runner.rb 9.65 KB
Newer Older
1 2
# frozen_string_literal: true

Douwe Maan's avatar
Douwe Maan committed
3 4
module Ci
  class Runner < ActiveRecord::Base
5
    extend Gitlab::Ci::Model
6
    include Gitlab::SQL::Pattern
7
    include IgnorableColumn
8
    include RedisCacheable
9
    include ChronicDurationAttribute
10
    include FromUnion
11 12
    include TokenAuthenticatable

13
    add_authentication_token_field :token, encrypted: -> { Feature.enabled?(:ci_runners_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
14

Alexis Reigel's avatar
Alexis Reigel committed
15 16 17 18 19 20 21 22 23 24 25
    enum access_level: {
      not_protected: 0,
      ref_protected: 1
    }

    enum runner_type: {
      instance_type: 1,
      group_type: 2,
      project_type: 3
    }

26
    RUNNER_QUEUE_EXPIRY_TIME = 60.minutes
Alessio Caiazza's avatar
Alessio Caiazza committed
27
    ONLINE_CONTACT_TIMEOUT = 1.hour
28
    UPDATE_DB_RUNNER_INFO_EVERY = 40.minutes
Alexis Reigel's avatar
Alexis Reigel committed
29 30
    AVAILABLE_TYPES_LEGACY = %w[specific shared].freeze
    AVAILABLE_TYPES = runner_types.keys.freeze
31
    AVAILABLE_STATUSES = %w[active paused online offline].freeze
Alexis Reigel's avatar
Alexis Reigel committed
32
    AVAILABLE_SCOPES = (AVAILABLE_TYPES_LEGACY + AVAILABLE_TYPES + AVAILABLE_STATUSES).freeze
33
    FORM_EDITABLE = %i[description tag_list active run_untagged locked access_level maximum_timeout_human_readable].freeze
34

35 36
    ignore_column :is_shared

37
    has_many :builds
38
    has_many :runner_projects, inverse_of: :runner, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
39
    has_many :projects, through: :runner_projects
40
    has_many :runner_namespaces, inverse_of: :runner
41
    has_many :groups, through: :runner_namespaces
Douwe Maan's avatar
Douwe Maan committed
42 43 44

    has_one :last_build, ->() { order('id DESC') }, class_name: 'Ci::Build'

45
    before_save :ensure_token
Douwe Maan's avatar
Douwe Maan committed
46

47 48 49
    scope :active, -> { where(active: true) }
    scope :paused, -> { where(active: false) }
    scope :online, -> { where('contacted_at > ?', contact_time_deadline) }
50 51 52 53 54 55
    # The following query using negation is cheaper than using `contacted_at <= ?`
    # because there are less runners online than have been created. The
    # resulting query is quickly finding online ones and then uses the regular
    # indexed search and rejects the ones that are in the previous set. If we
    # did `contacted_at <= ?` the query would effectively have to do a seq
    # scan.
56
    scope :offline, -> { where.not(id: online) }
57
    scope :ordered, -> { order(id: :desc) }
58

59
    # BACKWARD COMPATIBILITY: There are needed to maintain compatibility with `AVAILABLE_SCOPES` used by `lib/api/runners.rb`
60
    scope :deprecated_shared, -> { instance_type }
Jasper Maes's avatar
Jasper Maes committed
61
    scope :deprecated_specific, -> { project_type.or(group_type) }
62

63 64 65
    scope :belonging_to_project, -> (project_id) {
      joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
    }
66

67
    scope :belonging_to_parent_group_of_project, -> (project_id) {
68
      project_groups = ::Group.joins(:projects).where(projects: { id: project_id })
69
      hierarchy_groups = Gitlab::ObjectHierarchy.new(project_groups).base_and_ancestors
70 71

      joins(:groups).where(namespaces: { id: hierarchy_groups })
72
    }
73

74
    scope :owned_or_instance_wide, -> (project_id) do
75 76 77 78 79 80
      from_union(
        [
          belonging_to_project(project_id),
          belonging_to_parent_group_of_project(project_id),
          instance_type
        ],
81 82
        remove_duplicates: false
      )
83 84
    end

Lin Jen-Shin's avatar
Lin Jen-Shin committed
85
    scope :assignable_for, ->(project) do
86 87
      # FIXME: That `to_sql` is needed to workaround a weird Rails bug.
      #        Without that, placeholders would miss one and couldn't match.
88 89 90 91 92
      #
      # We use "unscoped" here so that any current Ci::Runner filters don't
      # apply to the inner query, which is not necessary.
      exclude_runners = unscoped { project.runners.select(:id) }.to_sql

93
      where(locked: false)
94
        .where.not("ci_runners.id IN (#{exclude_runners})")
95
        .project_type
96 97
    end

98 99
    scope :order_contacted_at_asc, -> { order(contacted_at: :asc) }
    scope :order_created_at_desc, -> { order(created_at: :desc) }
100
    scope :with_tags, -> { preload(:tags) }
101

102
    validate :tag_constraints
103
    validates :access_level, presence: true
104
    validates :runner_type, presence: true
105

106 107 108 109 110
    validate :no_projects, unless: :project_type?
    validate :no_groups, unless: :group_type?
    validate :any_project, if: :project_type?
    validate :exactly_one_group, if: :group_type?

Douwe Maan's avatar
Douwe Maan committed
111 112
    acts_as_taggable

113 114
    after_destroy :cleanup_runner_queue

115
    cached_attr_reader :version, :revision, :platform, :architecture, :ip_address, :contacted_at
116

117 118
    chronic_duration_attr :maximum_timeout_human_readable, :maximum_timeout,
        error_message: 'Maximum job timeout has a value which could not be accepted'
119

120 121 122 123
    validates :maximum_timeout, allow_nil: true,
                                numericality: { greater_than_or_equal_to: 600,
                                                message: 'needs to be at least 10 minutes' }

124 125 126 127 128 129 130 131 132 133 134 135
    # Searches for runners matching the given query.
    #
    # This method uses ILIKE on PostgreSQL and LIKE on MySQL.
    #
    # This method performs a *partial* match on tokens, thus a query for "a"
    # will match any runner where the token contains the letter "a". As a result
    # you should *not* use this method for non-admin purposes as otherwise users
    # might be able to query a list of all runners.
    #
    # query - The search query as a String
    #
    # Returns an ActiveRecord::Relation.
Douwe Maan's avatar
Douwe Maan committed
136
    def self.search(query)
137
      fuzzy_search(query, [:token, :description])
Douwe Maan's avatar
Douwe Maan committed
138 139
    end

Alessio Caiazza's avatar
Alessio Caiazza committed
140 141 142 143
    def self.contact_time_deadline
      ONLINE_CONTACT_TIMEOUT.ago
    end

144 145 146 147 148 149 150 151
    def self.order_by(order)
      if order == 'contacted_asc'
        order_contacted_at_asc
      else
        order_created_at_desc
      end
    end

Douwe Maan's avatar
Douwe Maan committed
152
    def assign_to(project, current_user = nil)
153
      if instance_type?
154
        self.runner_type = :project_type
155 156
      elsif group_type?
        raise ArgumentError, 'Transitioning a group runner to a project runner is not supported'
157 158
      end

159 160 161 162 163 164 165 166 167
      begin
        transaction do
          self.projects << project
          self.save!
        end
      rescue ActiveRecord::RecordInvalid => e
        self.errors.add(:assign_to, e.message)
        false
      end
Douwe Maan's avatar
Douwe Maan committed
168 169 170
    end

    def display_name
171
      return short_sha if description.blank?
Douwe Maan's avatar
Douwe Maan committed
172 173 174 175

      description
    end

176
    def online?
177
      contacted_at && contacted_at > self.class.contact_time_deadline
178 179 180 181 182 183 184 185 186 187 188 189
    end

    def status
      if contacted_at.nil?
        :not_connected
      elsif active?
        online? ? :online : :offline
      else
        :paused
      end
    end

Douwe Maan's avatar
Douwe Maan committed
190 191 192 193
    def belongs_to_one_project?
      runner_projects.count == 1
    end

194
    def assigned_to_group?
195
      runner_namespaces.any?
Alexis Reigel's avatar
Alexis Reigel committed
196 197
    end

198
    def assigned_to_project?
Alexis Reigel's avatar
Alexis Reigel committed
199 200 201
      runner_projects.any?
    end

202
    def can_pick?(build)
203
      return false if self.ref_protected? && !build.protected?
Shinya Maeda's avatar
Shinya Maeda committed
204

205
      assignable_for?(build.project_id) && accepting_tags?(build)
206 207
    end

Douwe Maan's avatar
Douwe Maan committed
208 209 210 211 212
    def only_for?(project)
      projects == [project]
    end

    def short_sha
Kamil Trzcinski's avatar
Kamil Trzcinski committed
213
      token[0...8] if token
Douwe Maan's avatar
Douwe Maan committed
214
    end
215 216 217 218

    def has_tags?
      tag_list.any?
    end
219

220
    def predefined_variables
221 222 223 224
      Gitlab::Ci::Variables::Collection.new
        .append(key: 'CI_RUNNER_ID', value: id.to_s)
        .append(key: 'CI_RUNNER_DESCRIPTION', value: description)
        .append(key: 'CI_RUNNER_TAGS', value: tag_list.to_s)
225 226
    end

Kim "BKC" Carlbäcker's avatar
Kim "BKC" Carlbäcker committed
227
    def tick_runner_queue
228
      SecureRandom.hex.tap do |new_update|
Kamil Trzcinski's avatar
Kamil Trzcinski committed
229
        ::Gitlab::Workhorse.set_key_and_notify(runner_queue_key, new_update,
230
          expire: RUNNER_QUEUE_EXPIRY_TIME, overwrite: true)
231
      end
232 233
    end

Kim "BKC" Carlbäcker's avatar
Kim "BKC" Carlbäcker committed
234
    def ensure_runner_queue_value
Kamil Trzcinski's avatar
Kamil Trzcinski committed
235 236 237
      new_value = SecureRandom.hex
      ::Gitlab::Workhorse.set_key_and_notify(runner_queue_key, new_value,
        expire: RUNNER_QUEUE_EXPIRY_TIME, overwrite: false)
Kim "BKC" Carlbäcker's avatar
Kim "BKC" Carlbäcker committed
238 239
    end

240
    def runner_queue_value_latest?(value)
Kim "BKC" Carlbäcker's avatar
Kim "BKC" Carlbäcker committed
241
      ensure_runner_queue_value == value if value.present?
242 243
    end

244
    def update_cached_info(values)
245
      values = values&.slice(:version, :revision, :platform, :architecture, :ip_address) || {}
246
      values[:contacted_at] = Time.now
247

248
      cache_attributes(values)
249

Kamil Trzciński's avatar
Kamil Trzciński committed
250 251
      # We save data without validation, it will always change due to `contacted_at`
      self.update_columns(values) if persist_cached_data?
252 253
    end

254
    def pick_build!(build)
255 256 257 258 259
      if can_pick?(build)
        tick_runner_queue
      end
    end

260 261 262 263
    def uncached_contacted_at
      read_attribute(:contacted_at)
    end

264 265
    private

266
    def cleanup_runner_queue
267
      Gitlab::Redis::Queues.with do |redis|
268 269 270 271
        redis.del(runner_queue_key)
      end
    end

Kim "BKC" Carlbäcker's avatar
Kim "BKC" Carlbäcker committed
272
    def runner_queue_key
273
      "runner:build_queue:#{self.token}"
274 275
    end

276 277 278
    def persist_cached_data?
      # Use a random threshold to prevent beating DB updates.
      # It generates a distribution between [40m, 80m].
279

280 281 282 283 284 285 286
      contacted_at_max_age = UPDATE_DB_RUNNER_INFO_EVERY + Random.rand(UPDATE_DB_RUNNER_INFO_EVERY)

      real_contacted_at = read_attribute(:contacted_at)
      real_contacted_at.nil? ||
        (Time.now - real_contacted_at) >= contacted_at_max_age
    end

287
    def tag_constraints
288 289 290 291 292
      unless has_tags? || run_untagged?
        errors.add(:tags_list,
          'can not be empty when runner is not allowed to pick untagged jobs')
      end
    end
293

294
    def assignable_for?(project_id)
295
      self.class.owned_or_instance_wide(project_id).where(id: self.id).any?
296 297
    end

298 299
    def no_projects
      if projects.any?
300
        errors.add(:runner, 'cannot have projects assigned')
301 302 303 304 305
      end
    end

    def no_groups
      if groups.any?
306 307 308 309 310 311 312 313 314 315 316 317 318
        errors.add(:runner, 'cannot have groups assigned')
      end
    end

    def any_project
      unless projects.any?
        errors.add(:runner, 'needs to be assigned to at least one project')
      end
    end

    def exactly_one_group
      unless groups.one?
        errors.add(:runner, 'needs to be assigned to exactly one group')
319
      end
320
    end
321

322 323
    def accepting_tags?(build)
      (run_untagged? || build.has_tags?) && (build.tag_list - tag_list).empty?
324
    end
Douwe Maan's avatar
Douwe Maan committed
325 326
  end
end