Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/api/ci/helpers/runner.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/ci/helpers/runner.rb')
-rw-r--r--lib/api/ci/helpers/runner.rb30
1 files changed, 4 insertions, 26 deletions
diff --git a/lib/api/ci/helpers/runner.rb b/lib/api/ci/helpers/runner.rb
index 269f2fa7ddc..be4d82bc500 100644
--- a/lib/api/ci/helpers/runner.rb
+++ b/lib/api/ci/helpers/runner.rb
@@ -53,7 +53,7 @@ module API
# HTTP status codes to terminate the job on GitLab Runner:
# - 403
- def authenticate_job!(require_running: true, heartbeat_runner: false)
+ def authenticate_job!(heartbeat_runner: false)
job = current_job
# 404 is not returned here because we want to terminate the job if it's
@@ -66,10 +66,7 @@ module API
forbidden!('Project has been deleted!') if job.project.nil? || job.project.pending_delete?
forbidden!('Job has been erased!') if job.erased?
-
- if require_running
- job_forbidden!(job, 'Job is not running') unless job.running?
- end
+ job_forbidden!(job, 'Job is not running') unless job.running?
# Only some requests (like updating the job or patching the trace) should trigger
# runner heartbeat. Operations like artifacts uploading are executed in context of
@@ -87,9 +84,9 @@ module API
end
def authenticate_job_via_dependent_job!
- forbidden! unless current_authenticated_job
+ authenticate!
forbidden! unless current_job
- forbidden! unless can?(current_authenticated_job.user, :read_build, current_job)
+ forbidden! unless can?(current_user, :read_build, current_job)
end
def current_job
@@ -106,21 +103,6 @@ module API
end
end
- # TODO: Replace this with `#current_authenticated_job from API::Helpers`
- # after the feature flag `ci_authenticate_running_job_token_for_artifacts`
- # is removed.
- #
- # For the time being, this needs to be overridden because the API
- # GET api/v4/jobs/:id/artifacts
- # needs to allow requests using token whose job is not running.
- #
- # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83713#note_942368526
- def current_authenticated_job
- strong_memoize(:current_authenticated_job) do
- ::Ci::AuthJobFinder.new(token: job_token).execute
- end
- end
-
# The token used by runner to authenticate a request.
# In most cases, the runner uses the token belonging to the requested job.
# However, when requesting for job artifacts, the runner would use
@@ -151,10 +133,6 @@ module API
{ config: attributes_for_keys(%w(gpus), params.dig('info', 'config')) }
end
- def request_using_running_job_token?
- current_job.present? && current_authenticated_job.present? && current_job != current_authenticated_job
- end
-
def metrics
strong_memoize(:metrics) { ::Gitlab::Ci::Runner::Metrics.new }
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 07:42:51 +0300