gitlab-org--gitlab-foss/app/services/ci/pipeline_trigger_service.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

116 lines
3.4 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
2017-07-26 05:31:09 -04:00
module Ci
class PipelineTriggerService < BaseService
2017-11-13 10:27:30 -05:00
include Gitlab::Utils::StrongMemoize
include Services::ReturnServiceResponses
include Ci::DownstreamPipelineHelpers
2017-11-13 10:27:30 -05:00
2017-07-26 05:31:09 -04:00
def execute
if trigger_from_token
set_application_context_from_trigger(trigger_from_token)
2017-07-26 05:31:09 -04:00
create_pipeline_from_trigger(trigger_from_token)
elsif job_from_token
set_application_context_from_job(job_from_token)
create_pipeline_from_job(job_from_token)
2017-07-26 05:31:09 -04:00
end
rescue Ci::AuthJobFinder::AuthError => e
error(e.message, 401)
2017-07-26 05:31:09 -04:00
end
private
PAYLOAD_VARIABLE_KEY = 'TRIGGER_PAYLOAD'
PAYLOAD_VARIABLE_HIDDEN_PARAMS = %i[token].freeze
2017-07-26 05:31:09 -04:00
def create_pipeline_from_trigger(trigger)
# this check is to not leak the presence of the project if user cannot read it
return unless trigger.project == project
return unless can?(trigger.owner, :read_project, project)
2017-07-26 05:31:09 -04:00
response = Ci::CreatePipelineService
.new(project, trigger.owner, ref: params[:ref], variables_attributes: variables)
2017-07-26 05:31:09 -04:00
.execute(:trigger, ignore_skip_ci: true) do |pipeline|
pipeline.trigger_requests.build(trigger: trigger)
2017-07-26 05:31:09 -04:00
end
pipeline_service_response(response.payload)
end
def pipeline_service_response(pipeline)
if pipeline.created_successfully?
2017-07-26 05:31:09 -04:00
success(pipeline: pipeline)
elsif pipeline.persisted?
err = pipeline.errors.messages.presence || pipeline.failure_reason.presence || 'Could not create pipeline'
error(err, :unprocessable_entity)
2017-07-26 05:31:09 -04:00
else
error(pipeline.errors.messages, :bad_request)
2017-07-26 05:31:09 -04:00
end
end
def trigger_from_token
2017-11-13 10:27:30 -05:00
strong_memoize(:trigger) do
Ci::Trigger.find_by_token(params[:token].to_s)
end
2017-07-26 05:31:09 -04:00
end
def create_pipeline_from_job(job)
# this check is to not leak the presence of the project if user cannot read it
return unless can?(job.user, :read_project, project)
response = Ci::CreatePipelineService
.new(project, job.user, ref: params[:ref], variables_attributes: variables)
.execute(:pipeline, ignore_skip_ci: true) do |pipeline|
source = job.sourced_pipelines.build(
source_pipeline: job.pipeline,
source_project: job.project,
pipeline: pipeline,
project: project)
pipeline.source_pipeline = source
end
log_downstream_pipeline_creation(response.payload)
pipeline_service_response(response.payload)
end
def job_from_token
strong_memoize(:job) do
Ci::AuthJobFinder.new(token: params[:token].to_s).execute!
end
end
def variables
param_variables + [payload_variable]
end
def param_variables
params[:variables].to_h.map do |key, value|
2017-07-26 05:31:09 -04:00
{ key: key, value: value }
end
end
def payload_variable
{ key: PAYLOAD_VARIABLE_KEY,
value: params.except(*PAYLOAD_VARIABLE_HIDDEN_PARAMS).to_json,
variable_type: :file }
end
def set_application_context_from_trigger(trigger)
Gitlab::ApplicationContext.push(
user: trigger.owner,
project: trigger.project
)
end
def set_application_context_from_job(job)
Gitlab::ApplicationContext.push(
user: job.user,
project: job.project,
runner: job.runner
)
end
2017-07-26 05:31:09 -04:00
end
end