description).to eq("server.hostname") }
end end
describe "should create a runner with tags" do describe "should create a runner with tags" do
before { post ci_api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN, tag_list: "tag1, tag2" } before { post ci_api("/runners/register"), token: registration_token, tag_list: "tag1, tag2" }
it { expect(response.status).to eq(201) } it { expect(response.status).to eq(201) }
it { expect(Ci::Runner.first.tag_list.sort).to eq(["tag1", "tag2"]) } it { expect(Ci::Runner.first.tag_list.sort).to eq(["tag1", "tag2"]) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment