From 15aecb87483ea119090cf04aa76de4690bcf70d3 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Tue, 9 Jul 2024 15:11:45 +0200 Subject: [PATCH 1/3] modulesync 9.1.0 --- .github/CONTRIBUTING.md | 12 ++++++++-- .github/labeler.yml | 3 +++ .github/release.yml | 42 +++++++++++++++++++++++++++++++++++ .github/workflows/labeler.yml | 17 ++++++++++++++ .github/workflows/release.yml | 7 ++++++ .msync.yml | 2 +- .puppet-lint.rc | 3 +++ Gemfile | 2 +- spec/spec_helper.rb | 4 ++++ 9 files changed, 88 insertions(+), 4 deletions(-) create mode 100644 .github/release.yml create mode 100644 .github/workflows/labeler.yml diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 8809327..daceb64 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -245,15 +245,23 @@ with: BEAKER_PUPPET_COLLECTION=puppet7 BEAKER_setfile=debian11-64 bundle exec rake beaker ``` +or + +```sh +BEAKER_PUPPET_COLLECTION=none BEAKER_setfile=archlinux-64 bundle exec rake beaker +``` + +This latter example will use the distribution's own version of Puppet. + You can replace the string `debian11` with any common operating system. The following strings are known to work: * ubuntu2004 * ubuntu2204 * debian11 -* centos7 -* centos8 +* debian12 * centos9 +* archlinux * almalinux8 * almalinux9 * fedora36 diff --git a/.github/labeler.yml b/.github/labeler.yml index 7899de8..f2d08d6 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -1,3 +1,6 @@ --- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + skip-changelog: - head-branch: ['^release-*', 'release'] diff --git a/.github/release.yml b/.github/release.yml new file mode 100644 index 0000000..f5b5d7a --- /dev/null +++ b/.github/release.yml @@ -0,0 +1,42 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +# https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes + +changelog: + exclude: + labels: + - duplicate + - invalid + - modulesync + - question + - skip-changelog + - wont-fix + - wontfix + + categories: + - title: Breaking Changes 🛠 + labels: + - backwards-incompatible + + - title: New Features 🎉 + labels: + - enhancement + + - title: Bug Fixes 🐛 + labels: + - bug + + - title: Documentation Updates 📚 + labels: + - documentation + - docs + + - title: Dependency Updates ⬆️ + labels: + - dependencies + + - title: Other Changes + labels: + - "*" diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 0000000..66127cd --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,17 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: "Pull Request Labeler" + +on: + pull_request_target: {} + +jobs: + labeler: + permissions: + contents: read + pull-requests: write + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@v5 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 55324aa..93b33c2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,3 +20,10 @@ jobs: # https://docs.github.com/en/actions/security-guides/encrypted-secrets username: ${{ secrets.PUPPET_FORGE_USERNAME }} api_key: ${{ secrets.PUPPET_FORGE_API_KEY }} + + create-github-release: + name: Create GitHub Release + runs-on: ubuntu-latest + steps: + - name: Create GitHub release + uses: voxpupuli/gha-create-a-github-release@v1 diff --git a/.msync.yml b/.msync.yml index 3607168..95e8c97 100644 --- a/.msync.yml +++ b/.msync.yml @@ -2,4 +2,4 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -modulesync_config_version: '9.0.0' +modulesync_config_version: '9.1.0' diff --git a/.puppet-lint.rc b/.puppet-lint.rc index dd8272c..05d28a2 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1,3 +1,6 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + --fail-on-warnings --no-parameter_documentation-check --no-parameter_types-check diff --git a/Gemfile b/Gemfile index 51d51ba..b4ac896 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' group :test do - gem 'voxpupuli-test', '~> 8.0', :require => false + gem 'voxpupuli-test', '~> 9.0', :require => false gem 'coveralls', :require => false gem 'simplecov-console', :require => false gem 'puppet_metadata', '~> 4.0', :require => false diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index d1dc0d6..21eed3c 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -9,6 +9,10 @@ require 'voxpupuli/test/spec_helper' +RSpec.configure do |c| + c.facterdb_string_keys = false +end + add_mocked_facts! if File.exist?(File.join(__dir__, 'default_module_facts.yml')) From 082e4acb94aec96e818c232ed318b71fb11869ea Mon Sep 17 00:00:00 2001 From: Vilnius Ramanauskas Date: Wed, 17 Jul 2024 15:46:55 +0300 Subject: [PATCH 2/3] #168 Initial new Flow handling --- CHANGELOG.md | 11 +++++++++++ REFERENCE.md | 2 +- lib/puppet/functions/gitlab_ci_runner/register.rb | 6 +++++- manifests/runner.pp | 15 ++++++++++++--- metadata.json | 5 +++-- types/register_parameters_deprecated.pp | 2 ++ 6 files changed, 34 insertions(+), 7 deletions(-) create mode 100644 types/register_parameters_deprecated.pp diff --git a/CHANGELOG.md b/CHANGELOG.md index d61e078..1c9829b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module. +## [v5.2.0](https://github.com/voxpupuli/puppet-gitlab_ci_runner/tree/v5.1.0) (2024-07-21) + +[Full Changelog](https://github.com/voxpupuli/puppet-gitlab_ci_runner/compare/v5.0.0...v5.1.0) + +**Implemented enhancements:** + +- New Registration Flow being rolled out - requires adaption [\#186](https://github.com/voxpupuli/puppet-gitlab_ci_runner/pull/186) ([juokelis](https://github.com/juokelis)) +- Drop RHEL/CentOS 7,8 support +- Drop Debian 10 \(EOL\) +- Add Debian 12 + ## [v5.1.0](https://github.com/voxpupuli/puppet-gitlab_ci_runner/tree/v5.1.0) (2023-12-04) [Full Changelog](https://github.com/voxpupuli/puppet-gitlab_ci_runner/compare/v5.0.0...v5.1.0) diff --git a/REFERENCE.md b/REFERENCE.md index 70af003..8aaf977 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -36,6 +36,7 @@ * [`Gitlab_ci_runner::Log_level`](#Gitlab_ci_runner--Log_level): Gitlab Runner log level configuration * [`Gitlab_ci_runner::Register`](#Gitlab_ci_runner--Register): A struct of all possible additionl options for gitlab_ci_runner::register * [`Gitlab_ci_runner::Register_parameters`](#Gitlab_ci_runner--Register_parameters): A enum containing a possible keys used for Gitlab runner registrations +* [`Gitlab_ci_runner::Register_parameters_deprecated`](#Gitlab_ci_runner--Register_parameters): A enum containing a possible keys used for Gitlab runner registrations * [`Gitlab_ci_runner::Session_server`](#Gitlab_ci_runner--Session_server): Gitlab Runner session_server configuration ### Tasks @@ -910,4 +911,3 @@ The url to your Gitlab instance. Please provide the host part only! (e.g https:/ Data type: `String[1]` Runners authentication token. - diff --git a/lib/puppet/functions/gitlab_ci_runner/register.rb b/lib/puppet/functions/gitlab_ci_runner/register.rb index be4fed0..1d20558 100644 --- a/lib/puppet/functions/gitlab_ci_runner/register.rb +++ b/lib/puppet/functions/gitlab_ci_runner/register.rb @@ -21,7 +21,11 @@ end def register(url, token, additional_options = {}, ca_file = nil) - PuppetX::Gitlab::Runner.register(url, additional_options.merge('token' => token), ca_file: ca_file) + options = additional_options.merge( + token.start_with?('glrt-') ? { 'token' => token } : { 'registration-token' => token } + ) + + PuppetX::Gitlab::Runner.register(url, options, ca_file: ca_file) rescue Net::HTTPError => e raise "Gitlab runner failed to register: #{e.message}" end diff --git a/manifests/runner.pp b/manifests/runner.pp index 631724f..5795a16 100644 --- a/manifests/runner.pp +++ b/manifests/runner.pp @@ -84,12 +84,21 @@ default => $config, } - if $_config['registration-token'] { - $register_additional_options = $config + if $_config['registration-token'] or $_config['token'] { + $register_additional_options_legacy = $config .filter |$item| { $item[0] =~ Gitlab_ci_runner::Register_parameters } # Get all items use for the registration process .reduce({}) |$memo, $item| { $memo + { regsubst($item[0], '-', '_', 'G') => $item[1] } } # Ensure all keys use '_' instead of '-' - $deferred_call = Deferred('gitlab_ci_runner::register_to_file', [$_config['url'], $_config['registration-token'], $_config['name'], $register_additional_options, $http_proxy, $ca_file]) + $token = pick($_config['token'], $_config['registration-token']) + if $token =~ /^glrt-/ { + $register_additional_options = $register_additional_options_legacy + .filter |$item| { $item[0] =~ Gitlab_ci_runner::Register_parameters_deprecated } # Leave only items allowed in new flow + # TODO rise a depracetion warning - do not use deprecated params with 'token' or gitlab 17+ + } else { + $register_additional_options = $register_additional_options_legacy + } + + $deferred_call = Deferred('gitlab_ci_runner::register_to_file', [$_config['url'], $token, $_config['name'], $register_additional_options, $http_proxy, $ca_file]) # Remove registration-token and add a 'token' key to the config with a Deferred function to get it. $__config = ($_config - (Array(Gitlab_ci_runner::Register_parameters) + 'registration-token')) + { 'token' => $deferred_call } diff --git a/metadata.json b/metadata.json index 4aa713f..52c7716 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppet-gitlab_ci_runner", - "version": "5.1.1-rc0", + "version": "5.2.0-rc0", "author": "Vox Pupuli", "summary": "Installation and configuration of Gitlab CI Runner", "license": "Apache-2.0", @@ -64,7 +64,8 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "11" + "11", + "12" ] }, { diff --git a/types/register_parameters_deprecated.pp b/types/register_parameters_deprecated.pp new file mode 100644 index 0000000..c36a35d --- /dev/null +++ b/types/register_parameters_deprecated.pp @@ -0,0 +1,2 @@ +# @summary A enum containing a possible keys used for Gitlab runner registrations +type Gitlab_ci_runner::Register_parameters_deprecated = Enum['description','locked', 'run_untagged', 'tag_list', 'access_level'] From 239bb50a86657e512e9e162639af6d7ca763cb21 Mon Sep 17 00:00:00 2001 From: Vilnius Ramanauskas Date: Thu, 18 Jul 2024 10:39:16 +0300 Subject: [PATCH 3/3] Updating for a new flow --- REFERENCE.md | 1 - .../functions/gitlab_ci_runner/register.rb | 16 +++++++++------- .../gitlab_ci_runner/register_to_file.rb | 8 +++++++- lib/puppet_x/gitlab/runner.rb | 6 ++++++ manifests/runner.pp | 9 +-------- types/register_parameters_deprecated.pp | 2 -- 6 files changed, 23 insertions(+), 19 deletions(-) delete mode 100644 types/register_parameters_deprecated.pp diff --git a/REFERENCE.md b/REFERENCE.md index 8aaf977..6d74851 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -36,7 +36,6 @@ * [`Gitlab_ci_runner::Log_level`](#Gitlab_ci_runner--Log_level): Gitlab Runner log level configuration * [`Gitlab_ci_runner::Register`](#Gitlab_ci_runner--Register): A struct of all possible additionl options for gitlab_ci_runner::register * [`Gitlab_ci_runner::Register_parameters`](#Gitlab_ci_runner--Register_parameters): A enum containing a possible keys used for Gitlab runner registrations -* [`Gitlab_ci_runner::Register_parameters_deprecated`](#Gitlab_ci_runner--Register_parameters): A enum containing a possible keys used for Gitlab runner registrations * [`Gitlab_ci_runner::Session_server`](#Gitlab_ci_runner--Session_server): Gitlab Runner session_server configuration ### Tasks diff --git a/lib/puppet/functions/gitlab_ci_runner/register.rb b/lib/puppet/functions/gitlab_ci_runner/register.rb index 1d20558..7bd0b77 100644 --- a/lib/puppet/functions/gitlab_ci_runner/register.rb +++ b/lib/puppet/functions/gitlab_ci_runner/register.rb @@ -8,7 +8,7 @@ # @param token Registration token. # @param additional_options A hash with all additional configuration options for that runner # @param ca_file An absolute path to a trusted certificate authority file. - # @return [Struct[{ id => Integer[1], token => String[1], }]] Returns a hash with the runner id and authentcation token + # @return [Struct[{ id => Integer[1], token => String[1], }]] Returns a hash with the runner id and authentication token # @example Using it as a replacement for the Bolt 'register_runner' task # puppet apply -e "notice(gitlab_ci_runner::register('https://gitlab.com', 'registration-token'))" # @@ -21,12 +21,14 @@ end def register(url, token, additional_options = {}, ca_file = nil) - options = additional_options.merge( - token.start_with?('glrt-') ? { 'token' => token } : { 'registration-token' => token } - ) + if token.start_with?('glrt-') + raise "Gitlab runner failed to register: authentication token provided instead of registration token." + end - PuppetX::Gitlab::Runner.register(url, options, ca_file: ca_file) - rescue Net::HTTPError => e - raise "Gitlab runner failed to register: #{e.message}" + begin + PuppetX::Gitlab::Runner.register(url, additional_options.merge('registration-token' => token), ca_file) + rescue Net::HTTPError => e + raise "Gitlab runner failed to register: #{e.message}" + end end end diff --git a/lib/puppet/functions/gitlab_ci_runner/register_to_file.rb b/lib/puppet/functions/gitlab_ci_runner/register_to_file.rb index 8e48a17..c79ed17 100644 --- a/lib/puppet/functions/gitlab_ci_runner/register_to_file.rb +++ b/lib/puppet/functions/gitlab_ci_runner/register_to_file.rb @@ -51,7 +51,13 @@ def register_to_file(url, regtoken, runner_name, additional_options = {}, proxy # will be returned unmodified. regtoken = call_function('unwrap', regtoken) - authtoken = PuppetX::Gitlab::Runner.register(url, additional_options.merge('token' => regtoken), proxy, ca_file)['token'] + # Combine options based on the token + if regtoken.start_with?('glrt-') + PuppetX::Gitlab::Runner.verify(url, regtoken, proxy, ca_file) + authtoken = regtoken + else + authtoken = PuppetX::Gitlab::Runner.register(url, additional_options.merge('registration-token' => regtoken), proxy, ca_file)['token'] + end # If this function is used as a Deferred function the Gitlab Runner config dir # will not exist on the first run, because the package isn't installed yet. diff --git a/lib/puppet_x/gitlab/runner.rb b/lib/puppet_x/gitlab/runner.rb index bd55ef9..b1fa2bb 100644 --- a/lib/puppet_x/gitlab/runner.rb +++ b/lib/puppet_x/gitlab/runner.rb @@ -70,6 +70,12 @@ def self.register(host, options, proxy = nil, ca_file = nil) PuppetX::Gitlab::APIClient.post(url, options, proxy, ca_file) end + def self.verify(host, token, proxy = nil, ca_file = nil) + url = "#{host}/api/v4/runners/verify" + Puppet.info "Verifying gitlab runner with #{host}" + PuppetX::Gitlab::APIClient.post(url, {'token'=>token}, proxy, ca_file) + end + def self.unregister(host, options, proxy = nil, ca_file = nil) url = "#{host}/api/v4/runners" Puppet.info "Unregistering gitlab runner with #{host}" diff --git a/manifests/runner.pp b/manifests/runner.pp index 5795a16..5d43b07 100644 --- a/manifests/runner.pp +++ b/manifests/runner.pp @@ -85,18 +85,11 @@ } if $_config['registration-token'] or $_config['token'] { - $register_additional_options_legacy = $config + $register_additional_options = $config .filter |$item| { $item[0] =~ Gitlab_ci_runner::Register_parameters } # Get all items use for the registration process .reduce({}) |$memo, $item| { $memo + { regsubst($item[0], '-', '_', 'G') => $item[1] } } # Ensure all keys use '_' instead of '-' $token = pick($_config['token'], $_config['registration-token']) - if $token =~ /^glrt-/ { - $register_additional_options = $register_additional_options_legacy - .filter |$item| { $item[0] =~ Gitlab_ci_runner::Register_parameters_deprecated } # Leave only items allowed in new flow - # TODO rise a depracetion warning - do not use deprecated params with 'token' or gitlab 17+ - } else { - $register_additional_options = $register_additional_options_legacy - } $deferred_call = Deferred('gitlab_ci_runner::register_to_file', [$_config['url'], $token, $_config['name'], $register_additional_options, $http_proxy, $ca_file]) diff --git a/types/register_parameters_deprecated.pp b/types/register_parameters_deprecated.pp deleted file mode 100644 index c36a35d..0000000 --- a/types/register_parameters_deprecated.pp +++ /dev/null @@ -1,2 +0,0 @@ -# @summary A enum containing a possible keys used for Gitlab runner registrations -type Gitlab_ci_runner::Register_parameters_deprecated = Enum['description','locked', 'run_untagged', 'tag_list', 'access_level']