mirror of
https://github.com/go-gitea/gitea.git
synced 2025-07-22 21:35:21 +02:00
feat: check runner token
This commit is contained in:
parent
9c6476754d
commit
94241daaaa
@ -6,6 +6,7 @@ package runner
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/subtle"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
bots_model "code.gitea.io/gitea/models/bots"
|
bots_model "code.gitea.io/gitea/models/bots"
|
||||||
@ -21,6 +22,7 @@ import (
|
|||||||
const (
|
const (
|
||||||
runnerOnlineTimeDeltaSecs = 30
|
runnerOnlineTimeDeltaSecs = 30
|
||||||
uuidHeaderKey = "x-runner-uuid"
|
uuidHeaderKey = "x-runner-uuid"
|
||||||
|
tokenHeaderKey = "x-runner-token"
|
||||||
)
|
)
|
||||||
|
|
||||||
var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unaryFunc connect.UnaryFunc) connect.UnaryFunc {
|
var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unaryFunc connect.UnaryFunc) connect.UnaryFunc {
|
||||||
@ -29,6 +31,7 @@ var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unar
|
|||||||
return unaryFunc(ctx, request)
|
return unaryFunc(ctx, request)
|
||||||
}
|
}
|
||||||
uuid := request.Header().Get(uuidHeaderKey)
|
uuid := request.Header().Get(uuidHeaderKey)
|
||||||
|
token := request.Header().Get(tokenHeaderKey)
|
||||||
runner, err := bots_model.GetRunnerByUUID(uuid)
|
runner, err := bots_model.GetRunnerByUUID(uuid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(bots_model.ErrRunnerNotExist); ok {
|
if _, ok := err.(bots_model.ErrRunnerNotExist); ok {
|
||||||
@ -36,6 +39,9 @@ var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unar
|
|||||||
}
|
}
|
||||||
return nil, status.Error(codes.Internal, err.Error())
|
return nil, status.Error(codes.Internal, err.Error())
|
||||||
}
|
}
|
||||||
|
if subtle.ConstantTimeCompare([]byte(token), []byte(runner.Token)) != 1 {
|
||||||
|
return nil, status.Error(codes.Unauthenticated, "unregistered runner")
|
||||||
|
}
|
||||||
|
|
||||||
// update runner online status
|
// update runner online status
|
||||||
if runner.Status == runnerv1.RunnerStatus_RUNNER_STATUS_OFFLINE {
|
if runner.Status == runnerv1.RunnerStatus_RUNNER_STATUS_OFFLINE {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user