gitlab-org--gitlab-foss/app/models/ci/runner.rb

410 lines
13 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
2015-08-25 21:42:46 -04:00
module Ci
class Runner < ApplicationRecord
extend Gitlab::Ci::Model
include Gitlab::SQL::Pattern
include RedisCacheable
2018-02-20 19:09:59 -05:00
include ChronicDurationAttribute
include FromUnion
include TokenAuthenticatable
include IgnorableColumns
include FeatureGate
add_authentication_token_field :token, encrypted: -> { Feature.enabled?(:ci_runners_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
2018-06-11 07:37:47 -04:00
enum access_level: {
not_protected: 0,
ref_protected: 1
}
enum runner_type: {
instance_type: 1,
group_type: 2,
project_type: 3
}
# This `ONLINE_CONTACT_TIMEOUT` needs to be larger than
# `RUNNER_QUEUE_EXPIRY_TIME+UPDATE_CONTACT_COLUMN_EVERY`
#
ONLINE_CONTACT_TIMEOUT = 2.hours
# The `RUNNER_QUEUE_EXPIRY_TIME` indicates the longest interval that
# Runner request needs to be refreshed by Rails instead of being handled
# by Workhorse
RUNNER_QUEUE_EXPIRY_TIME = 1.hour
# The `UPDATE_CONTACT_COLUMN_EVERY` defines how often the Runner DB entry can be updated
UPDATE_CONTACT_COLUMN_EVERY = (40.minutes..55.minutes).freeze
2018-06-11 07:37:47 -04:00
AVAILABLE_TYPES_LEGACY = %w[specific shared].freeze
AVAILABLE_TYPES = runner_types.keys.freeze
AVAILABLE_STATUSES = %w[active paused online offline not_connected].freeze
2018-06-11 07:37:47 -04:00
AVAILABLE_SCOPES = (AVAILABLE_TYPES_LEGACY + AVAILABLE_TYPES + AVAILABLE_STATUSES).freeze
FORM_EDITABLE = %i[description tag_list active run_untagged locked access_level maximum_timeout_human_readable].freeze
MINUTES_COST_FACTOR_FIELDS = %i[public_projects_minutes_cost_factor private_projects_minutes_cost_factor].freeze
has_many :builds
has_many :runner_projects, inverse_of: :runner, autosave: true, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
has_many :projects, through: :runner_projects
has_many :runner_namespaces, inverse_of: :runner, autosave: true
2018-05-02 11:43:20 -04:00
has_many :groups, through: :runner_namespaces
2015-08-25 21:42:46 -04:00
has_one :last_build, -> { order('id DESC') }, class_name: 'Ci::Build'
2015-08-25 21:42:46 -04:00
before_save :ensure_token
2015-08-25 21:42:46 -04:00
scope :active, -> { where(active: true) }
scope :paused, -> { where(active: false) }
scope :online, -> { where('contacted_at > ?', online_contact_time_deadline) }
# The following query using negation is cheaper than using `contacted_at <= ?`
# because there are less runners online than have been created. The
# resulting query is quickly finding online ones and then uses the regular
# indexed search and rejects the ones that are in the previous set. If we
# did `contacted_at <= ?` the query would effectively have to do a seq
# scan.
2018-06-06 09:29:40 -04:00
scope :offline, -> { where.not(id: online) }
scope :not_connected, -> { where(contacted_at: nil) }
scope :ordered, -> { order(id: :desc) }
scope :with_recent_runner_queue, -> { where('contacted_at > ?', recent_queue_deadline) }
# BACKWARD COMPATIBILITY: There are needed to maintain compatibility with `AVAILABLE_SCOPES` used by `lib/api/runners.rb`
scope :deprecated_shared, -> { instance_type }
2018-12-15 04:06:56 -05:00
scope :deprecated_specific, -> { project_type.or(group_type) }
scope :belonging_to_project, -> (project_id) {
joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
}
scope :belonging_to_group, -> (group_id, include_ancestors: false) {
groups = ::Group.where(id: group_id)
if include_ancestors
groups = Gitlab::ObjectHierarchy.new(groups).base_and_ancestors
end
joins(:runner_namespaces).where(ci_runner_namespaces: { namespace_id: groups })
}
scope :belonging_to_group_or_project, -> (group_id, project_id) {
groups = ::Group.where(id: group_id)
group_runners = joins(:runner_namespaces).where(ci_runner_namespaces: { namespace_id: groups })
project_runners = joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
union_sql = ::Gitlab::SQL::Union.new([group_runners, project_runners]).to_sql
from("(#{union_sql}) #{table_name}")
}
scope :belonging_to_parent_group_of_project, -> (project_id) {
project_groups = ::Group.joins(:projects).where(projects: { id: project_id })
hierarchy_groups = Gitlab::ObjectHierarchy.new(project_groups).base_and_ancestors
joins(:groups).where(namespaces: { id: hierarchy_groups })
}
scope :owned_or_instance_wide, -> (project_id) do
from_union(
[
belonging_to_project(project_id),
belonging_to_parent_group_of_project(project_id),
instance_type
],
remove_duplicates: false
)
end
scope :assignable_for, ->(project) do
# FIXME: That `to_sql` is needed to workaround a weird Rails bug.
# Without that, placeholders would miss one and couldn't match.
#
# We use "unscoped" here so that any current Ci::Runner filters don't
# apply to the inner query, which is not necessary.
exclude_runners = unscoped { project.runners.select(:id) }.to_sql
2017-06-21 09:48:12 -04:00
where(locked: false)
.where.not("ci_runners.id IN (#{exclude_runners})")
.project_type
end
scope :order_contacted_at_asc, -> { order(contacted_at: :asc) }
scope :order_created_at_desc, -> { order(created_at: :desc) }
scope :with_tags, -> { preload(:tags) }
validate :tag_constraints
validates :access_level, presence: true
validates :runner_type, presence: true
2016-05-05 08:27:06 -04:00
validate :no_projects, unless: :project_type?
validate :no_groups, unless: :group_type?
validate :any_project, if: :project_type?
validate :exactly_one_group, if: :group_type?
2015-08-25 21:42:46 -04:00
acts_as_taggable
after_destroy :cleanup_runner_queue
2018-05-15 15:55:16 -04:00
cached_attr_reader :version, :revision, :platform, :architecture, :ip_address, :contacted_at
chronic_duration_attr :maximum_timeout_human_readable, :maximum_timeout,
error_message: 'Maximum job timeout has a value which could not be accepted'
2018-02-20 19:09:59 -05:00
validates :maximum_timeout, allow_nil: true,
numericality: { greater_than_or_equal_to: 600,
message: 'needs to be at least 10 minutes' }
validates :public_projects_minutes_cost_factor, :private_projects_minutes_cost_factor,
allow_nil: false,
numericality: { greater_than_or_equal_to: 0.0,
message: 'needs to be non-negative' }
# Searches for runners matching the given query.
#
# This method uses ILIKE on PostgreSQL.
#
# This method performs a *partial* match on tokens, thus a query for "a"
# will match any runner where the token contains the letter "a". As a result
# you should *not* use this method for non-admin purposes as otherwise users
# might be able to query a list of all runners.
#
# query - The search query as a String.
#
# Returns an ActiveRecord::Relation.
2015-08-25 21:42:46 -04:00
def self.search(query)
fuzzy_search(query, [:token, :description])
2015-08-25 21:42:46 -04:00
end
def self.online_contact_time_deadline
2017-05-27 11:14:34 -04:00
ONLINE_CONTACT_TIMEOUT.ago
end
def self.recent_queue_deadline
# we add queue expiry + online
# - contacted_at can be updated at any time within this interval
# we have always accurate `contacted_at` but it is stored in Redis
# and not persisted in database
(ONLINE_CONTACT_TIMEOUT + RUNNER_QUEUE_EXPIRY_TIME).ago
end
def self.order_by(order)
if order == 'contacted_asc'
order_contacted_at_asc
else
order_created_at_desc
end
end
2015-08-25 21:42:46 -04:00
def assign_to(project, current_user = nil)
if instance_type?
self.runner_type = :project_type
elsif group_type?
raise ArgumentError, 'Transitioning a group runner to a project runner is not supported'
end
begin
transaction do
self.projects << project
self.save!
end
rescue ActiveRecord::RecordInvalid => e
self.errors.add(:assign_to, e.message)
false
end
2015-08-25 21:42:46 -04:00
end
def display_name
return short_sha if description.blank?
2015-08-25 21:42:46 -04:00
description
end
def online?
contacted_at && contacted_at > self.class.online_contact_time_deadline
end
def status
if contacted_at.nil?
:not_connected
elsif active?
online? ? :online : :offline
else
:paused
end
end
2015-08-25 21:42:46 -04:00
def belongs_to_one_project?
runner_projects.count == 1
end
def belongs_to_more_than_one_project?
self.projects.limit(2).count(:all) > 1
end
def assigned_to_group?
2018-05-02 11:43:20 -04:00
runner_namespaces.any?
2017-09-25 09:28:33 -04:00
end
def assigned_to_project?
2017-10-04 07:55:34 -04:00
runner_projects.any?
end
# TODO: remove this method in favor of `matches_build?` once feature flag is removed
# https://gitlab.com/gitlab-org/gitlab/-/issues/323317
def can_pick?(build)
if Feature.enabled?(:ci_runners_short_circuit_assignable_for, self, default_enabled: :yaml)
matches_build?(build)
else
# Run `matches_build?` checks before, since they are cheaper than
# `assignable_for?`.
#
matches_build?(build) && assignable_for?(build.project_id)
end
end
def match_build_if_online?(build)
active? && online? && can_pick?(build)
2016-06-01 06:34:20 -04:00
end
2015-08-25 21:42:46 -04:00
def only_for?(project)
projects == [project]
end
def short_sha
2015-10-14 08:21:49 -04:00
token[0...8] if token
2015-08-25 21:42:46 -04:00
end
def tag_list
return super unless Feature.enabled?(:ci_preload_runner_tags, default_enabled: :yaml)
if tags.loaded?
tags.map(&:name)
else
super
end
end
def has_tags?
tag_list.any?
end
2016-07-20 07:17:21 -04:00
def predefined_variables
Gitlab::Ci::Variables::Collection.new
.append(key: 'CI_RUNNER_ID', value: id.to_s)
.append(key: 'CI_RUNNER_DESCRIPTION', value: description)
.append(key: 'CI_RUNNER_TAGS', value: tag_list.to_s)
2016-07-20 07:17:21 -04:00
end
2016-12-15 19:04:18 -05:00
def tick_runner_queue
SecureRandom.hex.tap do |new_update|
2017-03-06 05:44:45 -05:00
::Gitlab::Workhorse.set_key_and_notify(runner_queue_key, new_update,
expire: RUNNER_QUEUE_EXPIRY_TIME, overwrite: true)
end
2016-12-15 16:30:31 -05:00
end
2016-12-15 19:04:18 -05:00
def ensure_runner_queue_value
2017-03-06 05:44:45 -05:00
new_value = SecureRandom.hex
::Gitlab::Workhorse.set_key_and_notify(runner_queue_key, new_value,
expire: RUNNER_QUEUE_EXPIRY_TIME, overwrite: false)
2016-12-15 19:04:18 -05:00
end
def runner_queue_value_latest?(value)
2016-12-15 19:04:18 -05:00
ensure_runner_queue_value == value if value.present?
2016-12-15 16:30:31 -05:00
end
def heartbeat(values)
values = values&.slice(:version, :revision, :platform, :architecture, :ip_address) || {}
values[:contacted_at] = Time.current
cache_attributes(values)
2018-05-28 12:17:18 -04:00
# We save data without validation, it will always change due to `contacted_at`
self.update_columns(values) if persist_cached_data?
2018-01-28 18:25:13 -05:00
end
def pick_build!(build)
if Feature.enabled?(:ci_reduce_queries_when_ticking_runner_queue, self, default_enabled: :yaml)
tick_runner_queue if matches_build?(build)
else
tick_runner_queue if can_pick?(build)
end
end
def uncached_contacted_at
read_attribute(:contacted_at)
end
private
def cleanup_runner_queue
Gitlab::Redis::SharedState.with do |redis|
redis.del(runner_queue_key)
end
end
2016-12-15 19:04:18 -05:00
def runner_queue_key
2016-12-16 10:33:08 -05:00
"runner:build_queue:#{self.token}"
2016-12-15 16:30:31 -05:00
end
def persist_cached_data?
# Use a random threshold to prevent beating DB updates.
contacted_at_max_age = Random.rand(UPDATE_CONTACT_COLUMN_EVERY)
real_contacted_at = read_attribute(:contacted_at)
real_contacted_at.nil? ||
(Time.current - real_contacted_at) >= contacted_at_max_age
end
def tag_constraints
unless has_tags? || run_untagged?
errors.add(:tags_list,
'can not be empty when runner is not allowed to pick untagged jobs')
end
end
2016-06-01 06:34:20 -04:00
# TODO: remove this method once feature flag ci_runners_short_circuit_assignable_for
# is removed. https://gitlab.com/gitlab-org/gitlab/-/issues/323317
def assignable_for?(project_id)
self.class.owned_or_instance_wide(project_id).where(id: self.id).any?
2016-06-01 06:34:20 -04:00
end
def no_projects
if projects.any?
errors.add(:runner, 'cannot have projects assigned')
end
end
def no_groups
if groups.any?
errors.add(:runner, 'cannot have groups assigned')
end
end
def any_project
unless projects.any?
errors.add(:runner, 'needs to be assigned to at least one project')
end
end
def exactly_one_group
unless groups.one?
errors.add(:runner, 'needs to be assigned to exactly one group')
end
end
def matches_build?(build)
return false if self.ref_protected? && !build.protected?
accepting_tags?(build)
end
def accepting_tags?(build)
(run_untagged? || build.has_tags?) && (build.tag_list - tag_list).empty?
2016-06-01 06:34:20 -04:00
end
2015-08-25 21:42:46 -04:00
end
end
Ci::Runner.prepend_mod_with('Ci::Runner')