-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Proposal] Support reusable Registration Token
of runners
#25041
Comments
Would not introduce a new struct, but extend current struct with a boolean |
Maybe not make it a modal, but a separate page that can be linked to, etc. Someone recently linked this in discord 😆. |
I have different ideas. I think we can just keep it simple.
BTW, I think you may misunderstand "registration token"( See gitea/routers/api/actions/runner/runner.go Lines 67 to 80 in 2d0ff00
Agree with |
Yes, I had been suggesting a checkbox too. Would name it "Permanent". To manage tokens, add Actions -> Tokens to manage them with a table view. Non-permanent tokens should show up in the table, but be automatically deleted upon use. To avoid generating trash tokens every time this menu is opened, I suggest a explicit "Generate" button, which then could link to a single-token page, or popup with instructions how to use. |
This would be great. I've got a starting point for a helm chart for gitea-runner but can't scale it out beyond 1 runner, or delete and recreate the pod |
This needs to be done for any sort of autoscaling. |
While I'm a strong proponent of this proposal, autoscaling would also be made possible (though involving greater effort than if this proposal were accepted) if this PR (and subsequently the org-level and global variants) were merged. |
please add this feature anyways. its perfect for docker stacks! |
I sent #27143 to try to fix this one. I just have a simple design to reuse |
… Token generation easier (#27143) Partially Fix #25041 This PR redefined the meaning of column `is_active` in table `action_runner_token`. Before this PR, `is_active` means whether it has been used by any runner. If it's true, other runner cannot use it to register again. In this PR, `is_active` means whether it's validated to be used to register runner. And if it's true, then it can be used to register runners until it become false. When creating a new `is_active` register token, any previous tokens will be set `is_active` to false.
… Token generation easier (go-gitea#27143) Partially Fix go-gitea#25041 This PR redefined the meaning of column `is_active` in table `action_runner_token`. Before this PR, `is_active` means whether it has been used by any runner. If it's true, other runner cannot use it to register again. In this PR, `is_active` means whether it's validated to be used to register runner. And if it's true, then it can be used to register runners until it become false. When creating a new `is_active` register token, any previous tokens will be set `is_active` to false.
… Token generation easier (#27143) (#27304) Backport #27143 by @lunny Partially Fix #25041 This PR redefined the meaning of column `is_active` in table `action_runner_token`. Before this PR, `is_active` means whether it has been used by any runner. If it's true, other runner cannot use it to register again. In this PR, `is_active` means whether it's validated to be used to register runner. And if it's true, then it can be used to register runners until it become false. When creating a new `is_active` register token, any previous tokens will be set `is_active` to false. Co-authored-by: Lunny Xiao <[email protected]>
Background
Currently, the
Registration Token
obtained in the UI becomes invalid immediately after registering a runner, making it impossible to reuse. However, it is annoying that not having reusbale annoying in some auto-scaling environments.Here are some related issues::
In fact, we already have related PRs that enable Gitea to provide the ability to generate Tokens via the command line or API:
But I believe it would be more convenient to have a reusable token. Of course, it would also be necessary to provide the ability to invalidate Tokens in real-time to prevent misuse.
Solution
Add the following fields to the table:
In the UI, users can create
reusable tokens
and view them in a list. In the list, they can enable, disable, or delete tokens at any time.When Gitea receives a runner registration request, it first checks if the token is a reusable token. If it is, a normal token is generated for the runner and returned. This normal token will be written to the
.runner
file. At the same time, the normal token inherits theowner_id
andrepo_id
from the reusable token and is stored in the database.As mentioned in this comment,we should also provide the ability to deregister runners:
To achieve this, we need to add the following to the protocol buffer:
Benefits
Site Administration
,Repo Settings
, orOrg Settings
, defining the scope of runners that use this reusable token. This is consistent with the previous token logic.The text was updated successfully, but these errors were encountered: